AngeloMetal
commented
1 year ago Agree, or at least warn the users for what it does.
Closed AnonymousMedusa closed 1 year ago
AngeloMetal
commented
1 year ago Agree, or at least warn the users for what it does.
Kruwed
commented
1 year ago Agree, or at least warn the users for what it does.
Why should users be warned? There's nothing dangerous or non private about using the software, the only thing that can happen by using Wasabi is that your privacy when using Bitcoin is improved.
ZenulAbidin
commented
1 year ago Agree, or at least warn the users for what it does.
Why should users be warned? There's nothing dangerous or non private about using the software, the only thing that can happen by using Wasabi is that your privacy when using Bitcoin is improved.
Maybe a warning with the exclamation mark is not appropriate according to you, but for transparency purposes it must be stated that the default coordinator might monitor coinjoins for undesirable activity.
Otherwise you're going to have people having their UTXOs rejected and wonder what is going on. Most people don't read docs, they read what's on bitcoin.org.
Kruwed
commented
1 year ago Maybe a warning with the exclamation mark is not appropriate but for transparency purposes it must be stated that the default coordinator might monitor coinjoins for undesirable activity. Otherwise you're going to have people having their UTXOs rejected and wonder what is going on. Most people don't read docs, they read what's on bitcoin.org.
Users can also have their UTXOs rejected by the default coordinator if they are below 0.00005000 BTC. Users can also have their UTXOs rejected by the default coordinator if they failed to sign a previous round. Such a statement would only confuse these users, which is why they should be referring to the docs, not Bitcoin.org.
Cobra-Bitcoin
commented
1 year ago Do we have a good idea of what type of addresses/conduct are being blacklisted? Or are the type of people who get blacklisted not exactly complaining on Reddit/BitcoinTalk about it? Entities like Lazarus and stuff?
I assume they blacklist UTXOs connected to hacking, but UTXOs associated with pornography/gambling/darkweb are not disturbed?
Kruwed
commented
1 year ago Do we have a good idea of what type of addresses/conduct are being blacklisted? Or are the type of people who get blacklisted not exactly complaining on Reddit/BitcoinTalk about it? Entities like Lazarus and stuff?
I assume they blacklist UTXOs connected to hacking, but UTXOs associated with pornography/gambling/darkweb are not disturbed?
"zkSNACKs Ltd. may execute illicit activity checking and control via a contracted third party solely in its CoinJoin coordination services. zkSNACKs Ltd. may suspend your UTXOs’ access to the CoinJoin services, with immediate effect for any reason - including but not limited to illicit or prohibited activities, applicable sanctions programs, or any crime or money-laundering activity"
Any concerns about arbitrary refusal from the default coordinator is solved by the usefulness of open source: Anyone can run a coordinator since zkSNACKs has made the backend entirely open source, and the order book for coordinators can be discovered over Nostr.
ZenulAbidin
commented
1 year ago "zkSNACKs Ltd. may execute illicit activity checking and control via a contracted third party solely in its CoinJoin coordination services. zkSNACKs Ltd. may suspend your UTXOs’ access to the CoinJoin services, with immediate effect for any reason - including but not limited to illicit or prohibited activities, applicable sanctions programs, or any crime or money-laundering activity"
This is the perfect notice to put on the Bitcoin.org listing (as well as acknowledging that the default coordinator is zksnacks).
ghost
commented
1 year ago I assume they blacklist UTXOs connected to hacking, but UTXOs associated with pornography/gambling/darkweb are not disturbed?
Also from the link above:
"The prohibition of this paragraph includes, but is not limited to, the following prohibited activities:
So anything linked to pornography or the darkweb is definitely being banned. Gambling is unknown.
crwatkins
commented
1 year ago These are great conversations to have. I have briefly reviewed the above comments and the bitcointalk conversation. Perhaps I can provide some background on the Wasabi Wallet listing on bitcoin.org.
bitcoin.org's wallet listing have a (poorly documented) filter item to show wallets which are suitable for new users. Wasabi Wallet is currently listed only when asking for wallets for experienced users. I have explained why I believe that is appropriate here.
I have explained in the past about how onerous I found the Wasabi legal agreement to be, but I don't think I can say that Wasabi is unique among listed wallets in placing restrictions on the use of a wallet. I don't believe it would be practical to document the restrictions of all of the wallet legal agreements on bitcoin.org.
To expand on the above point, wallet listings are generated "automatically" from information templates and currently there is no free form field for editorial comments beyond the 320-character description of the wallet. My understanding is that this was intentional to provide more consistency and less subjectivity in listings.
While I am personally uncomfortable with Coinjoin being on by default and tedious to turn off, I do believe that Wasabi Wallet adequately "warns" the user that Coinjoins are going to happen automatically (at least as good, or better than bitcoin.org could). Further, I'm not currently aware of any particular harm that would occur by downloading the wallet, yet deciding (based on the warning) not to continue to use the wallet before receiving any funds.
Wasabi developers have said in the past that they plan to hire a block chain analysis firm to help with blacklisting transactions for Wasabi Coinjoins. Many people (including myself) are very concerned about the lack of transparency of most, if not all, of these firms. Some commenters have proposed that the use of such a firm should affect Wasabi's privacy score on bitcoin.org. As far as I have been able to determine, Wasabi does not currently disclose any information such as IP addresses or email addresses to third parties for blacklisting. Depending on exactly how the lookups are done, they may or may not disclose (in advance) an address that will (unless blacklisted) be used in a future Coinjoin transaction which will eventually appear on the public blockchain. If this is correct, I believe that the current score on the listing is correct.
ZenulAbidin
commented
1 year ago @crwatkins Here is what appears when you search: "Windows", "Experienced", "Privacy", and no features using Bitcoin.org's choose your wallet page:
As you can see, at the bottom of this list is Wasabi, with a perfect privacy score.
Some commenters have proposed that the use of such a firm should affect Wasabi's privacy score on bitcoin.org. As far as I have been able to determine, Wasabi does not currently disclose any information such as IP addresses or email addresses to third parties for blacklisting. Depending on exactly how the lookups are done, they may or may not disclose (in advance) an address that will (unless blacklisted) be used in a future Coinjoin transaction which will eventually appear on the public blockchain. If this is correct, I believe that the current score on the listing is correct.
Here are the details listed on the entry for Wasabi wallet when you click on it:
The issue here is that outside zksnacks, nobody really knows how they are going to perform the lookups - including even some Wasabi developers.
I guess these main points should be kept, but then below, there should be added a section like: "It is unclear what criteria Wasabi[1] uses to accept and reject transactions for coinjoins."
But until then, the privacy is certainly not "Good"; maybe one of the other classifiers is better suited. "Caution" will be contentious on this thread despite being what most of this thread is arguing for here, but the next best rating is "Acceptable". Though even the Acceptable rating may not be seen as suitable enough by the consensus here.
[1] zksnacks technically, but apparently they are not mentioned on bitcoin.org
crwatkins
commented
1 year ago @ZenulAbidin wrote
The issue here is that outside zksnacks, nobody really knows how they are going to perform the lookups - including even some Wasabi developers.
Wasabi Wallet is open source and deterministically built so there is a reasonable expectation of being able to verify exactly what information the wallet is disclosing. bitcoin.org has listing criteria specifically for wallets with the expectation that the wallet should provide proper protections and not rely on external servers for those protections. That said, note that the coinjoin server is also open source.
I guess these main points should be kept, but then below, there should be added a section like: "It is unclear what criteria Wasabi[1] uses to accept and reject transactions for coinjoins."
I wouldn't disagree with that statement, but similar statements could be made about transactions in general sent to servers of other wallets listed or even arbitrary bitcoin nodes on the network. I definitely find this undesirable, but unless I'm missing something, I don't perceive the unique danger here that warrants a special warning.
But until then, the privacy is certainly not "Good"; maybe one of the other classifiers is better suited.
Wasabi Wallet appears to meet the "good" privacy criteria as explained here with the understanding that "information" refers to identifiable information such as IP addresses or email addresses (see the descriptions here) and not information which is broadcast to the entire p2p network and recorded on the blockchain. Unless I'm missing something, information from successful coinjoins is recorded on the blockchain and unsuccessful coinjoins were intended to be recorded on the blockchain.
AnonymousMedusa
commented
1 year ago @crwatkins wrote
Wasabi Wallet is open source and deterministically built so there is a reasonable expectation of being able to verify exactly what information the wallet is disclosing
Yes, but it is also a privacy focused software, not just Bitcoin wallet. Privacy being preserved at all times, as they say, deserves at least a warning provided that they do perform blacklisting.
bitcoin.org has listing criteria specifically for wallets with the expectation that the wallet should provide proper protections and not rely on external servers for those protections.
It relies on a central coordinator, which relies on a chain analysis company that discrimates against some people in the first place.
I wouldn't disagree with that statement, but similar statements could be made about transactions in general sent to servers of other wallets listed or even arbitrary bitcoin nodes on the network.
But here we are talking about an official decision. This is not some "banned-transaction-filter" run secretly. An official decision like that deserves an official warning, IMHO. In addition, the analogy with arbitrary nodes rejecting transactions in secret is not good, because they cannot prevent the transaction from happening, while the central coordinator can very well prevent the coinjoin from happening.
crwatkins
commented
1 year ago Please allow to me explain some administrative procedures relating to this issue as best as I currently understand them.
The proposal being discussed in this issue (from the title) is to remove Wasabi Wallet from listing. Wallets have historically been removed from listing based on no longer meeting the listing criteria. That can be due to the wallet changing or it can be due to listing requirements changing. (I also suppose the wallet could have been listed in error to begin with, but I'm not aware of that happening in the past, and I don't believe that is the case here). I'm also not aware of any wallet in the past being treated differently (having additional unwritten criteria) than other wallets because of claims in the wallet description (e.g. "privacy focused") or elsewhere. If a description is inaccurate, a PR should definitely be submitted to correct the description. A PR is also the way to add new criteria or modify old criteria. If a wallet does not meet the existing criteria, it should be clearly stated which criteria are not being met and specifically how or why with examples if possible such as references to the source code or documented behavior.
AnonymousMedusa
commented
1 year ago @crwatkins wrote
The proposal being discussed in this issue (from the title) is to remove Wasabi Wallet from listing.
Maybe completely removing it from bitcoin dot org is excessive, as others have suggested.
If a description is inaccurate, a PR should definitely be submitted to correct the description.
So, should I pull a request correcting the description of the wallet? I do find lack of accuracy in the following:
This wallet relies on a centralized service by default. This means a third party must be trusted to not hide or simulate payments.Prevents spying on your payments
This wallet makes it harder to spy on your balance and payments by rotating addresses. You should still take care to use a new Bitcoin address each time you request payment.Unless there is an active proposal to remove Wasabi Wallet from the listings, I would recommend closing this issue and creating a new issue or a new PR with any new proposals. (The title of this existing issue could be changed, but my personal recommendation would be to reduce the confusion for future readers by creating a separate issue/PR).
As mentioned above
wallet listings are generated "automatically" from information templates
as described here. Text descriptions (and translations) are generated automatically from the scoring. It is important to understand that any changes beyond what is described there requires changes to the structure of the site (which can also be submitted via a PR).
AnonymousMedusa
commented
1 year ago I will close this and pull a request. Thanks for letting me know.
TL;DR: The Wasabi wallet development team has swifted to the opposite direction, funding chain analysis company, blacklisting coins (which is contradictory as they argue they are pro-fungibility), both of which are completely non-expected for a software that is supposed to be privacy-focused.
Longer discussion here: https://bitcointalk.org/index.php?topic=5457560.msg62460888#msg62460888