Dean
Latest posts by Dean (see all)

Many people become interested in Bitcoin because of the financial anonymity that it can offer, but then quickly find out that the most common wallets leave a great deal to be desired when it comes to protecting your privacy.

Anybody can create a bitcoin wallet, and there are many different options out there which will let you do so without needing to provide personal details or (even worse) identity documents to a third party. To that extent, you are anonymous when you start using the network.

But as soon as you start making and receiving payments you are exposing the Bitcoin addresses that you use for anybody to view on the public blockchain. These addresses are like pseudonyms, or nicknames, which be used to identify you. If you use a HD wallet then this will automatically create new addresses for you each time you want to receive a payment. But it is still possible for a skilled observer to link these addresses together and work out that they all belong to the same person. What’s more, it may be possible for that observer – whether they be a thief, a corporate spy or an over-reaching government official – to find ways to associate your Bitcoin addresses with your real life identity. Once they do that, then all of your privacy is lost.

How Adversaries Invade Your Privacy

There are two ways that an adversary may associate your Bitcoin wallet and all of its transactions with your real word identity, even if you did not supply personal details to a wallet provider in order to create an account.

The first method is through tracking payments in and out of your wallet to places which require you to divulge your identity. For example, many exchanges require buyers to provide all of their personal details and often to verify those details by providing ID document. If you withdraw coins from an exchange where your identity is known straight to your wallet then anybody who follows that transaction knows that the wallet belongs to you. Of course not anybody can do this – only the exchanger and anybody they may share that information with, but it is still possible.

The second is through tracking your IP address when you connect to the Bitcoin network. This IP address is unique to you, and can be used to connect everything your computer does with you personally. If an adversary is able to tell from which IP address an transaction was first broadcast – something which is not exactly easy to do but is far from impossible – then they know who made it.

How to Set Up and Use an Anonymous Bitcoin Wallet

Solving the first problem, of people potentially being able to identify you through payments you receive from an exchange where you verified your identity is not too difficult. You simply need to use a ‘mixer’ or ‘tumbler’ when sending coins from the exchange to your wallet.

If you want to be totally sure that your wallet remains anonymous it is also best practice to keep your anonymous wallet for use only in more sensitive transactions. A second wallet can always be used, and topped up from the first (perhaps even using a mixer) if you make a lot of transactions with businesses (or people) who you can’t be sure won’t share your personal details with others.

Check out our article on how to use a mixer if you haven’t used one before.

The second problem requires that you use a wallet that will connect to the network via something like TOR or a VPN. Be careful in doing this, however, as some wallets are not safe to use over TOR. For example, the popular blockchain.info web wallet is not safe, and several users have suffered from theft as a result of using this service with the TOR browser.

There are two options which I think are worth taking a look at, one for phone users and one for desktop users.

Desktop Users: Electrum Over TOR

There is a great tutorial already available for this, which was posted to Reddit and where you can ask questions if you run into any difficulties: https://www.reddit.com/r/Electrum/comments/3bwyzf/how_do_i_route_electrum_through_tor/

Using Samourai Wallet on Android

Samourai is a new wallet which is currently only available as an ‘alpha’ release. This means that they can’t guarantee there won’t be bugs, and they warn you not to store large amounts of money in your wallet. But having said that, it seems pretty good for an alpha version to me. So although I definitely wouldn’t recommend you store your life savings in it, I don’t think you will encounter problems using it for a little bit of shopping.

You can install Samourai from the Google play store. In order to make increase your privacy protection you will also need to install ‘Orbot’ in order to route your connection through TOR. Go to Settings >> Network from the menu then check the box to ‘route via TOR’ to switch this option on.

Samourai has a couple of cool features for protecting your privacy. The first is ‘stealth addresses’, also called ‘payment codes’. Using this means that instead of sharing your regular BTC address you can share a payment code or stealth address, and anybody using a wallet which supports this feature can send to that address. When they send a payment it gets sent to a regular Bitcoin address – but the sender doesn’t know what Bitcoin address they are sending to!! This means you can share your stealth address openly on the internet without worrying that your privacy will be compromised.

There is also a very cool ‘stealth mode’ option. Switching this on means that all sign of your wallet will disappear from your device. To open it you will need to go to the phone dialler, enter a special pass code and then press call. This feels very ‘James Bond 007’ like, as well as enhancing both privacy and security.