Welcome Security Conscious Bitcoiner!
If you've found your way here then most likely you know what Tails is and what Bitcoin is. If you're using an amnesiac, Tor only operating system then you're probably concerned (rightly so) with privacy and security. Well hooray for you, you're already well ahead of the flock and not the lowest hanging fruit. If you're not yet familiar with Tails, please see the sidebar now.
Ok, so we got rid of the noobs that haven't used the OS yet. Hooray for us. Now I'm going to go out on a limb here and guess that you are using Electrum or (please don't say it's true) an online wallet for your bitcoin transactions. We can do better than that. Let's stop those bad habits now and up our opsec before something bad happens. This way you don't end up being the person that wishes they took security seriously after it's too late, or the person that can't move their funds because a site is down.
This is my project, tailsjoin. I've written some scripts that install JoinMarket, and can also install Bitcoin Core (recommended, but not required) to add some much needed anonymity for bitcoiners using Tails.
Wait, what is JoinMarket?
This is an infographic done by sofiab1 that explains it quite well, but I'll also take a try.
- CoinJoin is a type of bitcoin transaction that has multiple inputs, and multiple outputs. An outside observer can only see all of these origin and destination addresses, but they can't tell which belongs to which.
- CoinJoin is the brainchild of Gregory Maxwell. See the sidebar for Maxwells thread on BitcoinTalk that includes technical information.
- CoinJoin transaction on the blockchain.
Wow, that sounds and looks great. No one can tell which address paid to which. Why isn't everybody doing this with their transactions?
- To produce these transactions one must work with others to each create and sign their portion.
- How do we find these "other" people that are willing to make these transactions with us, and how can we trust them to create and sign their part without robbing us?
- Those willing to make these transactions with others for a small fee (typical fees .001%) sit and wait for those that wish to create a CoinJoin transaction.
- Fees are very low because anyone with bitcoin can offer them to join, and there is very low risk.
- There is over 1500 BTC in liquidity just sitting there waiting to be joined with at any given time.
Cryptography and distributed systems have given us the ability to create trustless contracts that are self executing. They can be used here, we just need an incentive to get people to participate...
The JoinMarket Solution
What type of thought was put into user privacy and wallet security? Who controls my funds?
- No one can steal your funds. You never give up control of your private keys.
- Generate a BIP32 wallet with a 12 word recovery seed.
- Wallet is always encrypted when at rest, passphrase is required on creation of a new wallet.
- Create transactions from cold storage and sign them offline.
- Import private keys from other clients.
- Easy to backup/restore by copying the encrypted file and storing the seed.
- You are creating a smart contract that will only execute if done properly when creating a transaction with the other parties.
- Your bot will only sign transactions that meet the conditions you either set or agree to. If a malicious actor tried to fool you into signing a bad transaction your bot would reject it and move on to a different party.
- Manually review each transaction and it's fees before singing and pushing it to the network.
- Automate transactions, yield generation, or tumbling of coins for multiple transactions and added anonymity.
- Anyone with bitcoin can participate, offering their funds to be joined with, for a fee. This incentivizes those with bitcoin in cold storage to make a few satoshis with them.
- Communication between parties is encrypted and done over private message individually with each participant.
- Each participant knows only their part of the transaction. Therefore it would take every member of the transaction to work together to deanonymize one of them.
- The IRC where the communication happens is available as a Tor hidden service, only allows TLS connections, and has a backup onion.
- With Tails all of your connections are over Tor in addition to the numerous security improvements implemented by default on this OS.
I think that's a pretty good synopsis on JoinMarket. If you wish to get more in depth and/or technical info then please explore the links in the sidebar.
When you're ready to get your hands dirty head over to the guides.