The following is an introduction I wrote for the Open Bitcoin Privacy Project’s Spring 2015 Wallet Privacy Rating Report, published May 17th, 2015. You can download the report here [github.com].
Any technology as revolutionary as Bitcoin is bound to come with surprises. In fact, if you’ve been following the technology for any appreciable amount of time, you will often find yourself in awe of some unconsidered and new angle, some formerly inconceivable subtlety that challenges your assumptions about finance and commerce. This is the age of uncensored and programmable money. We don’t know exactly what the future holds for Bitcoin, but we do know for sure that the world will never be the same.
The privacy implications of Bitcoin are one such surprise for many of its students. We are emerging from a banking system that takes for granted not only financial control by trusted third parties, but also total information awareness for those same organizations. The details of Main Street’s transactions have, until today, been stored in esteemed and marbled halls occupied by men in fine suits. We have carried around plastic cards with our names and numbers, swiped and authenticated with each purchase; we have emailed dollars, francs, and yen to our friends and eBay sellers — except for those of us excluded by border or notoriety. Bitcoin flips the script by placing these details not in the hands of banks, but the world. The future will transact on a global and public ledger. This opens up many wonderful opportunities, and just as many pitfalls.
Financial privacy is enforced lightly by the Bitcoin protocol. The short section on the matter dedicated by Satoshi in his whitepaper contains helpful suggestions, but no rules. Protections are pushed to the edges of the network, to the services we use and the wallet software we execute on our computing devices. Our services and software have long ignored Satoshi’s suggestions, however, relying on a prevailing and dubious notion of Bitcoin as inherently anonymous.
The Open Bitcoin Privacy Project publishes rating reports to highlight where software is succeeding at protecting our privacy, and where it is failing. We have selected key behavioral patterns and features of Bitcoin software that measures its effectiveness at protecting the financial details of its users. Technically-minded readers will find our Threat Model on page 26, explaining the motivation for the metrics we developed.
Each wallet rated in this report was analyzed in terms of the usability of its privacy protections, the effectiveness of those protections, and the level of guidance provided to users to guard their own data. We have provided scores broken down by category for each wallet. Casual readers of the report can simply skip to our rankings by total score on page 5.
We carefully designed our testing methodology, detailed on page 3, to be as objective and independently verifiable as possible to reduce bias. Additionally, we reached out to each of the organizations that produce the software we’ve rated to provide clarifications; their responses to our questionnaire are contained in this report. Still, the ratings rely on our expertise, and the wisdom of the Bitcoin community members who provided feedback. We welcome your input to improve future reports.
It is our hope that this report will inform your selections when choosing wallets, and when communicating desired features to developers. Thank you for taking the time to read our Spring 2015 report. We look forward to your feedback.
Sincerely,
Kristov Atlas
OBPP Contributor