CoinJoin: Increasing Your Privacy on Bitcoin!

Privacy is one of those things that we only value when we lose it, especially when our information is used against us, right?

However, privacy is not limited to extreme contexts or dictatorships.

It is likely that your ID, telephone number, and address have already been exposed due to a bank or company’s negligence in adequately protecting customer data, putting you at risk as third parties can take advantage of this information.

This is why privacy plays a key role as a prevention and security measure, especially in Bitcoin. However, what few know is that it is possible to use the Bitcoin network both publicly and privately, depending on how you use it.

That said, in this article, we will discuss one of the main privacy tools associated with Bitcoin: CoinJoin.

Bitcoin is traceable

Many believe that Bitcoin is anonymous, with transactions being secret and untraceable.

However, the reality is different: Bitcoin is completely transparent, meaning that anyone can verify the transactions, addresses, and amounts involved in real-time on the network.

When you withdraw Bitcoin from an exchange that has your data (KYC – Know Your Customer), that exchange and regulators (government bodies) can map and track all movements of that transaction. It’s as if every bill you withdraw from an ATM has your name and account number printed on it.

Bitcoin’s transparency is a benefit, not a problem.

Transparency fosters confidence in the system, providing predictability in both payments and monetary policies. This clarity allows Bitcoin to function as a new type of money, independent of intermediaries, banks, or governments.

However, privacy is something that each user must ensure on their own. This requires care and the use of tools and strategies to minimize exposure during transactions.

Therefore, one such strategy is CoinJoin, a Bitcoin mixing technique.

Let’s understand more about what CoinJoin actually is.

What is CoinJoin?

CoinJoin is a method implemented to improve the privacy and anonymity of Bitcoin users.

Basically, CoinJoin is a method of merging multiple Bitcoin transactions with the aim of obfuscating the origin and destination of funds. It is a way of combining multiple transactions from different senders into a single transaction, making it difficult for outside observers to determine who sent Bitcoin to whom.

The idea for CoinJoin was launched in 2013 by Gregory Maxwell, a Bitcoin developer and contributor. He proposed this technique as a way to improve privacy in Bitcoin transactions without the need to change Bitcoin’s base protocol.

Since Maxwell’s proposal, several implementations and services based on the CoinJoin concept have emerged, including:

• Wasabi Wallet,
• Samurai Wallet
• e JoinMarket

All of them focused on providing privacy tools for Bitcoiners.

Reasons to use CoinJoin

The main reason, as we have already mentioned, is privacy. Additionally, CoinJoin can also be used as a tool for resisting censorship in places where Bitcoin transactions are monitored or censored.

CoinJoin is also used to make it more difficult for surveillance companies, such as Chainalysis, which track blockchain transactions to identify the owner of the wallet, address, or bitcoins, to analyze them.

How does CoinJoin work?

Unlike a conventional transaction, CoinJoin does not follow the model of a single party sending funds to another. Instead, it involves multiple people sending equal amounts, where the end result obscures the destinations of all the transactions.

This is possible because the sizes of inputs and outputs are the same, making it impossible to differentiate where each satoshi went.

The image below is an example of how CoinJoin works.

In the left column, there are 5 inputs, representing the values that these people want to use to make a CoinJoin.

In the middle, there is a visualization of all possible combinations, about 1,496 possible combinations. Therefore, it is not possible to be sure to which address each value went.

In the right column, the final outputs appear with the result, each with the same amount of BTC.

Did you see it? This makes it much more difficult to identify the origin of each transaction, even when the originating address is associated with KYC.

However, it is still possible to track who made each movement. As these bitcoins are spent, and if addresses that received satoshis from CoinJoin link to other identifiable addresses, the obfuscation effect of CoinJoin may be compromised through deduction.

One way to mitigate this is by performing multiple CoinJoins or participating in CoinJoins with a large number of participants.

At first, for those who are starting to become familiar with Bitcoin, this whole process may seem complicated, but it significantly increases user privacy, especially in times of CBDC currencies and the creation of mass surveillance tools around the world.

Where to CoinJoin

One of the best-known services for performing CoinJoin is the Samourai Wallet’s Whirlpool. However, CoinJoin can also be executed on the Wasabi and JoinMarket wallets. Each of these platforms has different fees and security mechanisms for mixing currencies.

Recently, Samourai’s Whirlpool announced that it has approximately $250 million in liquidity, and this value continues to grow. Therefore, this indicates a growing interest in transferring value with privacy.

Sparrow Wallet

Sparrow Wallet recently added support for Whirlpool, enabling users to perform CoinJoin directly from a cold wallet using Sparrow as the coordinating wallet.

Joinmarket

JoinMarket is regarded as one of the most decentralized mechanisms and relies less on centralized entities like Wasabi.

However, it is a CoinJoin method that requires a higher level of technical skill. This underscores the notion that the greater the degree of privacy and security, the less convenient it becomes, necessitating a deeper understanding of the processes involved.

How to CoinJoin (Step by Step guide)

To demonstrate in practice how to CoinJoin, we’ll utilize Whirlpool.

Step 1

The initial step in performing a CoinJoin is to download the Samourai Wallet onto your smartphone, which is available exclusively for Android devices.

Step 2

Next, you need to send some satoshis to the wallet installed on your smartphone.

Step 3

Once the transaction is confirmed and your Bitcoin balance appears in your wallet, click on the blue “+” button to open a menu.

Then, select the ‘Whirlpool’ option.

Step 4

After selecting the “Whirlpool” option, a loading screen will be displayed.

Step 5

Upon connecting, the Whirlpool main screen will appear. Click on the Whirlpool icon in the top right corner.

Step 6

Then click on “MIX UTXO.”

A list of your UTXOs ready for mixing will be displayed on the screen. You can select any number/amount of them depending on the pool you wish to use.

• 0.01 (1m rate)
• 0.05 (5m rate)
• 0,5 (50m sats)

Step 7

After selecting the UTXOs, a screen will allow you to choose the pool you wish to use and the cycle priority (“Begin Cycle“). This cycle priority adjusts mining fees, making them more expensive or cheaper depending on the urgency to mix your satoshis.

Step 8

The next step is to review and confirm the cycle.

Step 9

Once the cycle has been reviewed and confirmed, a “Doxxic Change” message will appear on the screen. This message means that the wallet is asking you if you would prefer to mark the change for this mix as “ not spent ”.

In other words, this measure helps prevent the coins you are mixing from being mixed with non-CoinJoin balances in the future, potentially undermining all the effort.

Accepting is advisable, with the assurance that your change will always remain under your control, whether you click “yes” or “no.”

Step 10

From this point, the process begins to execute. Once completed, your UTXOs will be available in the “Post Mix” tab.

About Whirlpool Fees:

You only pay the pool fee once. After that, further mixing is free. However, it’s important to note that the Samourai Wallet needs to be open for this to occur.

What are the risks associated with CoinJoin?

CoinJoin is accessible via the services mentioned above, but it’s not devoid of risks. Below are the potential risks involved:

1. Trust Risks: Some CoinJoin implementations are centralized, which means users need to trust the service to prevent theft or loss of their funds during the coin mixing process.
2. Legal Risks: In some jurisdictions, the use of mixing or privacy techniques like CoinJoin could be interpreted as an attempt to conceal financial activities, which could lead to legal complications. Thus, this can be seen as a form of money laundering, even if the user’s intention is simply to protect their privacy. Recently, Europe signaled its interest in banning this type of practice.
3. Privacy Risks: If CoinJoin is not done correctly or with a sufficient number of participants, privacy can be compromised. Additionally, if participants reuse addresses or amount combinations, they may inadvertently reduce the effectiveness of the mix.
4. Sybil Risks: A Sybil attack occurs when a malicious entity controls a large number of nodes on a network, attempting to reveal the identity of users or compromise the operation. In CoinJoin, if an adversary controls a large portion of the participating funds or transactions, they can compromise the privacy of those using the service.
5. Flagging Risk: Coins used to make CoinJoin may be flagged. This means that in the future, governments may force centralized services, such as exchanges, not to accept Bitcoins that have gone through a CoinJoin process. However, it is worth remembering that on the Bitcoin network, there is no such differentiation and, therefore, it is possible to freely exchange with another Bitcoin address in a normal P2P transaction. 

Conclusion

In summary, while CoinJoin can offer considerable privacy advantages, it’s vital for users to be cognizant of the associated risks and proceed with caution.

CoinJoin isn’t a guaranteed solution; it’s an evolving feature that, over time, should become more user-friendly.

See you later, and opt out!