Bitcoin is a peer-to-peer network of nodes that define, verify, and enforce the Bitcoin consensus rules. There is a lot of communication between them and metadata can be used to de-anonymize Bitcoin users.
When the communication to the network is unencrypted over clearnet, then there is an easy correlation of the Bitcoin transactions to the IP address of the peer who sent it.
Usually, a Bitcoin node broadcasts not just the transactions of its user, but it also gossips all of the other transactions that it has received from its peers. Thus it is very difficult to find out which transactions originated from which node.
However, when a node does not gossip all transactions, but only the transactions of its user, like in the case of a light wallet, then it is easier to find out which node has sent those specific transactions.
Bitcoin Full Nodes
When you run your own full node, you can precisely verify if the bitcoin you receive are actually valid. When you do not verify this for yourself, then you need to ask another trusted third party how much money you have.
Regardless how you ask this other server, there is now more metadata available to potentially link your coins to your identity.
There are bad ways to communicate, like querying a block explorer over clearnet, and good ways to communicate, like using BIP 158 block filters over Tor. But regardless, running your own full node means that you don’t need to communicate with anyone about your specific coins and this is strictly better.
When you make a Bitcoin transaction, you are essentially creating a message on your device and sending it to the Bitcoin network. Someone operating a large number of nodes on the Bitcoin network might be able to match some of your transactions to your IP address, then deanonymize your stack of bitcoin.
It is relatively easy to avoid this on a computer by relaying all transactions through the Tor network. Wasabi routes all traffic via Tor’s SOCKS5 proxy, by default. This means that by default, all network communication is secured from outside snooping and the IP address is hidden.
Wasabi and Tor
Even if no full node is installed, Wasabi has a light client mode based on BIP 158 block filters. The Wasabi coordinator’s v3 onion service sends a filter of all the transactions in each block to all the users over Tor. Then, users check locally if the block contains any transactions with their addresses. If not, then the filter is stored for later reference, and no block is downloaded.
However, if there is a user transaction in that block, then Wasabi connects to a random Bitcoin P2P node over Tor and asks for this entire block, not just one transaction. This block request is indistinguishable from the regular P2P gossip, and thus nobody, neither the server nor the full node, knows which addresses belong to the user.
All Wasabi traffic is tunneled through Tor. Wasabi connects only to onion nodes, so end-to-end encryption is enforced between the wallet and peers. All this without involving any exit node. Wasabi connects to each peer through a different Tor stream. A new Bitcoin peer is chosen for every transaction broadcast.
Tor Consensus Issues
On January 10, 2021, due to an implementation bug, Tor’s v3 onion services experienced instability. A bug fix is already on the way, but until the update you may experience connection problems and delays.
Normal Tor circuits (using exit relays) still work, and v2 onion services still work, but v3 onion services (like the one used for the Wasabi coordinator) are affected and may not publish descriptors, and clients won’t fetch them.
As we said before, all Internet traffic goes through Tor, and by default all this traffic stays inside the onion network. This means that, in Wasabi coordinator’s case, as v3 services are used to coordinate the CoinJoin transactions, there may have been (or there may be) connection and communication problems.
To ensure service availability, Wasabi Wallet is equipped to offer a fallback scenario where exit nodes are involved. For example, if the Tor onion service of the backend becomes unavailable for the user, the wallet falls back to communicating with the backend’s clearnet endpoint, still over Tor. Wasabi also frequently utilizes multiple Tor streams where applicable.
This allows the user to continue to operate, even in unusual/offline onion backend conditions.
Tor label inside Wasabi Wallet shows the status of the Tor daemon. You can check that your connection is active by keeping an eye on it.
Who have been affected
Most of our users haven’t noticed any interruptions because Wasabi was able to recover automatically. There were a few users who encountered intermittent Tor connection issues. But in most of these cases, restarting the Tor client solved the problem.