Samourai Wallet’s Whirlpool CoinJoin And Bitcoin Transaction Anonymity

Contrary to popular belief, Bitcoin is not anonymous.

Some even call it pseudonymous because that describes the level of anonymity users enjoy on Bitcoin, more accurately.

Even though Bitcoin is low on the anonymity spectrum, privacy is one of the features that Bitcoin users covet the most.

To solve this problem, or to give users a higher degree of privacy on their transactions, developers have come together to design and deploy several mechanisms that will obfuscate Bitcoin transactions.

One of these mechanisms is Samourai Wallet’s Whirlpool.

Whirlpool CoinJoin Capabilities

Samourai’s Whirlpool is probably the most renowned CoinJoin – Bitcoin mixing – service out there.

It works based on a trustless mechanism, more accurately described as a trustless multi-party signature protocol.

Samourai’s Whirlpool basically does the following:

• Shuffles transaction inputs and outputs within a pool
• These inputs and outputs are new and old, meaning that there are at least some inputs in the transaction pool that come from previous mixing rounds
• Users partially sign their input and their output to make the mechanism trustless
• All inputs and outputs are joined together in a pool that obscures transactions by making them indirect basically, over several transaction rounds
• Samourai Wallet can be used over Tor, adding another layer of privacy

What is the Degree of Privacy that Whirlpool Bestows Upon its Users?

Whirlpool makes it more difficult for people or organizations that use analytical tools, to understand where the coins are coming from exactly.

The problem is that Whirlpool – or other CoinJoin mechanisms – is not ironclad. Therefore, the developers behind Samourai Wallet wrote an informative Medium post to help us understand how private our transactions will be if we use Whirlpool.

It all depends on how we use the service.

There are two main scores that are important to understand the degree of obfuscation that each CoinJoin pool has on Whirlpool:

• Forward looking score
• Backward looking score

These scores are based on the historic behavior of the users of the pool – backward looking – and the current size of the pool as well as their tendency to remix coins.

There is a lot of confusion around Anonymity Set in relation to CoinJoin transactions. We have invested in research quantifying, scoring, and ultimately hardening the Whirlpool anonymity set. Whirlpool Stats tool will be released to the public shortlyhttps://t.co/zno72n5ivS— Samourai Wallet (@SamouraiWallet) October 24, 2019

Statistical Analysis: CoinJoin’s Achilles Heel

Of course, the problem with CoinJoin on Whirlpool or elsewhere, is that even the mixing and remixing of fund within a pool cannot escape statistical analysis.

Since The values of transactions on Bitcoin are always known, it is possible to use analytical tools and statistic analysis to clear up much of the transaction muddling.

To overcome this, Greg Maxwell – who is credited with inventing CoinJoin – has designed a protocol to obscure transaction values as well.

So, Should you Use Samourai Wallet’s Whirlpool?

With this kind of encryption, a CoinJoin service such as Samourai’s Whirlpool, would bestow a much higher degree of privacy upon the user.

But until these systems are properly tested and deployed, added privacy cannot hurt. Therefore, using Samourai wallet’s Whirlpool is still a good idea, provided you are aware of its limitations.