Bitcoin Privacy and Anonymity
Table of Contents
- Bitcoin is built on a public and pseudonymous blockchain, which grants strong privacy to users.
- Several parties, including governments and chain analysis companies actively work to erode this privacy by analyzing the blockchain and using AML/KYC data.
- Bitcoin developers are working to build privacy preservation tools to help individuals maintain privacy while using Bitcoin.
Bitcoin’s Privacy Features
Anonymity is the quality of a person whose identity is unknown. Pseudonymity means an individual is using a fake name to identify themselves or their actions. Bitcoin is based on an open, publicly auditable database of transactions. All transactions send bitcoin from addresses to addresses, so anyone can determine how much bitcoin is held in every address. However, addresses are not inherently connected to any other information, such as a phone number, name, or physical address. Thus, addresses and the Bitcoin network are pseudonymous, rather than anonymous.
Pseudonymity enables Bitcoin users to maintain privacy while ensuring the ability to audit the full supply of bitcoin. If BItcoin were fully anonymous, it would be difficult if not impossible to ensure that no extra bitcoin were being created.
Deanonymization and Chain Analysis
Although Bitcoin is initially pseudonymous, several parties dedicate research and resources to eroding this privacy. Governments and chain analysis companies often work together to harm Bitcoin users’ privacy.
Know Your Customer and Anti-Money Laundering Laws
In most jurisdictions, regulations require all Bitcoin custodians, exchanges, and brokerages to collect and verify the personal information of their customers. Institutions must store this information in case the authorities request it in the future. When a client buys and withdraws bitcoin from the platform, their address is also noted by the platform.
Once a regulated custodian has access to their clients’ personal information, as well as their Bitcoin addresses, Bitcoin’s natural pseudonymity has been eliminated for those specific clients and their bitcoin.
Some brokerages and exchanges share client data with chain analysis companies, allowing both parties to track the history of a client’s funds before they deposit bitcoin and follow the funds after they have been withdrawn from the platform.
Chain analysis companies apply heuristics such as the common input ownership heuristic and the round amounts heuristic to attempt to track the ownership of bitcoin across transactions.
Because each bitcoin transaction can send from multiple inputs to multiple outputs, analysis is required to estimate which bitcoin was sent to which address. For example, if Alice has two UTXOs worth 0.5 BTC and 0.7 BTC and wants to send Bob 1 BTC, she can create a transaction to do so.
Note: This transaction pays a 0.001 BTC fee to miners, calculated by the difference between the sum of the inputs and the sum of the outputs.
There are several privacy problems with this transaction, despite the fact that the two outputs of 1 BTC and 0.199 BTC are both sent to new addresses with no connection to the addresses of the inputs or Bob or Alice. An observer who knows that Alice owned the two inputs can easily interpret this transaction and determine that Alice is the recipient of the 0.199 BTC output. To do so, they would apply heuristics and some simple logic.
Round Amounts. Since exactly 1 BTC is being paid to the first output, that is more likely to be an external payment from Alice to some other party. It is safe to assume that Alice does not own the first output.
Change Amount. If the 0.199 BTC were a payment, Alice would not have needed to include both inputs. She could have created the transaction with one input of 0.5 BTC and two outputs of 0.199 BTC and 0.3 BTC. Thus, the second output is likely the change output.
For chain analysis to be useful, it must be combined with some reliable starting data, such as the ownership of certain UTXOs or addresses. KYC/AML compliance by custodians and exchanges provide this starting data. If the ownership of a specific UTXO is known, when that UTXO is spent, chain analysis can attempt to determine whether it was sent to another party or it was sent back to the same owner.
Restoring Bitcoin Privacy
Know Your Customer and Anti-Money Laundering laws and chain analysis are harmful to Bitcoin privacy and, by extension, Bitcoin fungibility. However, many developers are actively working on ways to make chain analysis heuristics obsolete and ensure that Bitcoin users can continue to transact pseudonymously.
Additionally, off-chain protocols such as the Lightning Network, Liquid Network, and others offer the ability to execute Bitcoin transactions without publishing data to the Bitcoin blockchain.
Build your Bitcoin wealth with River
No-fee recurring buys