Ultimate Resource For Crypto-Currency’s Privacy And Scalability Upgrades (#GotBitcoin?)
Bitcoin’s consensus layer has remained unchanged for over two years now. Since Segregated Witness (SegWit), which activated in August 2017, no hard fork or soft fork protocol upgrades have been deployed at all*, marking Bitcoin’s longest stretch without consensus forks so far. Ultimate Resource For Crypto-Currency’s Privacy And Scalability Upgrades (#GotBitcoin?)
But this stretch may soon come to an end: several backward-compatible soft forks are currently in development. Optimistically, some of them may go live in 2020 — if they gather sufficient support from the Bitcoin ecosystem.
These could be Bitcoin’s protocol upgrades in the new year … or perhaps in the new decennium.
Schnorr signatures are considered by many cryptographers to be the best type of cryptographic signatures in the field. They offer a strong level of correctness, do not suffer from malleability, are relatively fast to verify and, perhaps most interestingly, allow for math to be performed with them. To name one concrete benefit for Bitcoin: Several signatures can be aggregated into a single signature, which could, for example, economically incentivize privacy-enhancing CoinJoin transactions.
Adding Schnorr signatures to the Bitcoin protocol has been a work in progress for some time now. But over the past year, developers working on a Schnorr signatures proposal, like Blockstream developers Pieter Wuille and Jonas Nick and Xapo’s Anthony Towns, revealed even more ambitious plans. Schnorr signatures will be proposed as part of a bigger soft fork protocol upgrade called Taproot, a proposal by Bitcoin Core contributor Gregory Maxwell, which was itself inspired by an older proposal called MAST (Merkelized Abstract Syntax Tree).
(Fractions of) bitcoin can be locked up in such a way that they can be spent under several different conditions, for example requiring timelocks, secret numbers of several participants to agree to unlock the coins. With MAST, all the different conditions are hashed and included in a Merkle Tree: a compact cryptographic data structure. The coins would then essentially be locked up in the final hash of this Merkle Tree, the Merkle Root. To spend the coins, you only need to reveal the condition you end up using. The alternative ways in which the coins could have been unlocked remain hidden forever.
Taproot, then, is based on an interesting realization: No matter how complex, almost any MAST-construction could (or should) include a condition that allows all participants to agree on the outcome and sign off on a settlement transaction together. This “cooperative close” would override all other conditions.
Taproot leverages this realization and utilizes Schnorr signatures to make the cooperative close look like a regular transaction. Simplified, the cooperative close would be done with an aggregated signature, which looks just like a regular signature. In doing so, the MAST-construction remains completely hidden to the outside world! This benefits privacy and efficiency.
Taproot may also come with an updated version of Bitcoin’s programming language, Script, called Tapscript. This would also make it easier to add new features (“OP codes”) to Bitcoin’s programming language later on.
Bitcoin’s Taproot Upgrade Won’t Help Privacy Where It Matters
The activation of Bitcoin’s (BTC) Taproot upgrade is moving forward as official Bitcoin Improvement Proposals (BIP) were submitted for review on Jan. 24. Even though Taproot is often hyped up for its privacy improvements, its true impact is likely to be very minor.
What Is Taproot?
Taproot is the name given to a proposal coined by former Blockstream CTO Gregory Maxwell in January 2018. The actual implementation was later developed by a team of Bitcoin contributors led by Pieter Wuille. Taproot is a proposal that enhances Bitcoin’s scripts, a set of instructions attached to each transaction that explains how the funds can be used.
In its simplest form, a Bitcoin transaction is secured by the recipient’s public key, which guarantees that only he can spend them. Scripts can support more complicated features, like timelocks and multi-signature requirements. The former can restrict money to only be spent after a certain point in time. The latter makes it possible to create wallets with multiple owners.
The conditions can be added together, so that there would be multiple options on how to spend the money. For example, the script might say that the funds can be moved immediately if three people agree, or after five days if only two of them do.
In Bitcoin’s current implementation, the full scope of the smart contract needs to be revealed when its beneficiary wants to use the money. That means that if only one of the conditions was triggered, everyone would know that there were others.
Taproot removes the need to publish the entire script, and only shows the condition that was triggered. In addition, multi-signature contracts where all parties agreed on a transaction can avoid revealing the fact that there was a script at all. To an external observer it would look like an individual wallet-to-wallet transaction, assuming the parties involved are in full cooperation.
This is made possible by a different feature called Schnorr signatures, which is encoded in BIP 340. Schnorr is considered a more secure and efficient version of elliptic curve cryptography, which is what underpins the system driving private and public keys.
The proposal is currently under evaluation, but there are no estimates available for its activation.
Limited Benefits To Privacy
Bitcoin is a fully public ledger, which allows specialized tools to track the flow of BTC from one wallet to the next. Thus, a protocol named CoinJoin (CJ) was developed to help break the chain of transactions and provide anonymity.
As it uses a peculiar transaction scheme, it is easy to prove that a certain wallet mixed Bitcoin through CoinJoin. This has recently started to create problems for users.
As previously reported by Cointelegraph in December, a Binance user was put under investigation for his history of mixing the coins he withdrew from the exchange. A similar case involving Paxos was recently reported by a Twitter user.
Taproot is often mistakenly believed to make CoinJoin transactions harder to see, or even make them indistinguishable from normal payments. In a conversation with Cointelegraph, Pieter Wuille revealed that this is not the case:
“Indeed, it [Taproot] hides scripts and makes multisig (often) indistinguishable. It does not directly do anything for CoinJoin.”
Wuille then added that Taproot is “certainly no silver bullet” for privacy.
The confusion may have arisen due to an initially planned feature called cross-input aggregation. It was later removed from the Taproot proposal due to potential issues from its implementation. Furthermore, Wuille clarified that it would not directly improve privacy:
“Cross-input aggregation won’t hide CJ or anything else. It’s not a privacy improvement, only an efficiency one (which may indirectly encourage CJ by making it cheaper, but even then, it won’t reduce the ability to recognize such transactions as CJ).”
Thus, Taproot only improves privacy in limited aspects and under specific conditions. For a person using Bitcoin to buy drugs from a darknet market, there is no benefit.
Privacy On Ethereum: Aztec Protocol Launches On Mainnet
The Aztec privacy network has officially launched on the Ethereum blockchain on Feb. 1. Using Zcash-based technology, it introduces confidential tokens where all amounts are cryptographically hidden.
The network is currently in limited deployment as it only supports zkDai, a private version of Maker’s stablecoin. Other zero knowledge tokens are set to be released in the coming weeks, while full access to custom token creation will be granted in two months, the company says.
The Aztec protocol, just like Zcash (ZEC), uses Zk-SNARKs to validate encrypted transactions. When generating a transfer, a proof of correctness is generated as the amount gets encrypted.
The system hinges on Aztec’s Cryptography Engine smart contract, which can be used to validate the transactions. The contract is based on a system of “notes,” which are generally used in a Bitcoin-like structure of inputs and outputs. Unlike Zcash, however, Aztec currently does not hide the money’s sender and recipient.
Like Zcash, Aztec needed to conduct a trusted setup ceremony. This is a key requirement for all zk-SNARK implementations, as it generates a set of common parameters to ensure efficient computation.
Future Developments Would Make Smart Contracts Private
Aztec’s goal is to deliver its “Triptych of privacy,” which would completely hide a particular portion of the Ethereum blockchain. The next step is to hide senders and recipients, while the final achievement is making smart contracts completely private.
Aztec’s CEO Thomas Walton-Pocock revealed to Cointelegraph that this may occur as early as this year:
“Our priority is to deploy PLONK to ACE in 2020. PLONK is the superfast Universal SNARK developed by AZTEC CTO Zac Williamson and AZTEC Chief Scientist Ariel Gabizon, which will eventually allow private smart contracts to execute with just one trusted setup.”
Authorities Arrest Ohio Man For Laundering $300M In Crypto On The Dark Web (A Good Case For Built-in Bitcoin Privacy)
Authorities recently took an Ohio local into custody recently for accusations of running an unlawful money laundering outfit on the Dark Web.
The alleged operator of an illegal business called Helix, Larry Harmon faces accusations of money laundering and running a money transference venture without proper licensing, the Department of Justice, or DoJ, detailed on Feb. 13.
Harmon Ran Helix For Years
The 36-year old Ohio native reportedly started up Helix in 2014, taking the endeavor all the way to crypto’s hay day in 2017.
The DoJ explained:
“Helix functioned as a bitcoin ‘mixer’ or ‘tumbler,’ allowing customers, for a fee, to send bitcoin to designated recipients in a manner that was designed to conceal the source or owner of the bitcoin.”
Per the allegations, Harmon attracted users by touting the ability to hide fund transfers from the government’s watchful eye. As part of his dealings, Harmon also operated a Dark Web search tool called Grams.
The Ohio Man Was In Deep
Harmon’s supposed endeavors naturally tied him to other Dark Web illegalities. “Helix allegedly laundered hundreds of millions of dollars of illicit narcotics proceeds and other criminal profits for Darknet users around the globe,” Assistant Attorney General for the DoJ’s Criminal Division Brian Benczkowski said in the statement.
IRS Criminal Investigation Head Don Fort Added:
“The sole purpose of Harmon’s operation was to conceal criminal transactions from law enforcement on the Darknet, and because of our growing expertise in this area, he could not make good on that promise. Working in tandem with other sites, he sought to be the ‘go-to’ money launderer on the Darknet, but our investigators once again played the role of criminal disrupters, unraveling the interlinked web from one tentacle to another.”
Charges include that Harmon’s Helix outfit transferred more than 350,000 Bitcoin — worth upward of $300 million at the time. The illegal entity also powered money laundering activities for users of AlphaBay, a highly trafficked Dark Web vendor, the DoJ detailed.
The DoJ pointed out, however, that the charges provided are still considered alleged activities until definitive guilt is proven.
Privacy Altcoin Beam To Execute Second Hard Fork In June 2020
After successfully completing its first hard fork in August 2019, privacy coin Beam plans to execute its second hard fork in June 2020.
Privacy-focused altcoin, Beam (BEAM), will soon execute its second hard fork. This fork will upgrade its Proof-of-Work (PoW) algorithm and activate new network features.
According to an April 22 blog post, Beam’s second fork will occur at block 777,777, shifting the network’s PoW algorithm from BeamHash II to BeamHash III.
The new PoW algorithm is expected to be a major improvement to the Beam mining network, and will enable fuller GPU card capabilities. Additionally, the firm said that the hard fork is designed to unlock some new features like confidential assets, one-sided payments, and the support of privacy protocol, Lelantus Mimblewimble.
Users Need To Upgrade Beam Software Before The Fork In Late June
Beam’s second hard fork is expected to take place on June 28, 2020. The testnet fork is anticipated to happen a few weeks earlier, Beam advisor, Guy Corem, noted in the Beam Telegram channel. Corem elaborated that the testnet fork date depends on block times.
According to the announcement, the hard fork will not require any other actions beyond a software upgrade from Beam users. As such, Beam is planning to release the node and desktop wallet binaries by the end of May, providing users with about 30 days to upgrade to the latest version. Compatible releases of node, wallet, and miner will be versioned Eager Electron 5.0, Beam noted.
Specifically, Beam wallets earlier than version 5.0 will stop working after the hard fork is completed. However, users will still be able to upgrade the wallets to the new version to access their funds, Corem said.
Beam’s First Hard Fork Took Place In August 2019
As officially announced, Beam successfully completed its first hard fork on August 19, 2019. This fork changed the mining algorithm from Beam Hash I to Beam Hash II at block 321,321. After the hard fork occurred, the Beam team reported a significant drop in mining difficulty. This was caused by some miners not performing a timely upgrade.
The Beam mainnet was launched on Bitcoin’s (BTC) tenth birthday, Jan. 3, 2019. Beam is a privacy-oriented cryptocurrency, like Monero (XMR) or Zcash (ZEC), and is based on a privacy protocol known as Mimblewimble. As reported in late 2019, Dragonfly Research analyst, Ivan Bogatyy, believes that the Mimblewimble protocol should not be considered a “viable alternative to Zcash or Monero when it comes to privacy” due to an unfixable privacy breach.
In March, Litecoin (LTC) and Grin (GRIN) developer, David Burkett, predicted that Litecoin will launch its Mimblewimble testnet before the end of summer.
Zcash Fully Shielded Transactions Jump 70% To New Record In April
The Zcash network has recorded a 70% jump in fully shielded transactions, marking a new record for April of over 8,700. This compounds gains of 100% made in March.
The number of fully shielded transactions recorded on the Zcash (ZEC) network leaped up almost 70% in April to hit a new record of over 8,700.
According to a May 1 tweet from the ZcashCommunity account, this represented 6% of the total transactions, which was also a record proportion historically.
April’s gains followed an equally impressive March, which itself saw a 100% increase in transactions over February. In total, the jump from February’s 2,430 fully private transactions to the 8,721 in April represents an increase of over 250%.
In contrast, it took three years for fully shielded transactions to break through the 2,000 per-month level, which only happened in November last year.
15% of Zcash Transactions Had Some Element Of Shielding
While 6% of the total transactions may not seem like an awful lot, this only includes those which were fully shielded. When considering all transactions with some shielded component, this goes up to 23,676, or 15% of the total.
Zcash supports two types of address: z-addr, which are shielded, and t-addr, which are transparent. Transactions between t-addr types are fully transparent, and can be viewed on the blockchain in the same way as Bitcoin (BTC) transactions.
Transactions between two z-addresses are fully shielded, and transactions between the two address types can be either shielding (t to z) or deshielding (z to t). It is worth noting that all of these three transaction types with a shielded component add to the privacy of the network.
Why Such A Big Increase Now?
Cointelegraph reached out to Zcash developer Electric Coin Company to see if it had any insight into the latest jump in figures, but had not received a response at press time.
However, it has recently become a lot easier for Zcash users to use shielded transactions. In early April, Guarda released its wallet app for Shielded ZEC. This now joins Zecwallet Lite, which was launched last November, and defaults to sending private transactions by shielding any transparent ZEC sent to it.
Zcash was also added as a perpetual contract option on Binance’s futures platform in February. This coincides with the point at which shielded transaction numbers started to go up dramatically.
Litecoin Mimblewimble Integration Sees Test Build And Codebase Progress
Litecoin and Grin++ developer, David Burkett, has posted an April progress update on Litecoin’s Mimblewimble integration, claiming that a testing framework has been built and codebase integration has started.
The lead developer on the Litecoin Mimblewimble (MW) project, David Burkett, has now built a functional testing framework and started to integrate the development work done so far into the Litecoin codebase.
According to a May 1 report on the Litecointalk forums, the project to implement the MW privacy enhancements into Litecoin has reached an important milestone with the build of a test-bed. Burkett claims that he has also run some end-to-end validation tests through the framework.
“I’ve built out a functional testing framework that builds valid headers, blocks, and transactions. I’ve now got some (mostly) complete end-to-end block validation tests,” he said.
As Cointelegraph reported in March, Burkett predicted that MW would be running on the Litecoin testnet by the end of the summer. This is a significant step towards that goal.
Burkett has also begun to integrate his work with the Litecoin codebase, initially focusing on the ConnectBlock logic. This part of the code validates blocks before adding them to the chain.
While Burkett was still unsure as to which specific area to tackle next, he did state that his high-level plan involved continued codebase integration and “lots more testing.”
Burkett also gave an update on his other project, Grin++, which has just achieved release candidate v1.0.0 status, marking its “first non-beta version.” Grin++ featured the first implementation of the Mimblewimble privacy protocol, back in January 2019.
Mimblewimble was first revealed in 2016 when its white paper — authored by an individual acting under the pen name Tom Elvis Jedusor — appeared on a Bitcoin research channel.
The protocol aims to improve blockchain privacy, scalability, and fungibility by combining transactions in a CoinJoin. As a result, blocks on the network comprise a list of all input, output, and signature data, which obscure transaction data for any third party monitoring the network.
Taproot doesn’t appear to be very contentious, though developers are still discussing implementation details.
18 Months In, Few People Use, Mine or Buy Privacy Coin Grin
Despite launching with considerable fanfare in early 2019, grin, the first cryptocurrency to test privacy protocol MimbleWimble, is showing no signs of life.
At its launch, professional investors poured funding — by some estimates, $100 million — into mining the cryptocurrency, with some even calling it a sort of “Bitcoin 2.0”.
Privacy without sacrificing scalability is the primary advantage of MimbleWimble, according to grin developers. The first grin coins were also issued via a so-called “fair launch” whereby, similar to bitcoin, all coins are minted by miners instead of being generated prior to the network going live.
“Grin was probably the most crowded venture capital trade of 2019,” said Ryan Gentry, lead analyst at Multicoin Capital.
On-chain data suggests once-eager investors soured on the young cryptocurrency. Grin’s hash power, a measure of computing resources devoted to securing the network, and mining difficulty, which gauges the amount of power required to mine, started to collapse in August 2019. After nine consecutive months of decline, the trend shows no sign of reversing.
Grin’s planned hard forks, or systemwide upgrades, could also be responsible for its declining network activity. Every six months, the network executes these upgrades that change grin’s mining algorithm to deter expensive, specialized mining equipment from dominating its hash power.
After the first fork, grin’s hashrate and difficulty climbed, but the second fork coincided with the steepest hashrate decline in the network’s short history. Grin is preparing for yet another drop in hashrate after a third next fork scheduled for July.
Even grin’s transaction count, a metric that could be easily manipulated to mask the network’s declining use, has dropped roughly 20% year to date, according to Coin Metrics. This smaller drop follows a more than 70% decrease in daily transactions through February and March 2019.
Grin developers say the cryptocurrency isn’t designed to cater to short-term speculative investors.
“Cryptocurrency is mostly a speculation game,” said grin developer John Tromp. “Grin is hurt in the short term by being speculation-unfriendly.”
Adding to grin’s woes, San Francisco-based Dragonfly Capital published research six months ago describing an “attack” that could reveal the identities of 96% of active grin users.
To date, the grin team has not fixed the vulnerability.
Ivan Bogatyy, who wrote the report, said grin’s core developers are “among the strongest engineers in the space.” However, they “faced a very hard cold-start problem with incumbents” such as monero (XMR) and zcash (ZEC) due to grin’s lack of “a robust privacy mechanism” to challenge leading privacy cryptocurrencies.
According to the people behind grin, Bogatyy’s report contains “many logical leaps” and the anonymity exploit is a known and “well-documented” problem.
Traders Are Not Grinning
Traders also seemed to have lost interest in grin. Since last June, the privacy currency’s price — quoted in dollars and bitcoin — has only dropped.
When it first launched, for example, New York City-based crypto fund Iterative Capital briefly supported grin on its over-the-counter trading desk and considered mining. But it didn’t take long for the firm to lose interest.
“Buying demand was so low and the technology was in such an incipient form that we quickly stopped bothering,” said Iterative Capital’s founder and managing partner Chris Dannen.
Grin launched during an “altcoin bear market,” said grin developer David Burkett. That the price has “so far only moved downward” is a “very similar movement to many coins launched at the same time.”
Every new cryptocurrency struggles to gain adoption early on. But for the privacy currency that promised to be the next big thing, replacing speculators with real users has proven to be an uphill battle.
Developers of Ethereum Privacy Tool Tornado Cash Smash Their Keys
Ethereum’s premier coin mixing service is now permissionless.
Tornado Cash, a privacy tool for obfuscating the history of ether (ETH) transactions, completed a cryptographic process known as a trusted setup ceremony on May 10 followed by a contract update on Monday to create perpetually self-executing code.
“With a record 1,114 contributions this was by far the largest Trusted Setup Ceremony to date,” Tornado Cash wrote in a May 13 blog post. “By comparison, all other trusted setup ceremonies had less than 200 participants.”
The ceremony, relying on a cryptographic method known as multi-party computation (MPC), makes Tornado Cash “completely trustless and unstoppable,” co-founder Roman Storm said in an interview with CoinDesk.
Tornado Cash v1 first launched in August 2019 but remained an audited “experimental software” because the developers retained control over user funds through a multi-sig wallet.
With v2, all that is gone. The MPC and Monday’s contract update effectively break up the developer key by creating a crowdsourced smart contract without a private key.
Techwise, Tornado Cash leans on zero-knowledge proofs (ZKP), or mathematical evidence that a transaction occurred without revealing the information within the payment itself.
Tornado Cash joins two other ZKP-based Ethereum systems, Aztec and EY’s Nightfall. As reported by CoinDesk, privacy protocol Aztec launched a network on Ethereum for digital assets, beginning with dai, while EY also released a business-focused privacy solution for Ethereum transactions in October 2018.
Tornado Cash is more readily compared to existing coin mixers on Bitcoin because of its retail focus. CoinJoin developers Samourai and Wasabi have brought mixing to retail bitcoin investors, with Samourai available on Google Play as of February (a feature coming in Tornado Cash’s v3, Storm said).
Of course, there are other cryptocurrencies that only focus on privacy solutions, led by zcash (ZEC) and monero (XMR). The Electric Coin Company (ECC), a for-profit firm behind zcash’s development, is currently working on a bridge between itself and the Ethereum blockchain for enabling private transactions.
Just How Private?
For Tornado Cash, two questions remain: How many people will use it and how will regulators view it?
To the first, Samourai adoption after its mobile launch gives a positive signal. Bitcoin podcaster Matt Odell told CoinDesk the number of mixings on Samourai doubled month-over-month following the addition of mobile support.
That said, bitcoin (BTC) is often presented as a self-sovereign money alternative while ether’s prevailing use case has fluctuated.
Defining what ether is matters, particularly for Tornado Cash. The efficacy of a privacy protocol – from Zcash to Wasabi – is dependent on the number of users, called the anonymity set. Think of a ballpark crowd: If the stands are full of fans, it’s hard to pick out a singular person in the upper deck. Conversely, an empty stadium only helps frame the lone fanatic.
Maddie Kennedy, spokesperson for blockchain analytics firm Chainalysis, said Tornado Cash may not be the solution privacy-focused users may think it is. “While mixers, CoinJoins and solutions like Tornado Cash can make tracing funds more difficult, Chainalysis can often still follow funds through them,” Kennedy told CoinDesk in an email.
That sentiment was echoed by former bitcoin core contributor Gavin Andresen in a November blog post on Tornado Cash, highlighting additional measures such as IP-address masking that most users don’t consider.
“I won’t be surprised if there is a paper at the Financial Cryptography 2023 conference showing that 85% of tornado usage was not private; not because the cryptography is broken, but because it is really hard for mere mortals to use something like tornado (or CoinJoin or other similar technologies) in a way that doesn’t leak information about their wallet,” Andresen wrote.
There’s also compliance concerns, with the verdict still out on whether mixers are money transmitters or not.
In an email, the Financial Crimes Enforcement Network (FinCEN) told CoinDesk that mixers such as Tornado Cash could fall under the definition of a money transmitter, and therefore have “obligations” set by the Bank Secrecy Act (BSA).
For his part, Tornado Cash’s Storm said that now that the trusted setup has occurred, little can be pinned on the developers: self-executing code is self-executing code.
That doesn’t mean Storm and co-founder Roman Semenov are wanting to venture beyond the wake. In fact, Tornado Cash included a compliance feature with v2 to counter some regulatory concerns. The new version will include a cryptographic “note” which can prove to anyone presented the transaction’s history. The feature was added in light of reports of crypto exchanges freezing accounts of users who possessed coins with mixed histories.
Storm also pointed to the ECC’s and Zcash Foundation’s friendly relationship with U.S. regulators despite the cryptocurrency’s focus on privacy.
“We are in a little bit of a different situation [than other mixer wallets]. I think for us it’s very important to become compliant,” Storm said. “We do what we feel is right.”
Researchers Claim 99.9% of Zcash Transactions Are Traceable
A study into the traceability of top privacy coins reveals over 99% of Zcash users fail to utilize the protocol’s privacy features.
Researchers from Carnegie Mellon University have released a study into the privacy features of Monero (XMR) and Zcash (ZEC) — arguably the two most-popular crypto assets purporting to offer users anonymity.
The report finds that Monero’s introduction of strict security and anonymity requirements on its broader ecosystem has maintained the asset’s status as “effectively untraceable.”
Transversely, the report concludes that the lack of utilization of Zcash’s privacy capabilities on the part of more than 99% of users undermines the privacy of the overall network despite ZEC offering “strong cryptographic features.”
Zcash User Behavior Undermines Privacy
The report describes Zcash as a Bitcoin (BTC) fork that seeks “to completely break the link between the sender and the receiver.”
The researchers assert that “Zcash is not widely used” currently, citing a May 2020 survey of darknet markets indicating that “it [, Zcash,] is by far not the preferred cryptocurrency on the dark web.”
Through employing zero-knowledge succinct non-interactive arguments of knowledge, or SNARKs, ZEC is able to prevent any interaction between transaction prover and verifier — creating “a barrier that further impedes efforts to link addresses together.”
However, Zcash offers both anonymous shielded and pseudonymous transparent transactions, with the researchers finding that only 0.09% of ZEC transactions within a 30-day period made full use of the protocol’s privacy features.
“[E]ven though cryptographically Zcash is very well-founded, the users behave in a way that does not take full advantage of the shielded pool, making them traceable. As each user in the shielded pool becomes linked to the transparent pool, the overall anonymity of the ZEC ecosystem reduces as the anonymity set shrinks drastically.”
“[I]t seems that the large majority of Zcash users do not yet understand Zcash’s operating model,” the study finds, concluding that the “minuscule” set of ZEC users utilizing shielded transactions renders Zcash “effectively traceable.”
30% of XMR Transactions Found To Be Traceable
The report notes that an increasing number of altcoins have sought to brand themselves as privacy coins, claiming to offer completely private transactions in contrast to the pseudonymous transactions enabled by nearly all crypto assets.
The researchers observe several features of Monero designed to provide untraceability and unlinkability.
One-time use addresses are employed for every transaction output to prevent linkability, while traceability is addressed with one-time ring signatures — a form of zero-knowledge proof, alongside decoy inputs called mixins.
The paper also examines a number of further upgrades introduced to the protocol from 2017 onwards, finding that less than one percent of transactions carried out using XMR over the last two years were traceable according to most methods of analysis employed.
However, one model was still able to reveal transaction inputs with an accuracy of 30%.
Japanese Firm Unveils New Privacy Feature For Bitcoin Wallets
Japanese crypto firm Freessets has announced a new technology to enhance Bitcoin wallet (BTC) privacy.
According to a June 8 announcement, Freessets has created a system that allows wallets to request their addresses’ Bitcoin balances without revealing it to the servers from which they request the balances or transaction history.
The statement said that conventional Bitcoin wallets explicitly ask servers for the balance of their addresses, which links the balance, transactions and addresses. However, “using the technology Fressets has developed, it is mathematically proven that the servers cannot learn anything from the user’s query.”
The Significance Of The Development
Adam Ficsor, chief technical officer at privacy-enhancing Bitcoin wallet Wasabi told Cointelegraph that he is enthusiastic about the development. His firm’s wallet has a similar feature, but he believes Freessets’ implementation requires less bandwidth and is more suitable for mobile devices.
“Any improvement on making privacy more efficient is significant and needed,” he said, but he said he also has a few reservations. Ficsor expects that the firm’s approach will also mean losing transaction history when recovering preexisting wallets and he said that he is not comfortable with Freessets’ decision to develop its technologies in a proprietary fashion.
Human Rights Foundation Funds Bitcoin Privacy Tools Despite ‘Coin Mixing’ Legal Stigma
On one hand, the bitcoin industry has matured to include traditional brokerages and institutional traders. On the other, bitcoin privacy tech is still shrouded in a legal gray zone.
The Human Rights Foundation (HRF) took a strong stance on bitcoin privacy tech Wednesday by announcing its new Bitcoin Developer Fund. The first $50,000 grant from the fund has been awarded to freelance CoinSwap developer Chris Belcher.
CoinSwap, a mixing technique originally invented in 2013 by Greg Maxwell, is part of a comprehensive suite of privacy tools being developed by bitcoin advocates.
“The fund’s next gift, already earmarked for another developer working on strengthening Bitcoin pseudonymity at the network level, will be announced later this summer,” Alex Gladstein, the HRF’s chief strategy officer, said in an email.
HRF will also crowdsource fundraising for such privacy tech, he added, using both dollars and bitcoin, while making it “possible for activists to more safely receive donations, earn income and continue their important work under increased financial pressure.”
Belcher said he hopes to have a primitive testnet available near the end of the year.
“It will be a bit like Lightning, where there’s never a single day when it’s finished, but it slowly gets more and better features and bug fixes until one day you realize it’s everywhere,” Belcher said of CoinSwap, which he plans to keep as an open source hobby project and not a revenue-producing company.
Theoretically, any wallet provider could use the open source code to add the feature to their mobile app or desktop app. Privacy-focused wallets could even use CoinSwap features as another layer to current CoinJoin offerings.
“The bitcoin ecosystem could end up in a bad situation where it’s impossible to accept bitcoin as payment without consulting some centralized blacklist … so I talk a lot about privacy but fungibility is important too,” Belcher said. “Centralization also makes the privacy of the software worse, so I’m less interested in going in that direction … it’s all about tradeoffs.”
Adam Fiscor, co-founder of zkSNACKs, said the next Wasabi Research Club will examine CoinSwaps, though he said it would be premature to comment on it further.
Both CoinSwaps and CoinJoins are a type of non-custodial mixing, which could theoretically be layered as two privacy tools used in the same transaction. CoinSwaps are comparable to atomic swaps, while CoinJoin options typically pool disparate funds together as part of the transaction.
However, some compliance officers at leading analytics companies and crypto exchanges treat mixed bitcoin as inherently suspicious, which influences how legal authorities view the technology as well. It remains to be seen if CoinSwap features will suffer from the same stigmas as the incumbent method, CoinJoin.
The technologists working with bitcoin privacy tech walk a delicate line, and tend to pay their lawyers accordingly.
Attorney Preston Bryne said he would not advise clients to use CoinJoin transactions, which he said is sometimes wrongly associated with money laundering. Many exchanges and wallet companies choose to be safe rather than sorry when it comes to legal battles.
Yet, lawyer Rafael Yakobi said there’s nothing inherently wrong with using this privacy feature, it’s all about how you report it. In the case of wallet providers, this may be possible in non-custodial scenarios where the intermediating startup never controls the assets.
“I’m quite confident that CoinJoin has not yet been mentioned in any piece of legislation. It’s not even mentioned by name in FinCEN’s guidance,” Yakobi said. “The more appropriate question is whether flagging CoinJoin transactions is implicitly required by the relevant regulations. I’m not sure about Europe, but in the U.S. it’s not an objective yes or no answer. Each business is required to formulate best practices designed to comply with the law.”
Over in Europe, it appears the law enforcement agency Europol is wary of the privacy-oriented Wasabi Wallet, because the analytics firm Chainalysis estimated $15 million worth of illicit transactions used the bitcoin wallet’s CoinJoin feature.
Critics like Reckless VR founder Udi Wertheimer and Jon Matonis of Cypherpunk Holdings, the latter of which invested in both the privacy-oriented Samourai Wallet and Wasabi-maker zkSNACKs, say blockchain analytics firms are overestimating the amount of illicit transactions when they flag mixed bitcoin.
“Exchanges, banks and regulators are being sold a false narrative if they believe that this [analytics] technology provides reliable, or more importantly, actionable results,” Matonis said. “It is purely a dangerous game of probabilities and false positives, disingenuously overstated to peddle more forensic services.”
HRF’s Gladstein recently took Elliptic, another blockchain analytics firm, to task for its “surveillance” work. “The tools you’re building regardless of your intentions will be used for policing bitcoin,” Gladstein said during a panel with Elliptic’s Tom Robinson at an event this month. “At the end of the day what you’re doing is warrantless surveillance against people in other countries.”
For his part, Matonis’s investment thesis revolves around the belief the legal community will adopt compliance norms that don’t restrict or criminalize privacy-tech like mixers.
“The concern around mixing technology, or coin hygiene, stems from the flawed thinking that cryptocurrency transactions are identical to bank transfers using fiat currency,” Matonis said. “This is a grand societal battle that must be won by privacy advocates, not because it is a cute feature or a principled position, but because it is an existential economic necessity. A peer-to-peer value transfer system fails without underlying coin privacy at its core, because the entire system would lack fungibility if all coins were not treated equally the way paper cash is today.”
This is why some bitcoiners continue to work on privacy tech, regardless of exchange policies and other hurdles.
Meanwhile, CoinJoin usage continues to increase, with roughly 13,500 new Wasabi Wallet downloads this year.
So far in June, more than 10,000 fresh bitcoin were used in Wasabi CoinJoin transactions for the first time, the highest record since the all-time peak in August 2019 according to the Wasabi team.
Overall, usage has more than tripled since May 2019, when roughly 9,764 total bitcoin were used in Wasabi’s CoinJoin transactions, compared to 35,697 total bitcoin used in May 2020, they said.
And that’s not even to mention the few thousand bitcoin sent using other CoinJoin tools since the coronavirus began, including Samourai Wallet and JoinMarket. Generally speaking, usage appears to be up across the sector.
Matonis said as long as companies and public individuals focus on non-custodial, open source software, he believes privacy-tech projects will actually bear less compliance costs over time as the tools become normalized. For example, mixing protocols could become a “standard default feature” in bitcoin wallets.
“Both the bitcoin industry and law enforcement need to resist falling for the myth of blockchain forensics as perpetrated by the blockchain surveillance firms,” Matonis said of companies that routinely flag mixed coins as suspicious.
“Law enforcement methods will undoubtedly have to evolve beyond simply using money as an identity tracking device or simply relying on metadata through non-targeted driftnet surveillance,” he added. “This means employing real and sometimes cumbersome police work that doesn’t violate the rights of any individuals.”
Metamask Enhances User Privacy With New Wallet Update
Major Ether wallet service and browser extension, Metamask, introduces newly released version featuring enhanced privacy control.
Metamask, a popular Ether (ETH) wallet and browser extension, has just released a new major application upgrade.
Announcing the news on July 2, Metamask outlined that the new update, Metamask Version 8, offers a number of new features like enhanced privacy control and a new account-login system.
Bitcoin Will Never Be Truly Private Says Andreas Antonopoulos
Andreas Antonopoulos says Bitcoin will probably never have privacy features like those in Monero.
Bitcoin educator Andreas Antonopoulos says he would like to see more privacy features on Bitcoin, but they’re unlikely to happen anytime soon.
In a livestream Q&A on Antonopoulos’ YouTube channel on July 7, he said Bitcoin (BTC) was unlikely to ever implement privacy features similar to those used by Monero (XMR).
Antonopoulos said creating such features on a cryptocurrency like BTC “would create an enormous amount of controversy.” In addition, he said the structure of Bitcoin simply doesn’t allow ring signatures and stealth addresses.
“I think what we’re going to see soon is Schnorr, Taproot, and Tapscript, which open the door to a lot of improvements,” Antonopoulos said, “But they still do not involve zero-knowledge proofs or the types of ring signatures and stealth addresses that are done in Monero. Bitcoin is not a privacy coin.”
Bitcoin Privacy Features Effective?
The features to which Antonopoulos is referring — Schnorr, Taproot, and Tapscript (a scripting update to Taproot) — have been cited by others in the crypto community as having the potential to make Bitcoin more private.
The director of research at blockchain firm Blockstream Andrew Poelstra has referred to Taproot as a system which could possibly render any transaction mostly indistinguishable from one another on the BTC blockchain. However, he noted that “transaction amounts and the transaction graph are still exposed, which are much harder problems to address.”
Multisignature schemes (MuSigs) from Schnorr are another possibility. Poelstra said using this method doesn’t reveal the original set of signers, or even provide the number of signers for MuSig transactions.
Bitcoin can be better thought of as pseudonymous rather than fully anonymous, as many transactions on the BTC blockchain can still be traced even with these privacy improvements.
CoinSwap And The Ongoing Effort To Make Bitcoin Privacy ‘Invisible’
A developer known for working on enhancing Bitcoin privacy has set his sights on a new project he hopes will “massively improve” how we keep our transactions private.
Chris Belcher, who also created the technical privacy market JoinMarket, is currently working on putting to the test CoinSwap, an idea first proposed by legendary Bitcoin developer Greg Maxwell in 2013. Belcher has been focusing on CoinSwap rather than JoinMarket because he thinks it will give users better privacy, he told CoinDesk.
Belcher recently received not just one, but two grants for his efforts, showing just how excited Bitcoiners are about the potential of the project.
Though the Bitcoin network arose from a privacy-minded movement, its privacy is actually pretty thin. Just take a look at any block explorer for a glimpse of how easy it is to pull up any transaction that’s ever happened in Bitcoin’s history – as well as the transaction’s associated history.
“Right now, Bitcoin privacy is not very good at all. Anyone in the world can analyze the blockchain and then can find all sorts of information about users – their balance, their history, who they transact with and in what amounts, when – everything they spend,” Belcher told CoinDesk in an interview.
Belcher argues that this is, in some ways, worse than the financial privacy we have in legacy systems today. “The banking system, they know your transactions, but the general public doesn’t. With Bitcoin it is the general public — it is everyone that can see exactly what the user does,” Belcher added.
He added it’s important to most people that this type of information isn’t exposed to the whole world.
“Financial privacy is good for human dignity, [for example], if you don’t want your neighbors to see what charities you donate to or that type of thing, or if you’re paid in bitcoin you don’t want your employers to know what charities you donate to or what other activities you’re involved in,” Belcher added.
Coinjoins: Today’s Bitcoin Privacy
“CoinJoins” (distinctive from “CoinSwaps,” which Belcher is putting to the test) are the privacy transactions that are most popular on Bitcoin today. CoinJoins give users good privacy and are becoming more popular. Thus far, they have been adopted in the Wasabi wallet, Samourai Wallet and JoinMarket.
A CoinJoin takes all inputs from several transactions by different users and mixes them into one big, collaborative transaction. This one big transaction then sends the bitcoins mixed from different addresses out to different addresses. Because no one can tell where the spent bitcoins originally came from, the scent of the trail is obfuscated and the participants in the CoinJoin gain better privacy.
But it’s not perfect. There are still ways for people analyzing the Bitcoin blockchain (namely blockchain analysis companies) to detect when and where bitcoins are being mixed.
For one thing, the transaction sizes of mixed coins are much bigger than normal transactions because they contain so many different inputs.
Also telling is the fact they have outputs that are all the same size. “Equal output CoinJoins are very obvious. If someone sees them on the blockchain they can see that this kind of privacy protocol is happening,” Belcher said.
Why are outputs the same size? If Bob sends 0.8 BTC into the CoinJoin transaction and Alice sends 0.187 BTC and Mary sends 1.2222 BTC, and the resulting outputs are exactly 0.8 BTC, 0.187 BTC and 1.2222 BTC respectively, that coincidence is pretty obvious to anyone who is looking.
In order to preserve privacy, a CoinJoin transaction usually splits the amount of bitcoin dispensed into even pieces, say 0.1 bitcoin. So, if Alice put in 0.3 bitcoin, she will receive three 0.1 pieces sent to three separate addresses that she controls.
Most transactions don’t have a bunch of equal outputs like this. That’s why CoinJoins are easy to detect.
Indeed, there have been a few instances of cryptocurrency exchanges banning users who have evidently sent their bitcoin through such privacy services.
“They’ll be suspicious. If there’s someone analyzing the blockchain, they’ll see this is a CoinJoin, so they know this person did that. And if they see another transaction, [by comparison] they can see that it’s not a CoinJoin,” Belcher said.
CoinSwap: An Invisibility Cloak For Transactions
“CoinJoin” and “CoinSwap” have similar names and they both help to preserve privacy, so it’s easy to confuse them. But they’re different, and Belcher argues CoinSwaps “fixes many of the problems of some kinds of CoinJoins” and “is the next step for on-chain bitcoin privacy.”
CoinSwaps can be made to look invisible, Belcher said. If done correctly, a CoinSwap transaction can look just like a vanilla bitcoin transaction.
In a CoinSwap, it looks like two separate people are sending completely separate transactions. But under the hood, something else completely is happening.
Two parties, say Alice and Bob, execute such a swap. In short, Alice sends some bitcoin to a CoinSwap address. Bob sends the same amount of bitcoin to a separate CoinSwap address.
If both send the right amount of money over, the coins are “swapped.” The coins Alice sent to the CoinSwap address are sent to a new address owned by Bob, and the coins Bob sent to his own CoinSwap address are sent to a new address owned by Alice.
Under the hood, the CoinSwap address, which is responsible for this swapping, is much fancier than a normal bitcoin transaction. It’s a multi-signature transaction, meaning it requires more than one person to sign off on it in order to send the transaction.
Usually, these types of transactions stand out on the blockchain since they look different from normal bitcoin transactions. But by including ECDSA-2P cryptography, these multi-signature transactions can be made to look just like normal bitcoin transactions. This is very much Belcher’s plan.
With ECDSA-2P in place, “Alice sends a CoinSwap to Bob and it just looks like just a normal transaction. But actually the coins have ended up somewhere else completely,” Belcher said.
This component is important. If all of these transactions look the same, people who aren’t even using CoinSwaps are getting more privacy too. There’s no way to tell if any transaction is a CoinSwap transaction or a normal one, turning bitcoin chain analysis on its head.
Similar technology will expand to the Lightning Network as well, so blockchain watchers can’t tell if any single transaction is a CoinSwap, a Lightning Network transaction or just a normal bitcoin transaction.
“CoinSwap could be said to allow bitcoins to teleport undetectably to anywhere else on the blockchain,” as a description of the technology on the Bitcoin Wiki puts it. For a deeper explanation, check out this post from JoinMarket developer Adam Gibson.
That’s not to say that CoinSwap is perfect, though. The problem with CoinSwap is that it is a much more complicated process to implement than CoinJoin.
‘As Decentralized As Possible’
In his mountain of a post, Belcher describes how to turn the idea of CoinSwap into reality.
A key reason CoinSwaps haven’t taken off since Maxwell described them seven years ago is that they’re not as straightforward as CoinJoins. So, Belcher has his work cut out for him in implementing the complexity for the first time.
His first step was just thinking about the best way to do it, outlining a number of different design considerations in the article making up his plan of attack. For one, he plans to use the Rust programming language, since it’s potentially more secure than other languages.
“I want to make it as decentralized as possible, so there’s no central point of failure that can be switched off or censored,” Belcher said. To meet this goal, he wants the “whole thing” to run over the privacy network Tor, which helps to shield IP addresses, which are kind of like a mailing address for a computer exposing where it is located.
“I think that’s quite necessary for privacy,” he said.
Belcher outlines this and various other considerations in his proposal, such as routing and using PayJoin, yet another bitcoin privacy technology, alongside it. Now that his ideas are out in the public, people can comment and make suggestions.
The next step is actually implementing it. Belcher told CoinDesk he hopes to release a minimum viable product in the next six months.
Six Months Later, Bitcoin Community Finally Debates How To Activate Taproot
The Taproot conversation is continuing with the Bitcoin community having to decide how to begin the months-long activation process.
The Taproot upgrade represents one of the most significant developments for Bitcoin’s mainchain in recent months. Despite seeing very little controversy, the community is still debating on the proper procedure on how to implement it more than six months after the BIPs were published.
The issues stem from the necessity of conducting a soft fork that would be accepted by all relevant stakeholders. According to a Reddit thread pinned in the r/Bitcoin community, “the biggest problem with activating Taproot is PTSD from the previous softfork, SegWit.”
History of SegWit
SegWit consensus in 2017 followed the BIP9 soft-fork procedure, which required 95% of all miners to signal that they upgraded to the new software and were ready to complete the fork. A time-out period existed that automatically rejected a proposal after consensus hadn’t been reached by a certain date.
The very high degree of required agreement meant that a single relatively large miner could stall the upgrade and “hold it hostage.” Allegedly, miner opposition to SegWit was due to “covert AsicBoost,” a mining enhancement technique that the upgrade would have made unusable. However, SegWit was ultimately the culmination of a community debate on block size spanning years, which was mostly resolved with the Bitcoin Cash fork.
To avoid similar controversy, two different techniques for Taproot are being proposed.
Taproot Activation Still Far Away
An alternative to BIP-9 is to codify that the upgrade will be activated after the timeout, instead of being rejected. Since this would effectively lock in the decision to fork before its activation, it is seen as a less ideal measure.
Instead, a “Modern Softfork Activation” procedure proposes a hybrid system where the upgrade would get rejected after failing to reach consensus in a year. After another six months of discussion, the community could decide to begin a two year-long procedure which would activate the upgrade at expiry. The maximum length for this procedure would be 42 months, or three years and a half.
As of right now, the timer is not yet ticking. More than six months have passed since Taproot’s initial formalization as a Bitcoin Improvement Proposal in January. Several code improvements have been pushed to it since, though they do not constitute major changes.
Taproot improves certain aspects of Bitcoin privacy related to complex spending conditions. It allows hiding the conditions that were not triggered, and can make multisig transactions look indistinguishable from single wallet transfers.
The upgrade was previously hyped up, which fueled some misconceptions on its upcoming features. Some believed that it would make the CoinJoin privacy protocol impossible to distinguish from normal transactions, though as Cointelegraph previously reported, CoinJoin is not affected at all in the final version of Taproot.
But despite the relatively uncontroversial and limited set of features, Taproot may take months — if not years — to be activated.
Secret Contracts May Soon Bring Privacy Features To Public Blockchains
Programmable privacy is about to become a reality.
Open-source Blockchain protocol Secret Network announced its intention to add privacy-based secret contracts to its mainnet. The upgrade will take place on September 15 once the proposal is passed by the community.
According to the foundation’s announcement, developers will have the opportunity to build and deploy so-called “secret” smart contracts that use encrypted inputs, outputs, and states.
Secret contracts could enable many different blockchains to utilize private data in decentralized apps without compromising their user’s personal security.
The Foundation Explained:
“Secret contracts allow for programmable privacy, allowing for arbitrarily complex data privacy controls to be implemented inside applications. The flexible encryption capabilities and controls offered by programmable privacy unlock the potential value of the decentralized web.”
Secret Network is focusing on onboarding new secret contract developers, secret node operators, and community members to help to increase the mass adoption of secret contracts among public blockchains.
The foundation will also launch secret tokens, which are privacy-based assets that are programmable like ERC20s, but private like zCash. Secret Network noted that it expects this will strengthen the mass adoption of DeFi as well.
Litecoin Relaunches Mimblewimble Testnet As Europol Targets Privacy Protocols
Litecoin’s privacy feature testnet returns as news emerges that Europe sees privacy and coin mixing technologies as major digital threats.
Litecoin (LTC) has relaunched its MimbleWimble testnet — a protocol designed to enhance privacy and obfuscate the traceability of distributed ledger transactions.
MimbleWimble is a modified implementation of the proof-of-work algorithm underpinning Bitcoin (BTC) in which blocks appear as a single large transaction, preventing the individual inputs and outputs relating to the transactions from being identified.
David Burkett, the lead developer of the MimbleWimble protocol for Litecoin, will now focus making it easier for “non-technical Litecoin users” to begin testing to functionality, in addition to ironing out aspects of the code that are “fragile.”
Burkett is targeting full activation of the protocol sometime next year, noting in a Telegram channel that it will be down to Litecoin’s miners and node operators to decide “when or even if they want to activate.”
LTC’s MimbleWimble testnet was previously launched on September 30, but was postponed due to low community participation.
Litecoin’s MimbleWimble progress comes as regulators increasingly look to crack down on privacy-enhancing crypto asset technologies, with Europol calling out privacy coins and naming decentralized marketplaces, cryptocurrency mixers, and anonymizing wallets among the top online organized crime threats.
In its ‘Internet Organised Crime Threat Assessment’ for 2020, Europol asserts that “privacy-enhanced wallet services using coinjoin [..] have emerged as a top threat,” citing Wasabi and Samurai’s respective wallets as examples. Wallets that use Coinjoin mix the coins of multiple users engaging in separate transactions, effectively providing a decentralized mixing service.
Europol asserts that the operators of darknet marketplaces are increasingly moving to integrate coinjoin wallets onto their platforms.
Europol also notes that while Bitcoin is still the dominant currency across darknet marketplaces, Monero (XMR) is emerging as the most popular privacy coin, followed by Zcash (ZEC), and Dash (DASH). The report identified Litecoin and Ethereum (ETH) as the two most popular altcoins on darknet marketplaces.
The Implementation Of The Schnorr/Taproot Consensus Rules Has Been Merged Into Bitcoin Core
However, the upgrade’s activation method has yet to be determined.
This upgrade has been highly anticipated due to its potential to increase Bitcoin’s smart contract capabilities while simultaneously benefiting its transactional privacy. This is the first major protocol update since Segwit.
Bitcoin’s Next Upgrade Will Support Tor V3 Addresses
The next version of Bitcoin Core will support the latest type of Tor addresses, before they are fully rolled out.
- The next version of Bitcoin Core will support Tor Network’s V3 addresses.
- Tor V3 addresses offer stronger cryptography and enhanced security.
- The old V2 addresses will become obsolete on October 15, 2021.
The next version of Bitcoin Core will support Tor Network’s latest V3 addresses—that will fully become the new standard next year—according to Pieter Wuille, a co-founder and former engineer at Blockstream.
Bitcoin Improvement Proposal (BIP) 155, which contains details of the Tor support, has been merged into the current Bitcoin reference implementation. It will be pushed into Bitcoin Core version 0.21.
The Tor Network is based on open-source software and enables anonymous communication over the Internet. In July, its developers announced that the network’s V2 addresses—that have been in use over a decade already—will be “retired” on October 15, 2021. They will be substituted with the new V3 addresses that have been in development since 2015.
“As humankind’s understanding of math and cryptography evolved, the foundation of version 2 became fragile and at this point in time, unsafe,” said the announcement, adding that “[In 2015], a large scale development effort spanning over 3 years resulted in version 3.”
Bitcoin’s Taproot Is Ready To Go, But It’s Unlikely To Be Included In The Next Release
Developers don’t want to move too fast.
The Bitcoin Improvement Proposals 340 through 342 were merged into the Bitcoin codebase on Thursday, signaling that the anticipated Taproot upgrade is ready.
Taproot and the associated technology of Schnorr signatures are considered to be the most important upgrade for Bitcoin in the past year. It is primarily a privacy improvement for complex spending conditions on Bitcoin like multisig transactions, time locks and other conditions based on Bitcoin Script.
As Cointelegraph reported previously, Taproot hides every additional spending condition beyond the one that was activated. For example, a transaction might be executed immediately if all four multisig signers agree, or it could require a certain amount of time to pass before funds are unlocke if only three out of four signers are present.
Normally, an outsider is able to identify every possible condition, but with Taproot they will see only the one that was eve triggered.
Furthermore, thanks to Schnorr signatures, a pure multisig transaction can be made indistinguishable from normal transfers. It is worth addressing that Taproot makes no changes to mixing protocols like CoinJoin, which will remain easily distinguishable.
While the initial code for Taproot was submitted for review in January, some complications primarily related to Schnorr signatures required an extensive amount of refinement.
The proposals have now been fully reviewed by Bitcoin core developers and are ready to be included in a client release. Pieter Wuille, the lead developer for Taproot, told Cointelegraph that “it’s all done, except activation.”
Cointelegraph previously reported that consensus for activation may require some time to be reached. The process could potentially last for years, though Taproot is generally considered much less controversial than previous upgrades like SegWit.
The process starts as soon as the activation code is included in Bitcoin Core, allowing miners to signal approval for its inclusion. But Taproot seems to have come slightly at the wrong time for immediate activation.
Jonas Nick, researcher at Blockstream and Bitcoin core developer, told Cointelegraph that “Taproot is not ready for activation yet.”
He explained that activation logic is generally not included in a major release, referring to the upcoming 0.21 version. The codebase reached “feature freeze” on Thursday, with the base Taproot code making it just in time. Nevertheless, nly bug fixes will be added from now on. Explaining why developers are cautious, Nick said:
“Major releases can contain changes to dependencies and interfaces (e.g. RPC). Users should be able to run softfork activation logic without the additional work required to be compatible with a new major version.”
The logic to activate Taproot on mainnet is likely to be included in a future minor version, but in the meantime, Nick said that “Taproot could be activated on something like signet or testnet if someone produced the code for that,” as the raw implementation is already present.
Bitcoin Developers Still Divided On Specifics Of Taproot Activation
The code for Taproot, Bitcoin’s biggest upgrade in years, is finalized and has been packaged into a forthcoming update. Only, it’s not ready to be deployed yet because Bitcoin developers have differing opinions on the best route to activation.
Taproot will enhance Bitcoin’s smart contract capabilities by implementing a new digital signature scheme, Schnorr. Implementing the upgrade requires a “soft fork” of Bitcoin’s code, and there are a few competing proposals for how to activate it.
In a bid to expedite implementation discussions, Bitcoin Core contributor A.J. Towns recently surveyed 12 other developers who have been active in the implementation process to glean their thoughts on what activation should look like.
The results of the survey show that, while developers are generally aligned when it comes to the big picture of Taproot’s activation, they disagree on the details. As they debate the finer points, the developer’s conservative, careful deliberation may seem like nitpicking to outsiders.
But it shows that so-called “soft-fork” upgrades like Taproot are not entirely riskless events – and that the specter of the controversial Segwit soft fork has haunted discussions.
Taproot Activation Proposals, Explained
The Segwit transaction load increase was Bitcoin’s last soft fork, or an upgrade that is “backwards compatible,” meaning software running the old version of the code can still interact with the upgraded version.
Segwit’s activation was anything but smooth and relied on tweaks along the way after miners failed to adopt the upgrade in its first year. To keep the upgrade from failing, node operators – those Bitcoin users who run Bitcoin’s software and keep a copy of its ledger – adopted the upgrade and miners followed suit after these node users threatened to reject transactions from the miners.
In a perfect world, both node users and miners would upgrade simultaneously to ensure no conflict would “split” the chain – or result in two rival factions supporting two different versions of Bitcoin’s code.
Even though Taproot is a non-controversial upgrade, the memory of Segwit is making developers cautious when evaluating this latest upgrade.
Two of the leading implementation proposals for Taproot rely on a mix of miner signaling and user activation. BIP 8, introduced in 2017 by Bitcoin developers Luke Dashjr and Shoalinfry, would include a signaling period for miners; if enough miners don’t activate to reach consensus on the upgrade, then a “flag day” for activation would automatically upgrade Bitcoin nodes that have downloaded v0.21 of Bitcoin Core.
These nodes would reject blocks and transactions from miners who do not support Taproot, so in theory, this method would incentivize miners to adopt the new ruleset lest they lose out on profits.
In a second Taproot implementation proposal, Core developer Matt Corallo’s Modern Softfork Activation, fuses BIP 8 with BIP 9 (the latter being the proposal originally adopted to activate Segwit but which proved inadequate).
Corallo’s hybrid model first includes a one-year signaling period for miners. Second, if a super-majority of miners does not update during this timeframe, then the upgrade would be subject to a six-month review to make changes (if any) to the proposal.
The third and final step is a BIP 8-style activation period of two years, with a non-mandatory flag-day for node users to activate the update.
What Bitcoin Developers Think
For the first question in his survey, AJ Towns asks developers what percentage of miners need to signal an upgrade for it to be considered a safe majority. Eight believe that nothing less than 85%-95% would be sufficient. The thinking is that anything less threatens a network “split” where some miners run the older code and some the newer code, which would create two conflicting transaction histories.
Failing a miner-signalled activation, seven respondents think a flag day for node-enforced activation could come as soon as 12-18 months after activation begins. If too few miners adopt the upgrade, this would mean nodes could enforce the Taproot ruleset and only accept blocks from miners who also signaled for the upgrade.
“In a perfect world, both node users and miners would upgrade simultaneously to ensure no conflict would “split” the chain – or result in two rival factions supporting two different versions of Bitcoin’s code. “
Almost all of the developers surveyed want to wait to see if miners and users adopt the upgrade on their own before deciding on a hard date for flag day (if there’s enough early support, a flag day may not be necessary at all).
If activation doesn’t come to pass through voluntary activation, then a flag day activation is the last option on the table. Most respondents were in favor of a mandatory flag day to automatically signal the update. This would mean updated nodes would reject blocks from miners who haven’t signaled for the upgrade.
Disagreements On The Finer Details
So-called forced signaling through the flag day would have the benefit of making Taproot default on any Bitcoin Core node running v.21; in turn, these nodes would only accept block data from miners who have also signaled the update, so in theory this would encourage miners to upgrade lest they lose their business.
But What If The Miners Have Node Users Who Do Accept Their Blocks?
This is one caveat to forced signaling: If too many miners and node users don’t accept Taproot and refuse to update their software, then the network could split into two competing chains. If enough economic interest backs the “old” version of Bitcoin, then the result could be two competing assets.
This outcome is partly why some developers, like Matt Corallo, think that forced signaling is unnecessary.
Since Taproot has been largely uncontroversial, it would be a political risk to force signal the upgrade, he argues. He considers the activation method a relic of Segwit’s “user-activated soft fork,” a proposal to activate Segwit through similar means after miners failed to adopt the upgrade. Segwit was very controversial and political. Taproot is not, but Corallo believes enforced signalling threatens to make it that way.
In his post, Towns writes the mandatory signaling would be a way to definitively enforce Taproot’s network-wide activation after enough consensus has been established through discussion and miner support.
“If you want to maximize the number of nodes that will enforce the rules should a flag day occur, but also only choose the flag day after an initial activation attempt is already widely deployed, then you have no choice but to make signaling mandatory when the flag day occurs,” Towns writes.
What’s The Holdup?
Towns introduces an alternative activation proposal in the survey which features a four-year activation time frame. As ever in Bitcoin development discussion, this, too, received some pushback.
“Once the decision to activate has overwhelming support from developers and users, the longer the timeframe for activation (beyond that practically required for miners to safely upgrade) the more things that can go wrong,” former Bitcoin Core developer Eric Lombrozo said to Towns on Twitter.
Risks aside, if most developers and Bitcoiners think Taproot is a shoe-in for an upgrade, it shouldn’t take four years to activate, especially since it has already been so-long in the making.
After all, if Taproot’s been in the works since 2018, shouldn’t miners and node operators know what to expect?
As Blockstream CEO Adam Back put it on Twitter, “Taproot can’t be a surprise after several years.”
Blockstream Is Working on Simpler, More Private Multi-Sig Bitcoin Transactions
With Bitcoin’s long-awaited Taproot upgrade on the horizon, the engineers at Blockstream are working on a new scheme to improve multi-signature transactions.
These transactions, which require signatures from more than one private key to authorize spends, will stand to benefit from Taproot. This upgrade implements Schnorr signatures into Bitcoin’s codebase, a cryptographic signature scheme that will make creating and executing smart contracts easier on the network.
In a post-election day blog post, Blockstream engineers Jonas Nick and Tim Ruffing lay out a new multi-signature design that would reduce the technical complexity of multi-signature transactions in a way that still preserves privacy.
Nick and Ruffing, alongside French National Security Agency member Yannick Seurin, published a cryptographic e-journal on this MuSig2 design that is currently undergoing peer review.
MuSig2 combines the strengths of the two leading multi-signature designs without sacrificing trade-offs.
Bitcoin’s oldest multi-sig trick, the ‘CHECKMULTISIG’ OP-code, for instance, requires less communication from the signers of a multi-sig transaction but is less private than the MuSig1 multi-signature scheme, which improves user privacy at the expense of adding extra steps to the signing process.
Specifically, MuSig1 requires the parties in a multi-signature transaction to communicate in multiple rounds to approve a transaction.
MuSig2 would retain all the privacy guarantees of MuSig1 while only requiring two rounds of communication between signers to approve a transaction (e.g., Alice generates a 2-of-3 multi-signature transaction she sends to Bob for approval; Bob signs the transaction, sends it back to Alice and the transaction is approved).
“It offers the same functionality and security as MuSig1 but makes it possible to eliminate almost all interaction between signers. With MuSig2, signers need only two rounds of communication to create a signature, and crucially, one of these rounds can be preprocessed before signers know the message that they want to be signed,” the blog post explains.
Besides improving general multi-signature wallets, MuSig2 could stand to benefit Lightning Network privacy and improve so-called threshold signatures that are often used by exchanges and custodians for fund storage.
If Taproot is adopted in the coming months, then Blockstream will replace the MuSig1 standard with MuSig2 in a code library for Schnorr signature schemes. The post also hints that Blockstream’s Liquid sidechain may run the Taproot code early to test the multi-signature scheme before it is ready for deployment on Bitcoin’s mainnet.
Bitcoin Mining Pools Begin Signaling Support For Taproot/Schnorr Activation
Poolin has published a new tracker for mining pools that are signaling for Taproot, and in-development upgrade for the Bitcoin network that aims to boost transaction privacy.
As previously reported, Taproot — and, by extension, Schnorr signatures — are being bundled as part of a soft fork that, if approved and integrated, would represent the first significant update to Bitcoins since the addition of Segregated Witness. Taproot aims to make all transactions appear the same to outside observers, regardless of its composition or style.
According to Poolin’s tracker, three pools are signaling support for the Taproot/Schnorr soft fork. In addition to itself, BTC.com and Slush Pool are doing so.
The code for Taproot was merged into the library of Bitcoin Core last month, representing the final stage before the official deployment. How that process will exactly play out remains to be seen — as noted by Poolin, there are two approaches to activation for node operators (including miners).
As of the time of writing, Poolin accounted for nearly 18 percent of mined blocks in the past 24 hours, according to BTC.com. BTC.com accounted for about 9% of blocks, and Slush for about 2%.
Majority of Bitcoin Hashrate Signals Support For Taproot Scaling, Privacy Upgrade
Bitcoin mining pools representing over 54% of the network’s current hashrate have signaled support for the scaling and privacy protocol upgrade Taproot, merged into Bitcoin Core last month.
Bitmain’s Antpool backed the protocol upgrade Thursday morning in a message sent to Poolin, the pool told CoinDesk, joining five other pools in Poolin’s Taproot Activation initiative and pushing the percentage of hashrate in support of the upgrade over 50%. Antpool plans to publicly express its support in a forthcoming block’s coinbase.
Poolin’s vice president, Alejandro De La Torre, told CoinDesk he is “beyond happy” that most major mining pools have responded affirmatively to their “consensus-built effort” to support Taproot.
Notably, Binance Pool is the only top-five pool to not yet support Taproot.
Taproot aims to improve transaction privacy and enhance Bitcoin’s smart contract functionality. As an added bonus, it’s also designed to keep Bitcoin’s blocks small, with block space as accessible as possible.
“The only uncertainty with Taproot is when and how it will be activated,” said Daniel Frumkin, engineer and technical writer at Slush Pool, in a direct message with CoinDesk.
“In the end it should be a straightforward process with minimal drama,” he added, noting that Taproot is “not controversial.” Frumkin contrasted this proposed upgrade with the heated industry-wide disagreements caused by the 2017 SegWit2X proposal, which many miners also supported.
Seeing any miners opposing the Taproot upgrade would be a shock to Frumkin. “I’d expect the rest of the major pools to signal support in the following weeks,” he said.
Privacy Coins No More? Ciphertrace Files Patents For Tracing Monero Transactions
The firm claims it will be able to identify XMR used for illicit purposes to support criminal investigations.
Crypto analytics firm CipherTrace announced on Friday that it had filed two patents for technology capable of tracing transactions for privacy coin Monero.
In a Nov. 20 blog from CipherTrace, the firm stated that the patents would include forensic tools to explore Monero (XMR) transaction flows to assist in financial investigations, statistical and probabilistic methods for scoring transactions and clustering likely wallet owners, as well as visualization tools and ways to track stolen or illegally used XMR.
“CipherTrace’s Monero tracing capabilities will allow [Virtual Asset Service Providers] to identify when inbound XMR may have criminal origins, allowing them to adequately risk rate customer transactions per any required regulations,” the blog stated. “[Our] goal is to enable the detection of criminal users, therefore increasing the safety and sustainability of privacy coins like Monero in the future.”
While Bitcoin (BTC) is still the preferred medium of exchange for many darknet market users, there has been increasing acceptance for privacy coins like XMR. Law enforcement agencies have not yet determined a reliable way to trace Monero, and firms like CipherTrace have an opportunity — the company has reportedly been working on a means to trace XMR transactions since early 2019.
CipherTrace CEO Dave Jevans told Cointelegraph in August that the firm developed the first tool for tracking Monero transactions. Such a tool could potentially support investigations of crimes and reduce incidents of money laundering.
The company has stated it developed these Monero-tracing tools as part of a project with the U.S. Department of Homeland Security, but the latter isn’t the only government agency looking for a way to identify XMR wallets, transaction dates and times. In September, the Internal Revenue Service announced it would give a bounty of up to $625,000 to anyone who can break Monero.
Capabilities for CipherTrace’s tracing tools have not yet been confirmed. One Monero Outreach representative told Cointelegraph in October that they would be “highly suspicious of any claims that corporations can trace Monero transactions” and any firm that did so would be unlikely to “trace the wallets or amounts for any transaction.”
The price of Monero is $123.37 at the time of publication, having fallen 3.6% in the last 24 hours.
‘Secret’ Bridge Turns ERC-20 Tokens Into Privacy Coins
“Secret Tokens combine the programmability of ERC-20s with the privacy of coins like Zcash or Monero.”
An open-source blockchain protocol called the Secret Network is now offering privacy features for the Ethereum blockchain and 14 ERC-20 tokens.
According to a Secret Network blog post, the protocol launched its Secret Ethereum Bridge on the mainnet today, which is designed to allow Ether (ETH) and all ERC-20 token holders to create programmable versions of their assets with privacy features. The Secret Network compared these “secret” tokens to privacy coins like Monero (XMR):
“Secret Tokens combine the programmability of ERC-20s with the privacy of coins like Zcash or Monero. Interactions with Secret Token contracts are encrypted, viewable only to address owners or holders of their viewing key.”
Secret Network said that it would initially offer these privacy features to 14 ERC-20 tokens, including ETH, Yearn.Finance (YFI), Uniswap (UNI), Band (BAND), Compound (COMP), Chainlink (LINK), Aave (AAVE), Kyber (KNC), Synthetix (SNX), Ocean (OCEAN), Maker (MKR), Dai (DAI), Tether (USDT), True USD (TUSD), and wrapped Bitcoin (WBTC).
The latest Ethereum announcement is part of a broader plan from the Secret Network to bring privacy features to public blockchains. Developers can build and deploy the protocol’s “secret” smart contracts that use encrypted inputs, outputs, and states. These contracts reportedly allow a blockchain to utilize private data in decentralized apps without compromising users’ personal data.
The protocol said it was also planning on launching bridge mining rewards starting in January. Crypto users can earn Secret’s SCRT tokens for keeping their assets locked on the Secret Ethereum Bridge.
Blender Launches Decentralized Privacy Bitcoin Wallet
Launched in September 2020, Blender Wallet by Blender.io, a recognized privacy team, represents a new-gen approach to anonymous Bitcoin (BTC) wallets. It merges an unparalleled level of decentralization and an intuitive user interface.
Why Do You Need A Decentralized Bitcoin (Btc) Wallet With A Built-In Mixer?
A decentralized cryptocurrency wallet refers to a type of service with zero points of centralization. This means that it does not rely on the server, node or website. Users of decentralized wallets are solely responsible for their keypairs.
Don’t Trust; Verify
Decentralized (trustless, noncustodial) wallets eliminate the need for its customers to rely on the service team when storing crypto and authorizing/receiving transactions. Thus, their customers are less vulnerable to the issues typical with CEXs: account restrictions, withdrawal delays, government shutdowns and so on.
It is very difficult for malefactors to hijack users’ data or coins when they are not allocated to centralized storage.
Also, issues of tracking and deobfuscating addresses and transactions are really thorny in 2020. Regulatory watchdogs in many countries are exploring more and more tools to find out how Bitcoiners use their assets and for which purposes?
Even the coins that emphasize their devotion to privacy – Monero and ZCash, for example – are targeted by regulators. Thus, using a mixer, a service that “blends” the transactions to obfuscate their routing, is a must for contemporary crypto users.
Introducing Blender Wallet: When Privacy Meets Powerful Functionality
Blender Wallet is a flagship B2C product by top-tier privacy-focused team Blender.io. It should be referred to as a noncustodial decentralized multi-purpose Bitcoin (BTC) wallet with built-in coin mixer.
Main Functions Of Blender Wallet
First of all, Blender Wallet provides its customers with a safe and secure environment for storing their Bitcoins (BTC). Blender Wallet supports Segregated Witness Bitcoin (BTC) scalability technology and assists users in creating SegWit addresses for fast and cheap transfers.
All Blender Wallet transactions are obfuscated through the in-app Bitcoin (BTC) mixer. Thus, all user activity in the Bitcoin (BTC) network becomes literally untraceable. It is the pioneering product that allows users to reach that level of anonymity without special blockchain skills.
At press time, Blender Wallet is available as a web interface, while the mobile application for Android devices is coming soon.
Useful Features For Retail Payments
Blender Wallet is one of a few wallets that allows all clients to manage multiple Bitcoin (BTC) addresses simultaneously. It may be of crucial importance for freelancers or contractors. On the other hand, employers who decided to pay employee salaries in crypto will enjoy a “one-to-many” transaction feature.
Users can label their transactions in one click to manage their expenses easily. For instance, Bitcoiners onboarded by Blender Wallet can identify payments related to work, recreation and entertainment, digital bank transfers and other categories.
Similar labels can be attributed to addresses as well. Once labeled, the owner of the wallet can search for addresses and transactions using customized keywords.
All transactions authorized and received with Blender Wallet are charged with zero service fees, so clients only pay the miner’s commission to have their transactions included in new blocks.
Setting Up Your Decentralized Bitcoin (BTC) Wallet With Blender Wallet
Since Blender Wallet is a KYC-agnostic platform, it does not require users to disclose their critical personal data, e.g., real name, phone number, email addresses and country of residence, among other things.
It takes five steps maximum to get your Bitcoin (BTC) account set up with Blender Wallet.
1. First, you need to click on the “Create” button on the main page and pass captcha to avoid spam registrations.
2. In the second step, the user creates his/her own encoded mnemonic (like an ordinary password). This will help the user to access funds but will not be sufficient unless he/she inputs a seed phrase (see next step).
3. The third step is a crucial one. Blender Wallet gives the user his/her seed (“mnemonic”) phrase of 24 words. This phrase should be secured in physical storage. Blender Wallet does not store passphrases and mnemonic phrases.
4. The next step just asks the user to verify his/her mnemonic phrase, or four words out of 22.
5. Two-factor authentication is the last step. It is not necessary and can be skipped. If it is important for you, you should prepare a second device through which to authorize your usage of Blender Wallet.
Once this step is completed or skipped, the Bitcoiner can enjoy a seamless anonymous BTC storage and transaction experience with Blender Wallet.
Blender Wallet by Blender.io represents a new type of privacy-focused Bitcoin (BTC) wallet. It merges the benefits of full anonymity and intuitive user experience. Its functionality is enhanced by unparalleled retail payment features.
Also, Blender Wallet offers all of its clients in-app Bitcoin (BTC) mixers to obfuscate critical transactional data.
Bitcoinmix Makes A Difference In Anonymous Cryptocurrency Use
There have been concerns raised about the privacy associated with cryptocurrencies such as Bitcoin and Ethereum.
Many users would want to have a measure of privacy but unfortunately, such features were not incorporated in the codes of these coins. This is why a Bitcoin mixing service, Bitcoinmix.org was established to give people access to this anonymity while using Bitcoin and Ethereum.
The company has taken cognizance of the need for anonymity and developed an algorithm that is resistant to the conventional blockchain analysis, thereby ensuring that clients’ transactions are effectively anonymized.
The company achieves this through the holding of large volumes of bitcoin and ethereum with which it effectively mixes the incoming coins of the customers. This obfuscation ensures that the mixed coins are dissociated from the transaction made using the originating wallet.
The company’s services has been of immense help to users who hold large volumes of coins and would not want to have unwanted attention. Every transaction made on such wallets that are channeled through this service isolates the wallet from the transaction.
Other clients are those who want to keep away malicious players such as hackers. This is even so important for users who have substantial volume of coins in their wallets. Bitcoinmix which started as a service that focused on mixing bitcoin has grown in recent months. The company expanded its blending service to include the mixing of ethereum in addition to its bitcoin mixing for which the company is known.
With the introduction of ethereum mixing service, users of ether can now access the anonymizing service. So sending and receiving of ether can be done anonymously.
Bitcoinmix has been rated as one of the oldest and reliable coin mixing services in the industry as it has built a reputation as a reliable mixer in an industry in which credibility means everything. This is despite the fact that blockchain was invented to exclude third party involvement in transactions and business.
The service does not take away from the concept but ensures that the lapses created by openness of the blockchain are ameliorated. This is why our services have become popular over time.
The company’s services can be accessed at Bitcoinmix.org. The easy to use platform was designed in a way in which the client doesn’t need to input personal details in other to use the service. Essentially, the customer sends their coins which are mixed and then other coins held by the company are sent to the address designated by the customer.
Equivalent volume of the deposited coins meant for mixing are sent to the customer. These coins are just like newly minted and have no history which could be traced through blockchain analysis.
So if you’re thinking of ways to use cryptocurrencies anonymously, the company’s service is what you need. Even though the focus in the meantime is on blending bitcoin and ethereum, there’s hope that this service would be extended to other coins that their users need to conduct more anonymous transactions.
All Major Mining Pools Now Support Taproot, Bitcoin’s Biggest Upgrade In Years
Binance Pool, the mining pool run by one of crypto’s biggest exchanges, is prepared to support Taproot, a good omen for the next major Bitcoin upgrade. The addition of Binance Pool to the “yes” column means that all the major pools are now on board.
Taproot is a scaling and privacy change that will be the biggest upgrade the digital currency has received in years – and it’s far less controversial than the last one.
According to crypto mining pool Poolin VP Alejandro De La Torre, Binance Pool says it will support the Taproot upgrade, clearing up any ambiguity, since the pool was the only one with over 10% of the network that hadn’t said “yes” to the proposal.
Binance Pool represents 11% of the Bitcoin mining hashrate, so its support pushes mining pool support up to about 91% of the hashrate.
Binance did not respond immediately to request for comment.
De La Torre leads Taproot Activation, an initiative to find out if there is agreement on Taproot as a change. According to the website, a few smaller mining pools, including Lubian.com and BTC.TOP, have not responded about whether they support the upgrade or not.
Signaling For Taproot
This support from miners comes in stark contrast to SegWit, Bitcoin’s last major upgrade, which activated in 2017. SegWit was deployed by way of BIP 9, requiring that 95% of mining pools flag support the change before the change would officially activate. To block the change, mining pools simply did not flag,
So far, mining pools have no problem with Taproot. Binance Pool’s support is a bellwether sign that the change could activate soon if no one finds some sort of fatal flaw in it.
This news is particularly consequential because if Taproot is deployed by way of BIP 9, then mining pools will need to flag that they’re ready for the change before it can activate.
But there’s still some debate about this process. The mechanics of Taproot itself are not controversial. Bitcoin’s most active developers all but universally agree it’s a positive change.
Still, how to deploy the change is still up for debate. Over the last several months, developers have been discussing the best way to deploy Taproot. To oversimplify a complex debate, some think BIP 8 would be better because it doesn’t allow mining pools to block the change out of sluggishness or apathy.
Knowing that mining pools, such as Binance Pool, support the change might give BIP 9 a boost.
Bitcoin Miners, Developers Narrow Down How Taproot Will Be Activated
* Bitcoin miners representing roughly 91% of the network’s hashpower have demonstrated support for Bitcoin’s biggest upgrade in years, Taproot.
* These activation methods vary the length of time required and whether or not to include a measure that would force the upgrade through full nodes with a “user activated soft fork.”
* Given miner support, Bitcoin developers believe the upgrade should activate without issue, regardless of the specific proposal chosen.
Now that most all major mining pools have pledged support for Bitcoin’s Taproot upgrade, all that’s left is the actual activation – but the members of Bitcoin’s open-source community have to pick the method first.
There are currently a handful of proposals vying for attention among Bitcoin’s stakeholders. Summing up the differences between them, some of these allot longer activation times than others, and some would allow the upgrade to be “forced” through full node activation if miners don’t put their hashrate where their mouth is when the time comes.
Bitcoin Upgrade: Multiple Paths To One Destination
Bitcoin’s biggest upgrade in half a decade, Taproot will enrich Bitcoin’s smart contract scripts, making it easier to execute highly complex transactions on the Bitcoin blockchain. Among other things, this will improve multi-signature software and privacy for the network.
Bitcoin developers have proposed multiple ways to bootstrap the upgrade, but they all rely on some version of Bitcoin Improvement Proposal 8 or Bitcoin Improvement Proposal 9 (BIP8 and BIP9, for short). Each proposal is similar but offers slightly differing approaches to activating the upgrade, which will require cooperation from both Bitcoin miners and node operators to go smoothly.
There are two primary versions of BIP8 vying for attention: one version, called BIP8 (true) includes a “flag day,” at which point the update will be forced via full node activation, even if miners fail to adopt it; and one version, called BIP8 (false), wherein the upgrade simply fails if miners don’t adopt it.
“True” designates that the BIP includes forced activation, whereas “false” designates a version of the BIP that doesn’t have forced activation.
Why the addition of the forced activation, you might be wondering? One apprehension going into activation discussions has been whether or not mining pools would adopt the upgrade, considering miner reluctance stymied SegWit’s activation in 2016 and 2017.
Mining pools that represent roughly 91% of Bitcoin’s hashrate, though, have announced their support for the upgrade as part of an initiative spearheaded by Alejandro De La Torre, a VP at bitcoin mining firm Poolin.
Torre said Poolin’s takeaway from the survey is that “BIP9 is the most favorable choice” for activation.
Bitcoin cannot tell time, so BIP9 allots a signaling period that is gauged by Bitcoin’s block time (whereby a pre-defined period of time is measured via Bitcoin’s block schedule, which can be erratic). If enough miners adopt the upgrade during this timeframe, it is locked in and considered successful; if this threshold is not reached, then the upgrade fails.
Bitcoin Miner Support Could Mean Easier Activation
With miners behind the upgrade, BIP9 could provide the quickest and easiest route to activation, Ben Carman, a Bitcoin developer who has helped review Taproot’s code, told CoinDesk.
“In the beginning I was in favor of BIP8 because I was worried about miners being able to block the upgrade. However, with things like taprootactivation.com I have moved to being in favor of BIP9. It seems we have basically everyone on board to do the upgrade and BIP9 would be the simplest, as well as only require a couple lines of code to be started. Other methods would require larger code changes to implement new activation logic.”
The other activation methods Carman mentions, BIP8’s differing versions, are similar to BIP9 sans a crucial tweak: BIP8 includes an option to force the update through a “flag day” if miner signaling fails (this option would be employed with the BIP8 [true] activation method). Additionally, a smaller change measures activation time by block height instead of BIP9’s use of block times.
This change means that if miners don’t adopt Taproot, the update can be forced through full node activation at a certain date with BIP8 (true), or the upgrade can be paused per BIP8 (false) and resumed later.
If enough miners don’t adopt the upgrade during the signaling period for BIP9, though, the process fails and must be started over from the beginning.
‘BIP9-Style Activation’ Could Come From BIP8
BIP9 has been used in the past for Bitcoin soft forks (upgrades that are compatible with previous software versions). It was originally used to activate the SegWit upgrade, but not enough miners signaled for the update so other means were required. Under this scheme, if not enough miners support an upgrade the signaling period for it merely expires and the process can be repeated.
Jonas Nick, a Bitcoin Core developer who has been one of the leads on Taproot, told CoinDesk that “BIP9 style activation is the least disruptive path and therefore a reasonable choice,” but that it would most likely come from BIP8, hence why this route is called the “BIP9 equivalent.”
Assuming the upgrade will be adopted during the signaling period, the upgrade would be adopted as outlined in BIP9 (i.e., via complete miner support), but using BIP8’s activation logic, which measures the activation window through block times and which can easily be tried again if the upgrade fails.
That’s why, while “no one can say for sure,” Nick believes that fellow Taproot development lead AJ Townes’ proposal (a slight modification of the so-called “gently discourage apathy” route), could win out.
Taproot ‘Flag Day’
Under this scheme, miners would have a year to signal for the upgrade. If miners representing 95% of Bitcoin’s hash power signals for the upgrade during this period, Taproot activates without further action. If not, the update undergoes a reviewal period during which developers and miners cooperate to iron out the kinks.
After this period ends, a “flag day” would be coded into the update to force the upgrade through mandatory signalling, whereby node operators would only accept blocks from miners who support Taproot.
This would effectively be a “user-activated soft fork” (UASF), the same method proposed to activate SegWit, though the method proved unnecessary because miners adopted the update after the UASF proposal gained traction. This method is known as “forced activation.”
By giving miners plenty of time to upgrade but also maintaining a flag day just in case, the proposal is meant to discourage miners from “not updating out of laziness,” KoinKeep Bitcoin wallet developer Dustin Dettmer told CoinDesk.
Townes has sketched out what this proposal would look like, but the code for it has not been included into Bitcoin’s software. The method includes BIP8 (false), so this code would need to be reviewed and inserted into Bitcoin Core first, Nick said.
Taproot: Rooted In Risk?
Even as Nick and Townes put their weight behind the modified BIP8 implementation, Matt Corallo, another reviewer of the Taproot code, believes the activation method is too risky, even if miners are largely on board.
“The forks in Bitcoin, for better or for worse, define the process and benchmark by which future changes are made and evaluated,” he told CoinDesk. The SegWit block size wars, he continued, set “an incredibly high standard” for how “on-its-face simple change[s]” are made to Bitcoin’s software – namely, with conservative deliberation that takes as few risks as possible.
Corallo believes the mandatory flag day activation method proposed in other methods is unnecessarily brazen and indicates too much influence from Bitcoin’s developer community, unless all other activation methods have been exhausted.
“Some of the proposed activation methods being discussed throw [the lessons learned from SegWit] away, setting a visible precedent that Bitcoin can be changed with almost only developer buy-in and with coercive and marginally riskier activation, opening the door to re-litigating years-settled debates.”
Corallo “doubts activation [will] be an issue,” but he concluded by saying, “I see no reason to take that risk unless all other options have been tried.”
Offering his alternative, Corallo’s own Modern Activated Soft Fork (MASF) takes bits and pieces of both BIP8s. This activation path involves a year-long signaling period for miners. If enough miners do not update during this timeframe, then the upgrade would pause per BIP8 (false) to be subject to a six-month review to make changes (if any) to the proposal.
If, after this point, Taproot still doesn’t have enough support, then a two-year period begins wherein node operators can push the update through an opt-in, non-mandatory flag day.
As opposed to a mandatory option, which would force activate Taproot on all nodes running the latest version of Bitcoin on the flag day, this opt-in flag day would get Taproot up and running only on nodes whose operators chose to upgrade, not the entire network.
Opponents of the MASF proposal say the long activation timeline could result in apathy among users, where the time-lapse has them losing interest in the upgrade so they don’t adopt the code. Still others say that it’s an unnecessarily lengthy process, especially for an upgrade that would benefit multi-signature and privacy technologies waiting for Taproot to bring their projects to fruition.
Bitcoin Miners’ Preferences
Only one of the respondents to Poolin’s miner poll, BTC.com, favors Corallo’s method. Slush Pool and Ant Pool both responded in favor of the original BIP 8. Poolin itself and NovaBlock want the BIP9 equivalent wherein BIP8 (false) is used sans the flag day, while Luxor is putting its chips on BIP9.
Regardless of which proposal wins out, Jonas Nick conservatively estimates that Taproot’s activation will kick off sometime this year. Given that the upgrade is non-controversial and miners support it, the actual difference between each activation method could be of little consequence, Nick said.
“In my perception, because Taproot has overwhelming support many developers would be fine with any reasonable proposal,” he concluded.
Tor-enabled Bitcoin Nodes Are Back After Bug On Network
Anonymous Tor-enabled Bitcoin nodes normally make up as much as 25% of totally reachable Bitcoin nodes.
The Bitcoin (BTC) network has been steadily recovering in terms of running BTC nodes after a major outage on the Tor network.
According to the latest data from node monitoring resource Bitnodes, Tor-enabled Bitcoin (BTC) nodes are back to normal following almost a full-swing crash in early January 2021. As of Jan. 13, the number of reachable Tor-based BTC nodes amounted to 2,581, up from as few as 122 nodes on Jan. 9.
Based on Bitnodes data, Tor-enabled Bitcoin nodes make up a significant part of the Bitcoin network, normally accounting for about 25% of totally reachable running nodes. According to the latest recorded data, Tor-based nodes made up over 23% of total BTC nodes on Jan. 13.
According to Bitnodes, the current number of Bitcoin nodes amounts to 11,190 nodes, up from around 8,300 on Jan. 7.
A Bitcoin node is a computer connected to other computers to host and synchronize a copy of the entire Bitcoin blockchain and essentially keep the entire network running. Tor-based Bitcoin nodes are a type of node implemented privately using the Tor anonymous network.
The latest dip in Tor-enabled BTC nodes is likely to be caused by a recent crash on the Tor network. On Jan. 10, Tor Project officially announced that the Tor network was experiencing instability due to an implementation bug in its v3 onion service. Tech-focused news agency TechNadu reported that the outage was likely due to a hacker attack.
The downtimes in the Tor network subsequently affected a large number of Tor-enabled or so-called “onion” websites including private Bitcoin wallets and exchanges like Wasabi and Bisq. On Jan. 11, Wasabi reported that it managed to keep its services intact using a fallback system. “If the Tor onion service of the backend becomes unavailable for the user, the wallet falls back to communicating with the backend’s clearnet endpoint, still over Tor,” Wasabi wrote.
A spokesperson for Tor Project told Cointelegraph that there is no evidence that the Tor Network was under an attack but was rather triggered by traffic overload. “The outage may have come from a poorly written custom Tor client requesting directory information too often,” the person said. There is also no evidence that the traffic overload was actively trying to hurt v2 onions, the representative noted.
According to the spokesperson, the network “was always fully intact” but the traffic overload “destabilized v3 onions” due to a bug. As a result, v3 onion services were inconsistently reachable for a few hours on Jan. 9 and again for a few hours on Jan. 10, the person stated. A fix for the underlying bug is now in an alpha release on the Tor Project website.
Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,Ultimate Resource For Crypto-Currency’s,