With the advent of software development kits like BDK and LDK, creating a bitcoin wallet has never been easier. However, as much as simpler development is necessary, it is important to do so in a way that protects user security and privacy by default. For example, how a light wallet connects to a third-party server to receive and send transaction data is an important topic to address.
I think bitcoin wallets need blocking filters to respect user privacy. Because? It is the only way to prevent data from being leaked to the server, which would allow you to link a user’s transaction data beyond what is publicly available.
In this article, we will explore why bitcoin wallets need blocking filters, first looking at how many bitcoin users run full nodes, how API wallets offer a good user experience but ultimately lead to all your transactions being linked. each other, and how bloom filters have failed to protect. privacy, how blocking filters are the only lightweight wallet network privacy solution, and finally, how all of this can be implemented using Tor-only communication to also protect a user’s IP address.
Only a few users run full nodes
Running and using a bitcoin node is the best thing you can do because you are part of the network and do not need intermediaries to receive and transmit transaction data. However, it is obvious that running a full node is not for everyone; Satoshi even imagined the existence and need for thin clients (simple payment verification) in the bitcoin.org/bitcoin.pdf”>bitcoin White Paper.
We can’t know how many users are running a full node, we can only know how many nodes there are. Conservative estimates that count only listening nodes would put this number at around 16,000, as seen in the Bitnodes.io place. More accurate estimates that count both listening and non-listening nodes, such as bitcoin/files/charts/software.html”>Luke Dashjr Node Counting Tool raises this number, around 53,000.
It is also important to be aware of the historical context of the number of full bitcoin nodes. According to the bitcoin/files/charts/historical.html”>bitcoin Node Count History by Luke Dashjr, we can see that bitcoin node usage is far from its peak. On January 13, 2018, the count reached 205,000. This was closely related to the fact that bitcoin had reached its previous all-time high a few weeks earlier. In 2021, we can see that the number of nodes also increased when the price rose, but it only reached around 90,000.
We can confirm that there are few users running bitcoin nodes and that this number is not increasing over time. Light wallets are much easier to use than a bitcoin node and we need to find the right network privacy solution to implement. Let’s take a look at the most used technology today, which is API wallets.
API Wallet service providers collect your data by default
Most bitcoin wallets use APIs (application specific interface) to send and receive transaction data from users. This technology is highly scalable and provides the best user experience as requests are instantaneous. However, it has an inherent privacy warning. Let’s discuss how it works and how service providers collect your data by default.
When you initialize a standard bitcoin wallet, you import or create a mnemonic seed phrase and set the desired derivation path (often automatically). This gives you a master public key, often called xpub. This is what it looks like:
xpub6CUGRUonZSQ4TWtTMmzXdrXDtypWKiKrhko4egpiMZbpiaQL2jkwSB1icqYh2cfDfVxdx4df189oLKnC5fSwqPfgyP3hooxujYzAu3fDVmz
Once this is done, the xpub is automatically sent to the service provider’s server, where it fetches bitcoin addresses within the gap limit (it will check how many unused addresses with a balance of zero before the server stops searching for funds). These addresses are searched in the server’s index and if transactions are found, they are sent to the user’s client. Addresses are monitored for new transactions. Additionally, when a user submits a transaction, it is also sent over the same communication channel.
It is obvious that this process is very efficient and allows API wallets to provide a fast and easy user experience. However, the service provider may link all our transactions and thus collect your private information by default. Fortunately, many API wallets allow users to connect through Tor, so at least the user’s IP address is protected.
Let’s now examine an alternative method that does not depend on a single server: the use of Bloom filters in light wallets.
Why Bloom filters don’t work for privacy
Some wallets allow the user to receive and send transaction data through Bloom filters. This method of communication was introduced in bitcoin/bips/blob/master/bip-0037.mediawiki”>BIP37 and was originally thought to be private. In this section, we will discuss what Bloom filters are and why they are actually not good for privacy.
Bloom filters are probabilistic data structures used to test whether an element is a member of a set. In the context of bitcoin, bloom filters are created by a light client and sent to network peers, which test whether there is a match between an address (item) and blockchain data (set). If there is a match, the transaction data is sent to the thin client. It is probabilistic because there are false positives, but these are then discarded by the thin client.
It was thought that the false positive rate would be high enough that a network peer would not be able to distinguish which transactions were really theirs and which were fake. However, due to an implementation error, the false positive rate was actually reduced.
Additionally, a thin client can create different bloom filters for the same wallet, and if a network peer collects two or more, the intersection can be calculated to eliminate false positives. Finally, if the blockchain data is analyzed and the user does not join or use coin control, a peer in the network can infer which addresses do not belong to the user.
You can read more about privacy issues with BIP37 bitcoin.it/wiki/BIP37_privacy_problems”>here. Now let’s examine the remaining thin client networking solution.
A bitcoin wallet needs blocking filters for more privacy
In 2018, there was no real solution to this problem, blocking filters did not exist yet. Fortunately, they were introduced the following year in bitcoin/bips/blob/master/bip-0157.mediawiki”>BIP157 and bitcoin/bips/blob/master/bip-0158.mediawiki”>158and now they are implemented in various bitcoin wallets and software like wasabi, Flash, technology“>breeze, LNDand LDK. They are often called neutrinos. In this section, we will examine how they work and why they are the right solution for network privacy.
Block filters compress block data to help wallets receive peer transactions without compromising privacy by downloading specific blocks instead of searching for individual transactions.
The block filtering process typically involves three steps. First, a user downloads block filters representing the blockchain from a network peer in the case of Breez, or from the coordinator server in the case of Wasabi. The thin client then checks whether addresses within the space boundary match a block filter. Finally, if there is a match, the corresponding block is downloaded.
Because we download entire blocks rather than individual transactions, and because there is a false positive rate, the block filter method works to protect a user’s privacy from peers on the network. Unlike Bloom filters and API wallets, it cannot discover (or directly collect) the connection between a user’s transactions, other than what is publicly known on the blockchain.
Blocking filters are part of the solution to network privacy, but something more is needed to complete the picture.
Tor is the last piece left to solve network privacy
Tor and bitcoin go hand in hand and together with blocking filters can solve network privacy for light clients. Tor hides a user’s IP address from the destination server by routing it through a network of nodes. This mechanism is called onion routing because of the multiple layers of communication.
Tor and block filtering have one thing in common. Both are processes that can slow down performance and can be noticeable and degrade the user experience. Some people think you have to accept this, but I think it can be improved to the point where it is barely noticeable.
For example, the Tor community has implemented a communication reliability solution called Conflux. Instead of making a single request, clients make two requests using two different Tor circuits to increase the likelihood of quick completion. This, along with innovations in wallet loading for blocking filters like turbo timing in the Wasabi wallet, will take us to a future in which a user will not have to choose between usability and privacy, but can enjoy both.
This is a guest post byGustavo Flores Echaiz. The opinions expressed are entirely their own and do not necessarily reflect those of btc Inc or bitcoin Magazine.
