Wasabi: Privacy Focused Bitcoin Wallet for Desktop

(UPDATE) Download Link: https://github.com/zkSNACKs/WalletWasabi/releases

A few days ago I gave a talk at the Building on Bitcoin conference, where I unveiled Wasabi Wallet that will bring Bitcoin Privacy to a new level.

If you are already familiar with my work, Wasabi is HiddenWallet rebranded and rewritten from scratch with some new features. (I explained in the talk why it was needed.)

Summary

How does it compare to other alternatives?

Cash

Cash is superior, its anonymity set is in the millions.

Banks

Banks are better in some way and worse in some other way. Just like cash, banks provide complete anonymity for you towards most third parties, like your neighbor or your grandma, however you have no privacy towards your bank.

Centralized Bitcoin Mixers

Centralized Bitcoin Mixers are often vulnerable to amount analysis, they can steal your coins and you have no privacy against them. Wasabi solves all these issues.

JoinMarket

JoinMarket is a special type of CoinJoin. You may use it as a taker or as a maker, or in hybrid mode, by running the tumbler script. If you are a taker, you pay the whole transaction and JM fees to every maker you join your coins with. If you are a maker, you must run a script continuously that will generate income for you. As a taker JoinMarket is instant for you. We are planning to make every one of our non-mixing transaction a JoinMarket taker transaction in the future.

Monero

Monero is an altcoin. The anonymity set of Monero is 2–10. Wasabi’s is constant 100. However, in Monero, every transaction is a mixing transaction.

ZCash

The anonymity set of ZCash could potentially be huge. However, unlike Wasabi, it does not enforce any anonymity set and the lack of usage of its privacy features keeps it small for now.

Lightning Network

The Lightning Network is a second layer scaling solution that fixes many privacy problems those are present in cryptocurrencies, but it also introduces new ones. Assuming LN is fully anonymous, there will always be a need for on-chain privacy. But LN is not fully anonymous. LN’s anonymity can be compared to the traditional banking system’s. It also achieves confidentiality within a Lightning Hub, but you have no privacy towards the Hub. However when a payment goes through multiple hubs, LN uses onion routing. That facilitates privacy, assuming the hubs do not collude. Another benefit to LN is that its hubs don’t need to KYC their users. Its downsides are some public information, like the channel sizes, which all nodes know about and the on-boarding and off-boarding transactions. In the future we are planning to facilitate LN on-boarding transactions with our coinjoins.

Frequently Asked Questions

Why is the anonymity set 100?

Sufficient anonymity set is a hard question, that no research attempted to answer it so far. I asked many privacy researchers and it seems to me the rough consensus is that an anonymity set above 50 could be considered sufficient.
Furthermore our calculations have shown that with the liquidity of today’s mixers our mixing rounds would take 1 to 5 minutes with 100 anonymity set and 0.1 BTC fixed denomination.

Do you plan hardware wallet support?

No, we are focusing on privacy features and the stability of our wallet. As long as there are significant improvements to be made on those fields, we are not interested in anything else.

Why are other light wallets not private?

It is easy to see why most light wallets fail here. They are using a backend server to show you your wallet balances. This immediately links together all your wallet addresses to them.

Electrum’s model is a special case. Your Electrum wallet connects to random Electrum servers, ran by anyone, thus your privacy is failing towards those entities.

Bloom filtering SPV wallets are however different, (Bread wallet, AirBitz) they don’t use a backend server, rather they are leaking information to every blockchain analysis company, who are crawling the Bitcoin network for their bloom filters.

Full nodes like Bitcoin Core or full SPV nodes, like Stratis’s Breeze wallet or the previous version of Wasabi Wallet, which was called HiddenWallet were the only good solutions against network analysis.

However one year ago the Lightning Network developers came up with the concept of BIP157–158, which enables light wallets to protect their privacy. They built it, and called it Neutrino, but they could not deploy it to the mainnet until Bitcoin Core starts to serve them, which can take a couple of years.
In Wasabi we built it, too, it works as follows: our backend builds a filter table, that your wallet downloads over Tor. These filters are constant, every wallet downloads the same filter table.
From this table your client can figure out what blocks it is interested in and it asks for those blocks from random Bitcoin nodes one by one. From those blocks it can reestablish your wallet balances.

What has changed since HiddenWallet?

What are the weaknesses of the wallet?

Final Notes

I am super excited of what we are delivering. I hope I was able to give some of my enthusiasm in this article. We are soon going to be able to use Bitcoin in an end-to-end, fully anonymous way.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store