There is a sacred realm of privacy for every man and woman where he makes his choices and decisions — a realm of his own essential rights and liberties into which the law, generally speaking, must not intrude.Geoffrey Fisher, Archbishop of Canterbury (1959)
Not too long ago the default mode of the internet was unencrypted plain text. Everyone was able to spy on everyone else and not too many people thought much about it. The global surveillance disclosures of 2013 changed that and today secure communication protocols and end-to-end encryption are becoming the norm.
Although Bitcoin is entering its teenage years, we are — metaphorically speaking — still in the plain text era of the orange coin. Bitcoin is radically transparent by default, but there are meaningful ways to protect your privacy. In this article we want to highlight some of these ways, discuss best practices, and give actionable advice for newcomers and bitcoiners alike.
Why Privacy Is Important
“Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private matter is something one doesn’t want the whole world to know, but a secret matter is something one doesn’t want anybody to know. Privacy is the power to selectively reveal oneself to the world.”
With these powerful words Eric Hughes opened his Cypherpunk’s Manifesto in 1993. The difference between privacy and secrecy is subtle, but important. Choosing to remain private does not imply that one has secrets or has something to hide. To illustrate this just realize that what you do on the toilet or in the bedroom is neither illegal nor a secret (in most cases), yet you close the door and pull the curtains.
Similarly, how much money you have and where you spend it is not necessarily a secret matter. It should, however, be a private one. Most would agree that your boss should not know how you choose to spend your salary.
The importance of privacy is recognized by many international bodies. From the American Declaration of the Rights and Duties of Man to the United Nations, it is recognized that privacy is a fundamental human right worldwide.
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.Article 12, United Nations Declaration of Human Rights
Bitcoin and Privacy
Although Bitcoin was often described as an anonymous method of payment by early proponents and by the media, it is anything but. Bitcoin is pseudonymous at best and as of today making sure that your pseudonymous bitcoin identities cannot be linked to your real-world identity proves difficult for most people.
Bitcoin is an open system. Its public ledger can be inspected and studied by everyone. Thus every transaction that is embedded in its proof-of-work chain will be exposed for as long as Bitcoin exists: eternity. Failing to follow privacy best practices now can potentially have negative repercussions in the future.
Privacy, like security, is a process and it is difficult, but not impossible. Tools continue to be developed to help preserve privacy while using Bitcoin and fortunately most of these tools become easier to use over time. Unfortunately no panacea exists. One has to remain aware of the tradeoffs and follow best practices as they evolve.
Privacy Best Practices
As with everything in Bitcoin, taking control of your privacy is a gradual, step-by-step process. Learning about and implementing these best practices takes patience and responsibility, so do not be discouraged if it seems overwhelming at first. Every step, no matter how small, is a step in the right direction.
The following are actionable steps you can take to increase your privacy:
- Self-custody your coins
- Do not reuse addresses
- Minimize exposure to KYC (Know Your Customer)
- Minimize exposure to third parties
- Run your own node
- Use the Lightning Network for small transactions
- Do not use public block explorers
- CoinJoin early and often
Self-custody your coins: Not your keys, not your bitcoin. If someone else is holding your bitcoin for you, they know everything there is to know about these coins: amounts, transaction histories, future transactions, etc. Taking self-custody of your coins is the first and most essential step.
Do not reuse addresses: Reusing addresses destroys the privacy of both the sender and the receiver. It should be avoided at all costs.
Minimize exposure to KYC: Linking your real-world identity to your bitcoin addresses is a necessary evil in most jurisdictions. While the effectiveness of these regulations is questionable, the implications for regular users are mostly negative as a multitude of data leaks have shown. If you choose to use KYC on- or off-ramps, make sure that you understand the relationship between yourself and the service in question. You are trusting this service with your personal data, including the future safety of this data. If you still earn fiat-denominated income, we recommend using one bitcoin-only service that allows you to execute automatic recurring buys on your behalf. Swan Bitcoin is such a service. If you want to skip KYC entirely, have a look at no-KYC only.
Minimize exposure to third parties: Trusted third parties are security holes. If you can rely on yourself instead of trusted third parties, you should.
Run your own node: Not your node, not your rules. Running your own node is essential to use Bitcoin in a private manner. Every interaction with the Bitcoin network is facilitated by a node. If you are not in control of this node, whatever you are doing is seen by the node you are interacting with. This means whoever is in control of the node is able to see what you are doing. This node guide is a great resource to get you started.
Use the Lightning Network for small transactions: The off-chain nature of the lightning network increases the transactional privacy of its users without having to jump through too many hoops. While it is still early, the absolutely reckless days of the lightning network are likely behind us. Using it for small- and medium-sized transactions can help improve both your privacy as well as your fee footprint.
Do not use public block explorers: Looking up addresses in public block explorers will link those addresses with your IP, which, in turn, can be linked to your real identity. Software packages like Umbrel and myNode make it easy to run your own block explorer. If you have to use a public block explorer, make sure to mask your IP by connecting to them via Tor, or at least use a VPN.
CoinJoin early and often: Because Bitcoin is forever, using transactional best practices such as collaborative CoinJoin transactions will ensure that your privacy is protected going forward. While CoinJoin transactions are nuanced, user-friendly software exists to help you create and automate these kinds of transactions. Samourai’s Whirlpool is a great solution for Android users, for example. There is also JoinMarket, which, thanks to projects like JoininBox, can be set up quite easily on your own node. Note that Swan offers the ability to auto-withdraw your bitcoin, allowing you to automate this process almost completely.
Everyone should strive to use bitcoin in a more private manner. Privacy is not secrecy. Privacy is a human right and we should all protect and exercise this right. It is hard to remove information from the internet; it is impossible to remove information from Bitcoin’s public ledger.
While far from perfect, tools exist today that make following privacy best practices easier. We have highlighted some of these tools and — as new improvements such as Taproot and Schnorr get activated — these tools, as well as the privacy guarantees of Bitcoin, will undoubtedly improve.
Bitcoin’s operation does not map nicely on to traditional concepts. Questions such as “who owns this money” or “where is it from” become hard to answer in most circumstances and absolutely meaningless in others.
Satoshi designed Bitcoin with privacy in mind. On the protocol level every bitcoin transaction is a “smelting” process leaving only heuristical breadcrumbs behind. The protocol does not care where the sats came from. Neither does it care about real-world identities or ownership. It only cares about the validity of signatures.
And as long as speech is free, signing a message — privately or not — must not be a crime.
- This Month in Bitcoin Privacy by Janine
- Hodl Privacy FAQ by 6102
- Digital Privacy by 6102
- UseWhirlpool.com by Bitcoin Q+A
- Bitcoin Privacy Guide by Bitcoin Q+A