Freeze address after spending

[imaginaryusername]

Add a trigger: After spending shuffled, (if #72 is implemented, both bucket 2 and bucket 4 spends) all input addresses are marked "frozen", so future incoming coins will not contaminate anything. Users may manually unfreeze them at their own risk.

The feature may also be ported to regular EC (since this will be mainlined, might as well) if it fulfills:

• Check if "use change address" is enabled for the wallet. If disabled, do not trigger.
• Check if wallet is HD. If not, do not trigger.

Gave this a thought and it actually complements #72 (!). @markblundeberg

[cculianu]

This pretty much is just a more general #96, no? Basically if we do this, #96 doesn't need to be done because this is a more general version of it , right?

[imaginaryusername]

This is more of an "after-spending" #96... both (1) and (2), as well as any more permanent implementation of #72 (will require modifying this for specific buckets), is complementary with this imo. #96 concerns what happens when both coins are present, this addresses when one of them is gone.

[Mengerian]

Yeah, this makes sense.

Normally the shuffled address should never be used after spending, if it receives a coin it's most likely some sort of dusting spam or de-anonymization attack.

For #96 I think the best approach is to always spend all coins at the address together (I think the coin chooser already does this?), but for this case, freezing is probably the best thing to do.

I guess the behavior could also be restricted to change addresses.

[cculianu]

I'm wondering what messaging to use for the auto-generated address label (will only write to the label if no label exists) -- maybe "Shuffled coin spent -- Do not reuse" or somesuch?

I feel half the battle is educating users (they would likely appreciate it). It can turn a confused/angered user into an enlightened one if we put a reasonable label in there.

[imaginaryusername]

For label I'll suggest "Address used - frozen for you privacy".