Bitcoin’s privacy is getting better, but does it pose an existential threat to anonymous cryptocurrencies?
It's no secret that Bitcoin isn't actually anonymous, despite what various outside observers of crypto might claim. It is, in fact, pseudonymous, as its transactions are vulnerable to being traced to specific individuals by governments and intelligence agencies with enough determination and knowhow. However, in recent months, the privacy it offers users has been steadily increasing, given that a number of coin-mixing services and add-ons are successfully providing more and more users with the anonymity that Bitcoin itself doesn't quite furnish on its own.
But with Bitcoin's improving privacy, the possibility emerges that it could end up weakening the position of dedicated privacy coins, such as Monero, Zcash and Dash. If Bitcoin offers anonymity and also a superior store of value, it could potentially cause the popularity of such altcoins to wane to the point where they see less usage, less community support and less growth. In other words, it's possible that Bitcoin is becoming an existential threat to such privacy-enhancing coins.
However, not only would this be a worst-case scenario, but developers on both the Bitcoin and altcoin sides of the equation believe that it's highly unlikely. On the one hand, numerous privacy coins offer technological advantages over Bitcoin, even when Bitcoin is benefiting from mixing services. But on the other, the cryptocurrency market is not a zero-sum game, and there is enough space for more than one coin to maintain popularity and a wide user base, especially because Bitcoin — even with enhancements — still isn’t as private as certain rivals.
Bitcoin's march toward greater privacy
As anyone who followed the Silk Road/Ross Ulbricht saga knows, Bitcoin transactions and wallet addresses can be pinned to particular people, given enough detective work. In 2014, for instance, researchers at Pennsylvania State University managed to map the IP addresses of over 1,000 Bitcoin wallets, doing so by analyzing the Bitcoin network's data flow and looking for isolated transactions from single IP addresses. It has also been suggested via leaks that the National Security Agency (NSA) can identify Bitcoin users by processing internet traffic in bulk.
But while this suggests that Bitcoin's privacy isn't perfect, a range of services and plug-ins have been made available over the year that ramp up its protection of user identities. And one of these — CoinJoin — recently celebrated its first-ever 100-person transaction, which was facilitated by the privacy-focused Wasabi Wallet. For those who aren't familiar with such mixing protocols, they basically combine numerous Bitcoin payments into a single transaction, so that it becomes difficult to disentangle who exactly sent what and to whom.
According to the Wasabi Wallet, mixed transactions constituted 4.09% of all Bitcoin transactions as of April, with the total having increased by over 300% in only nine months. It would therefore seem that mixers are becoming more popular and are getting better at mixing larger numbers of transactions together. Combined, this could create a virtuous circle, with improved services attracting more users, and more users leading to improved privacy.
Mixing services such as CoinJoin aren't the only emergent tech that Bitcoin is likely to use to increase the privacy it offers the public. For one, there's also Dandelion, which according to its GitHub page is "a transaction routing mechanism that provides formal anonymity guarantees." It does this by preventing deanonymization, which occurs when a bad actor uses the delay in the transmission of transactions to the Bitcoin network to link these transactions to IP addresses. Put simply, it removes the risk of this by routing transactions over randomly selected paths, so that they can't be linked to specific IP addresses when being transmitted to the network. And according to its authors (who include researchers from Carnegie Mellon and the University of Illinois), by doing this it "provides near-optimal anonymity guarantees among schemes that do not introduce additional encryption mechanisms."
Alternatively, there's also MimbleWimble, a protocol that uses a combination of zero-knowledge proofs and mixing to enable "transactions that are completely opaque but can still be properly validated." It has already been implemented by the new altcoin grin, and it's likely that some implementation of it could become an optional extra for Bitcoin in the future. And even if it isn't, one new privacy-enhancing technology that almost certainly will be added to Bitcoin in the near future is Schnorr signatures. Primarily, these improve Bitcoin's scalability by aggregating multiple transaction signatures into one, but they also have positive privacy implications, since they make it easier and cheaper to use mixing services such as CoinJoin.
Bitcoin developers agree with this view, suggesting that the cryptocurrency's much wider pool of users could make it more private than its privacy-focused rivals, at least in practice, as Bitcoin Core developer Ryan Havar told Cointelegraph:
"A lot of the privacy coins offer better 'technological' advantages, yet from a practical point of view can be a lot less private. Simply put, there's a lot more bitcoin users, and use cases. So if you can 'hide' in the crowd of bitcoin users, it's a much bigger crowd than say ZCash."
In addition to Bitcoin's improving privacy, a crackdown has been launched against privacy coins in various corners of the globe. For instance, in March, the French National Assembly's finance committee proposed a ban on anonymous cryptocurrencies such as Monero and Zcash, with the committee's head, Eric Woerth, addressing the subject in the proposal's forward, which translates to read:
"It would also have been appropriate to propose the prohibition of the dissemination and trade of crypto-assets to guarantee complete anonymity by preventing, by their design, any identification procedure. This is the case of a number of crypto-assets (Monero, PIVX, DeepOnion, Zcash...) whose purpose is to circumvent any possibility of identification holders. To date, regulation has not gone so far."
This proposal was only one instance in a range of actions and developments that will potentially hurt privacy coins, or at least limit their use. The South Korean exchange Korbit delisted five privacy coins in May 2018, following in the footsteps of the South Korean government's ban of anonymous cryptocurrency transactions.
Also in May that year, the Japanese exchange Coincheck delisted four privacy coins, while the Japan Virtual Currency Exchange Association recommended that its members follow suit. And like their South Korean counterparts, these bodies acted in this way in response to new government guidelines, which effectively banned such coins.
There are also bans or inklings of bans on anonymous transactions in other nations and areas, such as Taiwan, the Netherlands, the Europmean Union, and even the United States (or at least, Texas). In theory, such prohibitions will hurt privacy-enhancing add-ons for Bitcoin, as indicated by how mixing service Bestmixer was shut down by Europol in May.
However, many add-ons are open-source and decentralized, and so can't be shut down in any obvious way. In addition, Bitcoin can still continue to operate legally even if anonymizing services or protocols are outlawed, while anonymity is built into Monero, Zcash and their ilk, meaning that they'll be targeted directly by authorities. As such, it's likely that more users will be driven toward Bitcoin, since they'll know they can use it on any regulated exchange, and that they can still make occasional use of additional privacy features whenever might they need them.
Light vs. heavy privacy
Overall, the situation doesn't look too good for privacy coins, although with Monero still being the 13th most valuable cryptocurrency by market cap, you'd struggle to find any immediate proof of a decline in favor of Bitcoin, even if it was the ninth most valuable crypto in early November.
But while there's a possibility that Bitcoin might take away some of the edge from anonymous cryptocurrencies, it's not necessarily the case that Monero, Zcash and other coins will even come close to fading into obscurity.
Asked whether the recent 100-person CoinJoin on Wasabi Wallet was a sign that Bitcoin would make privacy coins irrelevant, Havar replied, "No, not really. Firstly, it's not zero-sum, and I doubt Wasabi will be widely used as it's expensive and opt-in."
More damningly, experts associated with privacy coins argue that, while they boost Bitcoin's privacy to an extent, protocols such as CoinJoin don't really come close to providing the kind of anonymity offered by the privacy coins. For example, Ian Miers, a Zcash founding scientist, explained to Cointelegraph via email that CoinJoin doesn't make it impossible — or even especially difficult — to link Bitcoin transactions to specific identities:
"CoinJoin does not offer meaningful privacy for customers and companies. Zcash shielded transactions do. Coinjoin effectively adds a small amount of uncertainty over the source of funds. In effect, it adds some noise. However, it is very easy to remove this noise by looking at multiple transactions and patterns. In fact, most of AI and machine learning is extracting signals from noise and it keeps getting better."
Miers doesn't stop there, going on to suggest that mixing services like CoinJoin can't prevent the profiling and tracking of users:
"For example, if a Starbucks accepted payments using CoinJoin, one could still learn how many customers they serve each week and how much they spent. If a democracy activist solicited donations on a pseudonymous Twitter account using CoinJoin they could easily be identified and detained. If they cash out through an exchange controlled or compromised by a hostile government, then their identity can be learned simply by them being paid multiple times by that government."
"These are not reasonable issues for a privacy system to have," Miers concludes, adding that CoinJoin doesn't scale very well at the present moment in time, is expensive if used extensively, and would clog the Bitcoin blockchain if adopted by a majority of BTC holders. And while defenders would point to Schnorr signatures, Dandelion and even MimbleWimble as future hopes for bitcoin's privacy, it's worth remembering that these aren't close to being implemented yet.
And from one perspective, this is unfortunate, because even if some might suppose that cryptocurrencies need to be absolutely transparent in order to legitimize themselves, it's arguable that the reverse is necessary if Bitcoin or any other crypto is to become a bonafide and widely used currency — especially when privacy is becoming an important concern for an increasing number of people. Regarding this, Bitcoin Core developer Nicolas Dorier believes that:
“The need for privacy is growing as a counter reaction to repression. When a user once get his coins on some exchange frozen without any recourse, when his exchange is over complying from fear of regulators, the only defense this user has is to mix his coins for the next time. This distrust the user has on exchanges and payment processors is the source of appeal to privacy.“
Havar agrees with Dorier’s views:
"I think improving bitcoin's privacy is important for its survival. The lack of privacy directly attacks bitcoin fungibility, which is what makes bitcoin a useful currency."
This lack of fungibility could be a big problem for Bitcoin as it moves forward and tries to make the all-important jump to mainstream use. But on the other hand, it could be a boon for privacy coins, which, despite being curtailed on a number of exchanges, could end up being widely used as actual currencies, rather than primarily as digital assets.