Using Stowaway For Bitcoin Privacy – Bitcoin MagazineFebruary 23, 2021
Animated cover image by @artdesignbySF.
When it comes to defensively guarding the privacy of Bitcoin users, Samourai Wallet has been on the bleeding edge for many years, bringing new features and improvements to users that help achieve anonymity through Whirlpool, its CoinJoin implementation, and to maintain privacy with spending tools like Stowaway, Stonewallx2, Ricochet and PayNyms. Samourai Wallet is also the only Bitcoin wallet to date that has implemented BIP 47.
Additionally, it recently implemented the app-agnostic, Tor-based communication layer Soroban. Soroban brings tremendous UX improvements to users engaging with its collaborative transaction framework, “cahoots,” with tools like Stowaway and Stonewallx2. (Read more about Cahoots transactions and the UX evolution of building the transactions manually versus using Soroban here.)
Maintaining privacy while using Bitcoin requires paying close attention to the way your transactions are being built; which inputs are being used and what kind of history your inputs are bringing with them. Common input ownership heuristics (CIOH) are used by chain analysis companies to surveil Bitcoin users. These heuristics make the assumption that when there are multiple inputs to a Bitcoin transaction, those inputs belong to the same entity. Techniques can be used to break these assumptions, thus rendering the ability of a chain analysis company to maintain such assumptions utterly indefensible.
One technique used in the fight for privacy is a tool brought to you by Samourai Wallet called Stowaway. When someone wants to enhance their privacy while sending bitcoin, they can choose to use Stowaway, which will obfuscate the amount of bitcoin being sent in the transaction.
For example, if Bob wants to send Alice a Stowaway transaction of 0.015 bitcoin, they will both collaborate by providing inputs to the transaction. Then, one output will be given back to Bob as his change and the other output will be given to Alice with her contribution and payment. However, none of the inputs or outputs will match the 0.015 bitcoin amount.
It is necessary for Alice and Bob to communicate the timing of their transaction out of band, meaning that, in the examples below, Bob will have contacted Alice using a communication method outside of the Samourai Wallet application, such as a phone call, an end-to-end encryption text, a secure email, etc.
To an external observer of Alice and Bob’s transaction, there is no way of determining the actual amount that was sent. The external observer can also no longer make any assumptions about the ownership of inputs and outputs to the transaction. When the external observer looks at Alice and Bob’s transaction on-chain, this is what they will see:
Cahoots transactions can be built between collaborators using Soroban, which makes the process much faster and smoother. Soroban communications happen over Tor. Here is a video example of Alice and Bob’s Stowaway transaction (this video can also be found on Samourai Wallet’s YouTube channel here, and with Spanish subtitles here.)
Alice and Bob have enhanced their privacy by breaking the common input ownership heuristics. Now, any multi-input transaction being looked at by a chain analysis company must be considered to have been a cahoots collaboration.
Here is a detailed Stowaway infographic designed by @BitcoinQ_A, which can also be found here among many other great resources:
Learn More With #GretasFury
There is growing interest from the Bitcoin community in privacy enhancing tools like Stowaway, PayNyms and BIP 47. On February 28, 2021, a group of Bitcoin privacy advocates launched operation #GretasFury. Designed to interrupt common input ownership heuristics by passing a payment torch of 1 sat transactions using Stowaway, operation #GretasFury brought together dozens of users from around the world. Each collaborator anonymously participated in the torch passes by using their PayNyms. Each Stowaway transaction that was made utilized Soroban communications over Tor. Participants managed the timing of their transaction with out-of-band communications over applications like Telegram and Matrix.
Operation #GretasFury was organized by @biTcOinEneMiEs who maintains bitcoinenemies.com, an awesome self-hosted website focused on sharing Bitcoin related privacy resources, projects, and community engagement. Operation #GretasFury was a terrific way to motivate people to try out some of the available privacy tools in a way where there was a lot of community support and many seasoned participants available to answer questions and not only pass the 1 sat torch but to pass the torch of knowledge to new users.
Various sponsors donated prizes to the event to generate a sense of friendly competition as well.
I had a chance to ask @biTcOinEneMiEs a few questions about the event and here is what we discussed:
What made you want to put operation #GretasFury together?
We had a lot of fun with PayNym Torch. BIP 47 changes bitcoin UX in a profound way. When Soroban was released by Samourai Wallet, it presented an opportunity to pass a PayNym torch without the commit transaction.
Soroban also eliminated QR code workflow for Stowaway and Stonewallx2 transactions. That was a much bigger deal. These transactions are nothing new, but suddenly a massive friction is gone. Without going into all of the reasons why cahoots transactions are amazing, we had to follow it up. If you thought PayNyms were cool, wait until you try them with Soroban and cahoots without a commit transaction.
Who were your sponsors?
This all transpired in Keybase’s tx_tricks in December. The group did its first Soroban Stonewallx2, and the idea of a torch came shortly after. We kicked around some ideas before @SamouraiDev inspired us with the 1 sat Stowaway.
We didn’t contact sponsors until a couple of days before launch. I wasn’t sure what we’d really get but it was a massive outpouring of support, no questions asked. Fifteen different sponsors have contributed already. Big thanks especially to Mamushi Mobile for the Copperhead Pixel, Ronin for its new node and Foundation for two of its new Passports. These guys have really upped the excitement around #GretasFury.
How many participants and passes of the torch have you seen?
We’ve had 33 participants and 83 passes.
Why should people care about common input ownership heuristics?
These are techniques used in chain analysis. The most nefarious use them everyday. False positives are rampant, but this won’t prevent the analysis from being used until it stops working for more than just the criminals. Average people need to say no as well.
CIOH can be crushed. The people that need to do so already are. It’s within our grasp too, with tools like Soroban Stowaway. An average Joe can pull that off today.
#GretasFury lets us learn this in a fun way, and together, send the signal of just how worthless CIOH are to catching bad guys.
In conclusion, use the tools. There are some amazing resources out there that significantly improve your privacy and help you achieve and maintain your anonymity. It is a lot easier to form good habits from the beginning rather than trying to break bad habits down the road. If you are new to Bitcoin, I encourage you to really think about the advantages of keeping your KYC out of Bitcoin and defensively guarding your privacy.
To learn more about the tools Samourai Wallet offers, check out its website or engage with the Samourai Wallet community on its Telegram channel. Or, if you’re interested in getting an overview of the Samourai Wallet and Ronin Dojo full stack, check out this guide.
A version of this article can be found on Twitter as a thread here.
Source: Read Full Article