[bitcoin-dev] Wallet Fingerprinting with nLocktime and nVersion

Wed, 12 Oct 2022 04:41:48 -0700 

Hi Bitcoin Developers,

I did some research about nLocktime and nVersion used by some open source 
Bitcoin wallets. I have written a [blog post][0] co-authored with 'nothingmuch' 
and this is the first post for the privacy focused blog 'consent':

Most wallets use nVersion 2. nLocktime for Bitcoin Core, Knots, Electrum, 
Sparrow and Specter is nearest block height. However, nLocktime for Bitcoin 
Core/Knots is zero by default if the transaction is created manually using RPC 
commands like createpsbt​ or createrawtransaction​. Peter Todd had implemented 
nLocktime based on anti-fee sniping in [#2340][1] and [#24128][2] implements 
BIP 326 sequence based anti-fee-snipe for taproot inputs.
'0xb10c' has written about wallet [fingerprinting with fee rate][3]. However, 
nLocktime and nVersion are also important. There may be other factors that 
might help if a fingerprint matches more than one wallet. Andrew Chow has build 
a [tool][4] to check if a transaction was created using Bitcoin Core or 
Electrum.

### Why is wallet fingerprinting important?

Consider the following scenario: Alice is spying on Bob and Carol. She suspects 
one of them is participating in an activity based on a transaction, but she 
cannot confirm it. She recognizes that one of the wallets that claims to 
improve privacy was used for these transactions and examines the nVersion and 
nLocktime. This makes it simpler to identify Bob, who used Wasabi wallet for 
the transaction with version 1 and nLocktime 0.

### How to fix it?

If more wallets have the same nVersion and nLocktime, it will be difficult to 
identify the wallets used for a transaction. nLocktime could be any nearest 
block height however version needs to be 2 as most of the wallets use it and it 
is used for transactions that follow new consensus rules.

Please let me know if something incorrect is mentioned or anything important 
missing about wallet fingerprinting with nLocktime and nVersion.

### Acknowledgements

- achow101
- 0xb10c
- nothingmuch- RedGrittyBrick

[0]: https://consentonchain.github.io/blog/posts/fingerprinting/
[1]: https://github.com/bitcoin/bitcoin/pull/2340
[2]: https://github.com/bitcoin/bitcoin/pull/24128
[3]: https://b10c.me/observations/03-blockchaincom-recommendations/
[4]: https://github.com/achow101/wallet-fingerprinting

/dev/fd0

Sent with [Proton Mail](https://proton.me/) secure email.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

Reply via email to