Thanks for bringing our attention to this important topic. According to (https://p2sh.info/dashboard/db/bip-69-stats) around 60% of transaction follow bip69 (possibly just by chance).
If its useful, a bitcoin wiki page that tracks wallets which use bip69 can be created. A similar page exists for bech32 (https://en.bitcoin.it/wiki/Bech32_adoption). If we had this at least we'd know which open source wallets we can write code for or which closed source wallets we can bug about bip69. On 22/10/2018 02:54, Ryan Havar via bitcoin-dev wrote: > On Sunday, October 21, 2018 2:54 PM, Pavol Rusnak <st...@satoshilabs.com> > wrote: > >> Your solution in the second part of the email does not solve the problem you >> indicated in the first part of your email. > > Sorry, I'm not quite sure what parts you are referring to. I assume you might > mean my first paragraph, so I'll try explain myself a bit clearer how this > makes it harder to find wallet boundaries. > > Right now you can generally tell if a transaction is using bip69 or not (as > long as you account for the probability that it's randomly sorted to > accidentally be bip69). And generally wallets are consistent if they use > bip69 or not. > > This can often make it massively easier to detect what is change and not. > Let's say I'm clustering a wallet and know they're using a wallet that always > uses bip69, and I'm looking at a transaction in that cluster and trying to > guess which is the change and which is not. There's a lot of things you can > use to assign a probability. The most obvious thing is looking at the amount > of significant-digits of the output amounts (if they vary a lot, change > tends to be the one with more), but a much more powerful one is looking at > how the outputs are spent (and if they end up spend-linking back into the > original cluster). > > So let's say that the transaction output is spent by a non-bip69 transaction > -- I right away know that it's going to (almost certainly) be a different > wallet (e.g. the destination). > > My (shower-thoughty) "solution" fixes this problem, because an outside > observer has no way of knowing if a transaction is using deterministic > sorting or not, so can not use this information to establish wallet > boundaries. > > -- > On somewhat of a tangent I was actually fortunate enough to have someone with > access to the biggest(?) bitcoin analysis service help me with a few > experiments. While I was genuinely taken aback by how accurate some of their > analysis can be, I also found it pretty easy to trick -- implying it relies > heavily on some fragile heuristics. > > I don't like to be alarmist, but I worry a lot about the fungibility of > bitcoin when we have such effective blockchain analysis and a *LOT* of the > ecosystem using a centralized analytics service. And in fact, we're already > starting to see some minor effects of this (e.g. people already know that if > they gamble their funds, they'll probably have trouble using an exchange > later). And I don't think we're too far from the point where any > "unidentified" bitcoin is instantly flagged as "suspicious" (and for > instance, requires more explaining for by exchanges) potentially seriously > harming bitcoin fungibility and it's value determined also by it's history. > > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
