BSV Academy Logo over cybersecurity concept

The Bitcoin white paper - Privacy

The BSV Academy’s free introduction to Bitcoin Theory course covers the design of Bitcoin as a system as prescribed by Satoshi Nakamoto. This course is open to anyone who is interested in Bitcoin and is the beginner course in this series. Some technical experience would be helpful to complete the course, however, it is open to anyone regardless of experience.

The course goes through the Bitcoin white paper section by section elaborating on the concepts contained within each. This section focuses on reclaiming disk space. When the latest transaction in a coin is buried under enough blocks, the spent transactions before it can be discarded to save disk space.

To make it as effortless as possible for you to have access to this educational material, we are publishing the entire course here on our blog. Stay tuned for a section-by-section release, and remember that you are still welcome to enrol in the BSV Academy to gain a certificate of completion to add to your resume.

Bitcoin’s privacy model

Comparing Bitcoin to traditional banking models

Comparing Bitcoin to traditional banking models

Traditional banking systems work by holding data about each of the bank’s account holders on secure systems managed and maintained by the bank. These systems are used as a means to tie an account or source of funds to an individual or business with the bank acting as a trusted guardian of the information.

While the systems are designed for exclusive use of the bank or institution who keeps the details, these identity systems are frequently built using legacy frameworks that have been adapted to on-line requirements which has led to many instances of customer data being accessed and used maliciously to perpetrate theft and fraud against bank account holders.

How Bitcoin provides privacy

How Bitcoin provides privacy

Because most outputs in Bitcoin are locked with a script requiring a knowledge proof, it isn’t possible to remove all information about the identity of the receiving party from the transaction. By virtue of the fact that information they provided to the payer is embedded in the transaction the transaction itself cannot be anonymous, so care must be taken by the receiver to retain their own privacy over the information in the script.

Even when the transaction is spent and the knowledge proof needed is written to the ledger, the user can still remain private by not publishing their details onto the ledger as part of the transaction. Both parties to a transaction can make separate records to ensure that any requirement to re-visit the transaction can be executed with accurate and full knowledge of the nature of the transaction.

Public records on Bitcoin

Public records on Bitcoin

When both parties to a transaction utilise robust privacy measures to ensure that only they are privy to the details of the transaction, it becomes almost impossible for third parties who are outside the sphere of trust pertaining to the transaction to follow the details. This can be further augmented by breaking the payment into multiple outputs or even multiple transactions to further mask the details.

In this way it becomes very easy for lawful and considerate users of Bitcoin to guard their privacy and maintain a secure online presence.

Comparing Bitcoin to a stock exchange model

Comparing Bitcoin to a stock exchange model

In the same way that stock exchanges keep private records of who exchanged with who and release a cleaned set of records containing only the price and size of each trade, so the Bitcoin ledger maintains a private tape of all records of exchange.

User wallets can build repositories of transaction data which can be kept in offline archives, or even stored on the ledger but importantly these records are completely separate to the actual transaction itself and could only be exposed through one of the users repositories being compromised.

In this way, not only is the issue of large centralised repositories of data solved by each user holding their own records, the ownership of transaction records is also transferred to the user. This vastly reduces the risk of hacks that expose the records of large numbers of users as now the hackers must compromise a separate system for each individual user’s records.

Re-using keys in Bitcoin

Re-using keys in Bitcoin

In situations where a user is receiving all of their funds into a re-used locking script, it becomes much easier to see what funds that user has received, and when they are spending them as a locking script is tied to a private key that would typically be held by a single person. In order to mitigate against this risk, the user can simply choose a new private key every time new funds are being received in order to separate the digital coins on the ledger.

Most wallets are capable of doing this through techniques collectively known as Hierarchically Deterministic Keychains which allow the wallet to generate an effectively unlimited number of keypairs from a predetermined seed. This ostensibly allows the user to ‘recover’ their wallet through re-creation of the original seed in the event the wallet is lost or destroyed.

Linking Bitcoin inputs

Linking Bitcoin inputs

When a user creates a transaction that aggregates multiple inputs to pay one larger output, the coins that are used in that transaction can be traced back to a single owner. The record on the ledger is not enough on its own to identify that user, however it is possible for anyone with specific knowledge of the transaction to show that the inputs used may have belonged to the spending party.

Where possible wallets can avoid this by always spending a larger output than the payment itself, however this is not always possible and transactions that aggregate coins are required.

Linking the owner of a transaction

Linking the owner of a transaction

If a user spends coins that it has received from third parties, or which were spent back to themselves as change, it becomes possible to trace some part of the chain of ownership back via the ledger. This risks exposing a user's financial activities to malicious parties who have an understanding of how to analyse the public ledger.

Mitigation strategies include the use of separate transactions in instances where the many inputs are each spent in completely separate transactions, thereby avoiding the possibility of linking the user to a group of coins.

Micha Sprick, Editor
Micha Sprick

Editor