By Bitcoin 杂志 - 1 年前 - 阅读时间:13 分钟
如果可以的话追踪我 — 如何追踪 Bitcoin 前瞻性的匿名设置发挥作用
Whirlpool gives a certain level of privacy when using bitcoin, and forward-looking anonymity sets are a measure of how well hidden you are.
让我们谈谈 Whirlpool “前瞻性匿名集”——你躲在其中的人群。
迄今为止,您可能熟悉 Whirlpool CoinJoin 实现,该实现可在 Samourai钱包 移动应用程序,或 麻雀钱包 desktop app. When you participate in a Whirlpool CoinJoin you gain privacy by collaborating in a multiparty transaction which leaves anyone looking on-chain scratching their head while trying to decipher where your bitcoin 走了。
A Whirlpool CoinJoin is just like any other bitcoin transaction, made up of inputs and outputs. However each input is provided by a different bitcoin wallet, and each output is returned to one of the participating wallets. This transaction is organized by Samourai Wallet’s central Whirlpool coordinator, all the time without the coordinator knowing which input belongs to which output (“blinded”), and without you ever giving up custody of your bitcoin.
Let’s say it’s the end of the month and I’ve just been paid by my employer. Before I spend any of my bitcoin I first wish to use Whirlpool to gain some forward-looking privacy. After all, the bitcoin blockchain is a public ledger and I feel it my right for my employer to not know what I get up to in my private life, including them knowing my spending habits.
我进入 Whirlpool,提供其中一个输入并参与如下所示的交易:
在链上观察,不可能确定五个输出中的哪一个是我的。 之所以“不可能”,是因为交易的输入端和输出端之间的所有确定性链接都被破坏了。 因此,如果我的鬼鬼祟祟的雇主决定在我拿到工资后试图监视我的消费习惯,他们会看到我已经“进入”了惠而浦,现在不得不假设我躲在五个人的人群中,正确的? 好吧,我实际上可能躲在超过五人的人群中。 进入惠而浦前瞻性匿名集……
Whirlpool 前瞻性匿名集
When you use Whirlpool, depending on the pool size you choose, your bitcoin is broken up into smaller pieces in one of the following denomination sizes: 0.5 BTC, 0.05 BTC, 0.01 BTC, or 0.001 BTC. Due to Whirlpool’s architecture, outputs which remain in these pool denomination sizes are free to be remixed at no additional cost to the user (more on that later).
在我第一次混音后,如果我或我的一个混音同行重新混音,我隐藏的人群(前瞻性匿名集)从五个增加到九个。
我的等量输出 UTXO 不需要为我躲藏的人群重新混音。 无论是我重新混合的 UTXO 还是我的一个混合同行,都无法在链上告诉第一次混合中的哪个 UTXO 已被重新混合。 现在有九个相等的输出连接到我的第一个混音,所以我的间谍雇主不得不假设我可能是其中的任何一个。
下一张图展示了我隐藏的人群如何在没有我重新混合的情况下增长。 在我第一次混合后,我的 UTXO(红色圆圈)保持在 Whirlpool 池面额大小,并且没有被重新混合。 然而,我的两个混音同行继续混音,现在还有四个与我的第一个混音相关的 CoinJoin。 为了计算我的新的前瞻性匿名集,我将在这里计算等输出的 UTXO(橙色圆圈)加上我自己的等输出的 UTXO(红色圆圈),我得到了 21 个人群。
在链上,橙色圆圈与我的红色圆圈无法区分,因此如果我的雇主希望在“进入”惠而浦之后追踪我,他们将不得不追踪所有 21 条不同的线索。 即使他们试图密切关注,他们也无法确定我是 21 个 UTXO 中的哪一个。
混音如何免费?
在进一步讨论前瞻性匿名集并查看一些现实世界的例子之前,对于没有经验的人来说,有必要详细分析一下 Whirlpool 中混音是如何免费的。
当您第一次“进入” Whirlpool 时,您的 Samourai 或 Sparrow 钱包会广播所谓的“零交易”,简称 Tx0。 这是“跳入池中”之前的预交易,它做了三件事:
在以下区块浏览器中查看这个真实世界的 Tx0:
Transaction ID: bcb4d9dfde37215f2ede6142c651981e22f70e549c03cd341a71dffe8b2dce57
kycp.org oxtme (double-click on the blue circle to expand the transaction, then zoom out)内存池在下图中,请注意在此 Tx3 中创建了 0 个预混 UTXO,所有这些都归同一个钱包所有,并且注定要在 0.001 池中混合。 另请注意,这些 UTXO 中的每一个都比所选的池大小略高一些。 保持这个想法!
It’s worth mentioning here a highly important aspect of a Tx0; management of Doxxic change. Doxxic change is your bitcoin which still holds any previously associated history, however is too small to be Whirlpooled1. The Tx0, by design, returns the Doxxic change to a different area in your wallet than your bitcoin which has been mixed. This means it is impossible to shoot yourself in the foot by accidentally creating a transaction in the future where you spend your mixed bitcoin in the same transaction as your Doxxic change. Doing so would unwind the privacy benefits of CoinJoining.
现在你可以混合了。 Whirlpool 协调员会逐一选择您的预混 UTXO 参与他们的第一次 CoinJoin。 您的预混 UTXO 之一将是 CoinJoin 交易中的五个输入之一。
The Whirlpool coordinator also organizes a second pre-mix UTXO to participate (“peer pre-mix UTXO”)2. This additional peer pre-mix UTXO is from another user’s wallet which has just gone through the same process you have when you entered Whirlpool. Remember how when you create your transaction zero your bitcoin is broken up into multiple pool-size denominated UTXOs, plus a little extra? Well if you add up the “little extra” of the pre-mix UTXO and the peer pre-mix UTXO, that is what pays the miner fees for the CoinJoin transaction. In the graphic below the amount to be paid to the bitcoin miners is 907 sats plus 907 sats, totaling 1,814 sats.
现在是混音器大放异彩的时候了。 Whirlpool 协调器随机选择三个重新混合的 UTXO,它们已经进行了第一次混合。 三个重新混合的 UTXO 分别存放在各自的钱包中,重要的是仍保留在 Whirlpool 的“未使用容量”中,因为它们的所有者没有使用它们。 只要他们关联的钱包与 Whirlpool 协调员在线通信,他们就有资格进行混音。
所以回顾一下:
Your pre-mix UTXO: pays for CoinJoin miner feesPeer pre-mix UTXO: pays for CoinJoin miner feesRemixing UTXOs: participates in the CoinJoin for free (also termed a “freerider”)Once the CoinJoin has been organized between five separate wallets, the transaction is broadcast to the Bitcoin network automatically. Five inputs into the transaction have been destroyed, creating five fresh indistinguishable equal outputs. All equal outputs are now eligible for remixing if their owners so please.
尽管重新混合的 UTXO 被称为“搭便车者”,但它们是 Whirlpool 架构不可或缺的一部分,不仅为支付 CoinJoin 交易矿工费的预混币者提供前瞻性匿名性,而且还增加了为其设置的前瞻性匿名性。以前的混合同行。
同样重要的是要注意,您的 UTXO(无论是预混合的还是重新混合的)将始终混合在它们自己的 CoinJoin 交易中。 您钱包中的多个 UTXO 永远不会在同一个 Whirlpool CoinJoin 交易中混合在一起,因为这提供了最好的匿名保证,并且还可以防止用户或实体 Sybil 攻击 Whirlpool。
TLDR:新的流动性“进入” Whirlpool 涵盖了每笔 Whirlpool CoinJoin 交易的采矿费。 那些已经“进入” Whirlpool 并经历了他们的第一次混合(支付固定池费和矿工费)的 UTXO 不会再支付一个 satoshi 来参与混合,只要他们保持在他们的池面额大小/未使用容量内.
惠而浦前瞻性匿名集(续)
理论一切都很好,但作为 Whirlpool 用户,您如何计算您隐藏的人群规模? 尝试使用 OXT 的交易图可视化工具 搜索您的第一个混合 CoinJoin 交易,然后:
将橙色线相加以获得您的前瞻性匿名集(在下面的示例中为 33)。
This works well for smaller numbers, but Whirlpool mixes occur frequently (average of 211 mixes per day in the 0.001 pool so far during 2022). Manually counting forward-looking anonymity sets can quickly become impossible. Queue Whirlpool Stat Tool ...
Whirlpool Stat Tool
惠而浦统计工具 was made by the Samourai Wallet developers to allow users to verify themselves the anonymity sets which are achieved by using Whirlpool. Using a set of python scripts, it quickly calculates the forward-looking anonymity set for you. Enter in a transaction ID for your first mix and it'll tell you the size of the crowd you're hiding in since your Whirlpool CoinJoin occurred.
因为我运行一个 RoninDojo 节点, Whirlpool Stats Tool 已预先安装且易于使用,请按照其上的指南进行操作 维基.
在过去的 93 天里,使用该工具,我一直在监控这个 Whirlpool CoinJoin 交易 ID 的前瞻性匿名集:
1fed0d526e89cd3f2ac14be0cfc1fe13e5cb8a772977551f0922f0c6907ab8f3
Let's see how large the crowd its participants are hiding in is:
混合后 28 天:前瞻性匿名集 = 1,644
混合后 35 天:前瞻性匿名集 = 6,722
混合后 93 天:前瞻性匿名集 = 35,214(如下面我的 RoninDojo 上的 Whirlpool Stats Tool 所示)。
Hiding in a crowd of 35,000 it is now impossible (dare I say it) for anyone, including a chain surveillance company, to determine where the original mix participant's bitcoin is. Perhaps they've already left Whirlpool and spent their bitcoin, or maybe they have stuck around to get free remixes.
我发现这个特定交易 ID 的有趣之处在于,在撰写本文时, 其中一项产出仍未使用 (就像前面图形的红色圆圈一样)。 自 728,735 年 24 月 2022 日交易被确认进入区块 XNUMX 以来,这种未使用的输出一直保持这种状态。
Even though this UTXO has not moved, it has benefited from Whirlpool's architecture as three of the other participants went on to remix. This allowed this unspent output of 0.001 BTC to gain a larger forward-looking anonymity set without remixing itself. If none of the outputs from this transaction went on to remix, the forward-looking anonymity set would remain at five.
It's important to remember that all deterministic links are broken after one mix, but you get greater privacy benefits if you, or other peers remix. Let’s look at some more forward-looking anonymity set stats from some CoinJoins ...
更多惠而浦前瞻性匿名集示例
交易ID:
c0f11a33a3f2470bb4252c155ced5eb670aaf0ed2f0eef8674dc90c52905860d
混合后两天:前瞻性匿名集 = 77
交易ID:
5f5631356692b4744413a61b4e91c41c3df5ae376b66990052a8628b570e8353
混合后 380 天:前瞻性匿名集 = XNUMX
交易ID:
901f20a383189c496a8774eb8cafeaa956f8c3393ee41701f163c0c2acf54286
混合十天后:前瞻性匿名集 = 1,466
隐私农业
进入 Whirlpool 后,您的第一次混币很快,您参与的 CoinJoin 已按照设计通过打破所有确定性链接工作。 现在,您渴望获得一些免费的混音,但想知道“我可以在一周内获得多少混音?” 这是惠而浦新用户提出的一个常见问题,他们天真地只根据每个 UTXO 参与了多少混合周期来计算他们的隐私收益。
混音当然会增加您自己的前瞻性匿名集,但不要忘记其他混音同行也会增加您的前瞻性隐私。
“但一周内我能期待多少次混音?!” 在回答之前,我们需要考虑以下几点:
New users who enter Whirlpool pay for the CoinJoin cycle. So only when new liquidity comes into Whirlpool do you have a chance at remixing.Other users (“freeriders”) are also waiting to get free remixes. The Whirlpool coordinator selects freeriders at random to participate in remixes, so there is somewhat of a competition as everybody wants to be picked.Each Whirlpool pool size has different behavior characteristics.让我们一一探讨。
以下是 2022 年每个池大小的每周 CoinJoin 循环频率。
不出所料,就循环计数而言,0.001 BTC 池是最活跃的池。
每个游泳池有多少自由骑手比赛? 要获取此统计信息(以及包括循环频率在内的许多其他统计信息),您可以使用 电报漩涡机器人.
For each CoinJoin the Whirlpool coordinator picks three freeriders at random to participate.2
作为一个搭便车者,在较小的矿池中竞争更加激烈,CoinJoin 周期更加频繁。 较大的池具有相反的、较少的搭便车竞争,较少的 CoinJoin 周期。
最后,让我们根据 Whirlpool 的历史使用情况来思考每个池的行为特征。 如果您已经使用 Whirlpool 一段时间了,您可能会注意到较小的池在日常使用中最为一致,并具有稳定的流动性。 如果我猜的话,这是因为它们是最低的进入门槛,最有可能用于日常消费。 另一方面,较大的水池虽然几乎从不平静,但会看到更大的新流动性高峰和低谷——下雨时,它就会倾泻而下。
所以现在你明白了,你在一周内看到的重新混合取决于新的流动性进入 Whirlpool、协调者的随机选择以及你使用的池大小的特征。 根据 2022 年迄今为止 Whirlpool 的平均使用量,您的钱包每周可能会收到 5-25 次混音。 虽然协调员的选择是随机的,所以理论上你可以得到更少或更多,这仍然被归类为正常。
One way to consider all of this is that awaiting remixes is like yield farming for bitcoin privacy, and those who are patient and continue to keep their bitcoin remixing until they need to spend in the future are being paid interest in the form of increased anonymity. Patience pays.
有资格混音 24/7
要成为一名搭便车者,您会希望您的钱包能够与惠而浦协调员 24/7 保持联系。 这样,当混音即将发生时,您就有机会被协调员挑选为混音器。 因此,您需要执行以下操作之一:
让 Whirlpool 服务屏幕在您的 Samourai 钱包移动应用程序. This is the least practical and some Android devices can kill background services, so some but not all users have positive results achieving remixes this way.Run the Whirlpool GUI 桌面应用程序 on your computer (linked to your Samourai Wallet). This is by far the lowest barrier to entry option for Samourai users, and has greater reliability for connections over the Tor network. By leaving your computer turned on, with the Whirlpool GUI desktop application running, you’re eligible for remixing.Run a RoninDojo 节点. After linking your Samourai Wallet to your node’s backend, you can turn off your phone or computer and you’ll always be eligible for remixing. A slightly larger barrier to entry, but the benefits far outweigh the hurdles.Mix on the 麻雀钱包桌面应用. Sparrow 于 2021 年 XNUMX 月将 Whirlpool 集成到他们的钱包软件中,与 Samourai Wallet 用户共享相同的流动资金池。 Sparrow 具有丰富的其他功能,还允许您混合到冷库。 要获得混音资格,请确保您的计算机保持在运行 Sparrow 应用程序的状态。Whirlpool 未使用容量:Whirlpool 成功的真正衡量标准?
Whirlpool unspent capacity is the current amount of bitcoin which has mixed, not been spent and is eligible for remixing. You can monitor this metric in 克拉克穆迪仪表板:
您还可以使用 Bitcoin KPI的 website. To me the Whirlpool unspent bitcoin value is interesting, and with it remaining above 4,000 BTC for the last seven months shows a level of confidence in Whirlpool and Samourai/Sparrow’s wallet software. What I find more interesting is the volume coming in and out of Whirlpool over the last 30 days (shown in Clark Moody’s dashboard as “Tx0 Volume” and “Spent Cycle Output” respectively). This is what feeds the privacy gains that Whirlpool provides, for both the new liquidity entering, and the freeriders remixing, even if there is a deficit between the two values. Samourai Wallet is branded “a bitcoin wallet for the streets,” and their founders are advocates of actually using bitcoin rather than “HODLing to the grave.” Monitoring these large flows of bitcoin go in and out of Whirlpool shows there is demand for forward-looking privacy when making on-chain transactions, of which Whirlpool is successful in achieving for its users.
Care About Your Bitcoin Privacy? Read More
The Easiest Way To Whirlpool Your Bitcoin And Preserve Privacy – Bitcoin Magazine article by Econoalchemist.
Bitcoin Privacy Series – 七个简短的介绍性视频。
理解 Bitcoin Privacy with OXT – 由四部分组成的系列文章。
尾注:
1.为了描述本文中的漩涡流,这点做了简化。 如果您尝试汇入 Whirlpool 的金额超过 Whirlpool 协调员规定的最大限额,也可能会向您退还零钱。 扣除协调池费用输出,0.001 BTC 池有 25 x UTXO 最大 Tx0 限制,0.01 BTC / 0.05 BTC / 0.5 BTC 池有 70 x UTXO 最大 Tx0 限制。
2.为了描述本文中的漩涡流,这点做了简化。 虽然 Whirlpool CoinJoin 交易由两个预混合 UTXO 组成是最常见的,但 Whirlpool CoinJoin 交易也可能由三个预混合 UTXO 组成。
This is a guest post by Brother Rabbit. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin 杂志。
原始来源: Bitcoin 杂志