TOR and other threats to privacy-centric Altcoins

TOR privacy.001

The Dark Web is the early adopter use case for Blockchain. The realisation that unobfuscated bitcoin transactions can be traced more easily than the marked bank notes beloved by ye olde kidnapping crime dramas, led people to privacy-centric coins such as Monero and ZCash. This Chapter looks at technology that may erode the privacy advantage of these specialist Altcoins.

This is Part 1/chapter 16 in The Blockchain Economy book. This serialised book is a practical guidebook for investors, entrepreneurs and employees who want to learn how to prosper during the transition to an economy where value exchange is permissionless and disintermediated. For the index please go here.

This is the Blockchain era of disruptive innovation. In the previous era of disruptive innovation, social media, we talked about the “Facebook era”, because network effects were so powerful. Yet despite the dominance of Facebook, four other social networks became valuable by focussing on one thing that Facebook did badly:

  • LinkedIn did well by focussing on our professional/business life.

 

  • Twitter did well by focussing on what we know more than who we know (aka the interest graph).

 

  • WhatsApp and Instagram did well by focussing on mobile (and did so well that Facebook bought them for huge sums).

In the Blockchain era, we may refer to the “Bitcoin era” due to network effects favouring the dominant cryptocurrency. That is called the “Bitcoin maximalist” view, which Altcoin investors dispute by pointing to these three big weaknesses of Bitcoin:

 

  • No programming capability to create Smart Contracts. This is where the number 2 Altcoin, Ethereum, scores today. It is possible that Sidechains may enable Smart Contracts on the Bitcoin Blockchain and if this works it may erode the value of Ethereum.

 

  • Privacy. This is where privacy-centric Altcoins, such as Monero and ZCash,  score and is the subject of this chapter.

Looking at the social/Facebook era, Mark Zuckerberg was quite aware of Facebook’s three big weaknesses, but he could not win on all fronts at the same time, leaving room for LinkedIn, Twitter, WhatsApp and Instagram to do well. The same may happen in the Blockchain era. That is what Altcoin investors are betting on. They want a piece of the LinkedIn, Twitter, WhatsApp and Instagram equivalents in the Blockchain era.

There is no Mark Zuckerberg equivalent in the Blockchain Economy.

There is one fundamental difference with the social/Facebook era. There is no Mark Zuckerberg equivalent in the Blockchain Economy. The closest is Satoshi Nakamoto, but nobody can find him/her. Nor is there any Blockchain company; there is no Facebook equivalent.

This is uncharted territory. We have never before had a wave of disruptive innovation with nobody in charge; this scares some people and excites others. So we will not see VC backed Altcoins acquired by Bitcoin; there will be no WhatsApp and Instagram type stories. But there may be LinkedIn and Twitter type stories.  One of those niches, covered in this Chapter is Privacy.

This chapter focusses on one of those 3 Bitcoin weaknesses – privacy – by describing:

  • How TOR (The Onion Router) protects privacy at the protocol layer.

 

  • The current state of privacy and Bitcoin using Mixers.

 

  • What happens to privacy centric Altcoins when TOR goes mainstream?

How TOR (The Onion Router) protects privacy at the protocol layer

TOR (The Onion Router) is an open source and non-profit way to protect privacy on the Internet. You can use TOR to do illegal things (including activities – such as buying drugs – that many believe should not be illegal). You still need a currency if you want to do a transaction.  The question is, if TOR makes the Internet private at the protocol level, is there a distinct value proposition for privacy-centric Altcoins such as Monero and ZCash?

TOR 101: the TOR network is a group of volunteer-operated servers that allows people to improve their privacy and security on the Internet. TOR connects through a series of virtual tunnels rather than making a direct connection. Early adopters include:

  • Journalists use TOR to communicate with whistleblowers and dissidents. 

 

  • NGOs use TOR to allow their workers to connect to their home website while they’re in a foreign country, without notifying everybody nearby that they’re working with that organisation (which could put their life in danger).

 

  • Individuals use TOR to do illegal things (such as buying drugs online and worse).

TOR is tracing the traditional innovation path described in Crossing the Chasm:

  • Innovators: this was when TOR was so slow that it was almost unusable. Two types of users persisted. One was developers who just wanted to understand how it worked. The other was people doing something illegal – slow was a good price to pay compared to jail time or worse.

 

  • Early Adopters: this is the phase we are in now. Highly respectable corporations and government agencies now use Tor as an alternative to traditional VPNs, which reveal the exact amount and timing of communication (from which much intelligence can be extracted). We now also see privacy-focussed but legally compliant individuals using TOR.

TOR is a network that benefits from network effects. Like P2P telephony, the more users there are the better it scales – precisely the opposite of centralised technology. So adoption is a virtuous circle. The more users there are, the faster it gets, which leads to more users, which…

The TOR network growth also makes it more private. TOR hides you among the other users on the network, so more users = more private.

So the early tradeoff – private but slow – will soon disappear. When privacy has no cost, TOR will cross the chasm to mainstream. Nobody can say when this will happen but network economics tell us that it will surely happen.

The mainstreaming of TOR is inevitable, even if it is not imminent. 

The current state of privacy and Bitcoin

Chainalysis, a blockchain surveillance company recently announced it has raised $16 million in a Series A funding round from Tier 1 VC firm Benchmark.

Surveillance companies use a form traffic analysis to infer who is talking to whom over a public network. Knowing the source and destination of your Internet traffic allows others to track your behavior and interests. This can cost you money and many people use VPN to stop e-commerce sites jacking up price based on your location or browsing history. It can even threaten your job and physical safety by revealing who and where you are. For example, if you’re travelling abroad and you connect to your employer’s computers to check or send mail, you can inadvertently reveal your national origin and professional affiliation to anyone observing the network, even if the connection is encrypted and tell a robber that you are not home.

From the Daily Fintech weekly news analysis by Ilias Hatzis to explain how traffic analysis works:

 “Internet data packets have two parts: a data payload and a header used for routing. The data payload is whatever is being sent, whether that’s an email message, a web page, or an audio file. Even if you encrypt the data payload of your communications, traffic analysis still reveals a great deal about what you’re doing and, possibly, what you’re saying. That’s because it focuses on the header, which discloses source, destination, size, timing, and so on.

A basic problem for the privacy minded is that the recipient of your communications can see that you sent it by looking at headers. So can authorized intermediaries like Internet service providers, and sometimes unauthorized intermediaries as well. A very simple form of traffic analysis might involve sitting somewhere between sender and recipient on the network, looking at headers.

But there are also more powerful kinds of traffic analysis. Some attackers spy on multiple parts of the Internet and use sophisticated statistical techniques to track the communications patterns of many different organizations and individuals. Encryption does not help against these attackers, since it only hides the content of Internet traffic, not the headers.”

Blockchain surveillance is booming and the market has many other players. The reason is simple. Governments and corporations want to track cryptocurrency transactions that were designed for anonymity. The wallets that carry out transactions are anonymous, making it extremely difficult but not impossible to actually make sense of the data; the fact that it is difficult but not impossible is the opportunity for firms such as Chainalysis.

Snowden the whistleblower revealed what many techies had long suspected that the U.S National Security Agency (NSA) has been secretly monitoring the Bitcoin blockchain for years through a program codenamed OAKSTAR.

It is a new arms race. As Bitcoin becomes more popular, governments and banks will want better surveillance technology. As Bitcoin’s inherent transparency becomes more obvious, some people become increasingly interested in privacy solutions of two types:

  • Bitcoin mixer 1 = CoinJoin, which scrambles all inputs and outputs.

 

  • Bitcoin mixer 2 = Confidential Transactions. This feature in Bitcoin Core lets senders encrypt the bitcoin amounts in transactions with random strings of numbers called “blinding factors.” This is decrypted by the receiver.

 

  • Bitcoin mixer 3 =Mimble Wimble. This is another feature in Bitcoin Core currently in development. Mimble Wimble (named after a Harry Potter curse) does the opposite as the the receiver generates the blinding factor. Although primarily designed for privacy, MimbleWimble also enhances scalability (because it gets rid of the need to track transaction history per coin).

 

  • Privacy-centric Altcoins such as Zcash and Monero. If privacy is a life/death or liberty issue for you, you maybe concerned that companies such as Chainalysis can see through these mixers. Then you maybe motivated to use privacy-centric Altcoins.

What will happen to privacy centric Altcoins when TOR goes mainstream?

Privacy centric Altcoins is a big business, but still tiny compared to Bitcoin as a snapshot from Coinmarketcap reveals. There is over $3 billion of market cap, just from Monero and ZCash, at risk if TOR goes mainstream .

TOR prevents traffic analysis. It is better than VPN in this regard. If you do a Bitcoin transaction over TOR, or any transaction, you have a high degree of confidence in your privacy. That may make you less motivated to use ZCash or Monero; you maybe more willing to stick to Bitcoin.

Bernard Lunn is the CEO of Daily Fintech and author of The Blockchain Economy. He provides advisory services to companies involved with Fintech (reach out to julia at daily fintech dot com to discuss his services).

One comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s