Bitcoin has often been portrayed as an anonymous payment network. However, in reality, Bitcoin is perhaps the most transparent payment network in the world and is therefore not as private as most might think it is.
Anonymity vs. Privacy
Before we delve into the heart of the matter, let us first understand the distinction between anonymity and privacy, as there is a tendency to conflate the two.
Anonymity refers to “the quality or state of being anonymous” — i.e., “of unknown authorship or origin”. In other words, a bitcoin transaction is anonymous if no third party knows who made the transaction.
Privacy, on the other hand, in this context refers to “a private matter” — i.e., “not known or intended to be known publicly”. In other words, a bitcoin transaction is private if no third party knows what was purchased using those bitcoins, and for what amount.
This distinction is important to keep in mind, as bitcoin transactions are generally anonymous but not private — i.e., identities are not recorded in the Bitcoin blockchain itself, but every confirmed bitcoin transaction is permanently recorded and visible in the Bitcoin blockchain (Nakamoto, 2008).
This level of transparency in the Bitcoin network consequently allows for bitcoin transactions to be tracked and traced.
While identities are not recorded in the Bitcoin blockchain, Bitcoin addresses are. These addresses are the only information used by the network to define where bitcoins are allocated and where they are sent. And since all transactions are publicly broadcast in the Bitcoin blockchain, the public is able to see the flow of bitcoins from one address to another, albeit without any information that explicitly links those addresses to anyone in particular.
However, given that many users access bitcoin through services that require the disclosure of their personal identities, these users’ bitcoin holdings and activity become linked to their identities. These services can then track and trace these users’ bitcoin activity, and even disclose them to other third parties — including law enforcement — according to their privacy policies. Bitcoin, for these users, becomes no more anonymous than a conventional bank account.
Furthermore, there has lately been a rapid development of various techniques specifically designed to track bitcoin transactions. The two most common techniques so far are transaction graph analysis and IP address analysis.
Transaction graph analysis
Transaction graph analysis attempts to uncover the identities behind bitcoin transactions by identifying certain trends in bitcoin transactions using a variety of techniques. These trends are used to make educated guesses at linking certain transactions to certain bitcoin holders.
One common technique used in transaction graph analysis is identifying transactions with more than one input address. A bitcoin transaction input refers a Bitcoin address or a set of Bitcoin addresses used to send bitcoins from. And since these bitcoins can only be spent using the private keys associated with those addresses, it can be safely assumed that a transaction with multiple inputs was made by the same person. Subsequent transactions made from those addresses further augment the link between those addresses and the person who controls them.
A second technique employed by transaction graph analysis exploits a Bitcoin feature called change. In Bitcoin, when the output of a transaction is used as the input for another transaction, that output must be spent in its entirety. In other words, Bitcoin does not allow the partial spending of the total amount of bitcoins in a given Bitcoin address. For example, if Alice sends 0.5 BTC out of a total of 1 BTC that she has in a given Bitcoin address to Bob, the Bitcoin network does not allow 0.5 BTC to be subtracted from that address to be sent to Bob. Instead, what Alice’s bitcoin wallet has to do is to spend all of the 1 BTC — i.e., 0.5 BTC to Bob and the remaining 0.5 BTC to herself. The remaining 0.5 BTC that is sent back to Alice is sent to one of the wallet’s change addresses.
The second technique employed by transaction graph analysis exploits this by looking for these change addresses. If exactly one of the output addresses in a given transaction has never appeared in the blockchain before, it can be safely assumed that the new address is the change address.
A third technique employed by transaction graph analysis also exploits Bitcoin’s change feature. This third technique is essentially an extension of the second technique in that it looks at the amounts in a transaction’s outputs. For example, if a given transaction has an output to two new Bitcoin addresses where one of the outputs contains 1 BTC while the other contains 1.61803, then it can be safely assumed that the second output is the change. This allows the input addresses to be linked to the change address.
IP address analysis
IP address analysis attempts to uncover the origin of transactions by looking for the IP address of the Bitcoin full node that first broadcast the transaction.
This technique is considered to be a lot less refined and reliable than transaction graph analysis, in that it is very difficult to pinpoint exactly where the transaction was first broadcast from — IP address analysis would have to sift through all the transactions relayed by approximately 7,180 Bitcoin full nodes (according to 21’s Bitnodes service at the time of writing) to pinpoint the origin of the targeted transaction. This is made more difficult by the small random delay that is coded into the Bitcoin protocol that attempts to obfuscate the origin of a transaction. False positives are therefore very likely when using this technique.
Bitcoin is not as anonymous nor as private as popular belief may suggest. The fact that all transactions are permanently recorded and announced on a public distributed ledger — while certainly a boon for transparency and decentralisation — should be a constant reminder to average users that Bitcoin is certainly less anonymous than cash.
Nevertheless, there are many improvements in the works that aim to improve privacy and anonymity on the Bitcoin network. One such example is a proposal called TumbleBit — an untrusted, off-blockchain intermediary payment channel that mixes incoming bitcoins from different parties before sending them off to their intended recipients. TumbleBit’s technology allows for increased anonymity on the Bitcoin network by reducing the level of traceability that is currently inherent in conventional Bitcoin transactions. TumbleBit is currently in the final stages of testing, with mainstream implementations expected to be released in the coming months.