What is CoinJoin
Although Bitcoin is decentralized, it is not a completely anonymous and confidential system. There are many ways to publicly audit your transactions or conduct malicious tracking. Bitcoin transactions leave a kind of “digital fingerprint”, as a result of which operations can be tracked by IP addresses. Moreover, you can monitor transactions on the network through the block explorer.
This means that a significant part of the information is absolutely accessible to anyone interested. Unsurprisingly, in response to concerns about privacy, the number of technologies available to restore anonymity has increased. And today we’ll talk about one of these technologies – CoinJoin.
The idea of CoinJoin was proposed by Gregory Maxwell, and essentially CoinJoin anonymizes bitcoin transactions. CoinJoin allows transactions to remain closed thanks to a combination of coins. This is the process of adding transactions together, without the participation of a third party, for sending as a single transaction.
However, CoinJoin first interacts with a central provider that coordinates joint transactions. It also stores user information during the negotiation process. CoinJoin allows users to save on commissions — if you combine two transactions into one, then only one commission is charged.
Moreover, after merging, one CoinJoin transaction takes up less space than two separate ones and consumes less network work as a whole.
Basics of Bitcoin Transactions and Multisig
Since bitcoin transactions are a combination of UTXO, there is nothing in the source script to make CoinJoin difficult or atypical. A bitcoin transaction relates to one or more inputs and creates one or more outputs with the specified values. CoinJoins use multisig, therefore no person can have sole control over a transaction.
Each signature is independent of the other and is provided individually for each entry. Therefore, Bitcoin users can easily agree on cooperation and sharing costs. CoinJoin requires, by definition, more than one signature. Moreover, each entry is a way out of a past transaction. This means that for each input there is a separate signature (scriptsig). The previous signature was created in accordance with the rules of the specific past output (scriptpubkey). It is strictly forbidden for scriptpubkeys to use the same key for multiple inputs.
The design of the script allows you to make sure that even when transactions are sent from the same address, they will not be identical, and therefore there are no problems with multi-signature. As already mentioned, a Bitcoin transaction is essentially just a combination of the transactions that make up the new UTXO. Thus, it is possible to combine transactions from several accounts or people to make a new conclusion sent to one address.
The transaction is invalid and will not be accepted by the network until all signatures have been provided. As a result, CoinJoin can increase privacy. The main reason is that all senders require a required number of signatures. Thus, all parameters of the transaction must be agreed, otherwise one or more participants simply do not agree to sign it.
Another reason to increase the security and privacy of Bitcoin is the preservation of its functionality. Bitcoin is often seen as an interchangeable asset. Like gold, it is not of unique value. In the case of bitcoins, each transaction is unique, however, they are all evaluated and exchanged the same way. This is the basis for functioning in the same way as fiat currency. Non-replaceable token (NFT) is a token that represents something unique, which reduces interchangeability – each coin is evaluated differently.
Real estate can be an indispensable asset, as it has a relative value based on many variables. However, autonomy is becoming an increasingly serious problem, as more and more studies of specific uses of Bitcoin are being conducted. The problem is that if a certain transaction or a specific address is blacklisted, Bitcoin loses its functionality, because all bitcoins no longer have an interchangeable value.
Therefore, the desire to use the CoinJoin method, such as the Wasabi wallet, is a growing trend. The main argument is that most people use the currency for legitimate purposes, and therefore they should not suffer losses due to dishonest users. Therefore, making Bitcoin less traceable is an attractive goal for maintaining the value of the currency and user privacy.
Using mixers, the CoinJoin method, Bitcoin privacy is returned – it becomes simply impossible to follow the traces of transactions. But the problem with many mixers is that a trusted third party is required. Therefore, for security and simplicity, CoinJoin digital wallets are now available.
The private CoinJoin process is carried out using a Wasabi digital wallet. Wasabi is an open source Bitcoin wallet, not intended for storage, focused on privacy, which is created for your desktop. The wallet creates mixed coin transactions through Chaumian CoinJoin.
This wallet uses a verification type based on a central server that works anonymously using Tor and the Bitcoin P2P network. The idea of Wasabi is that you can combine transactions and not share personal information. Thus, when a joint payment is made, the input and output are not separated.
They are combined to act as one Bitcoin transaction. Using this method, the exact direction of the movement of money remains unknown to third parties.
How Wasabi Wallet Protects Transactions and Addresses:
- Each user’s wallet connects to other wallets using Tor. Connecting to other wallets makes it difficult to track IP addresses.
- Once the user is ready, he can add his coins to the “queue”.
- As soon as 50 wallets (current minimum) have joined the public queue, an unsigned bitcoin transaction is created.
- Before exiting the system, all users must verify the correctness of their entries and exits. Only after verification of reality does the process of affixing electronic signatures begin. At this point, all users must complete the multi-signal transaction.
- After collecting all the necessary signatures, the transaction is transmitted to the network.
Security Issues with CoinJoin
For CoinJoin, users must agree on the terms of the transactions that they want to join. Early services were centralized servers. These centralized servers required users to trust their coins to the service operator, since the transaction was first sent to a third-party provider.
The problem that users face is the risk of theft when the resource service coordinates the joint transaction. With centralized services, there is always a risk of confidentiality violation, since the service stores personal information. Newer projects are already decentralized and designed to circumvent the problems associated with centralization.
Thus, we see that using the CoinJoin method, it is becoming increasingly difficult to track IP addresses or blacklist users. Consequently, the level of security is enhanced. CoinJoin is built into the script design, so it does not require additional development.
It uses the multi-signature method as a basis, but offers more flexibility. Since collected transactions in CoinJoin are signed only after the script is considered valid, you do not risk losing your money and you can save on transaction fees.