Feature Request: Shuffle to another wallet

[acidsploit]

Add an option to allow the user to shuffle to another wallet, where the user can provide the xpub key of another wallet.

[imaginaryusername]

Implementation considerations:

• To avoid address reuse, the wallet should keep track of the xpub as a watch-only that piggybacks on the main wallet.
• Once a wallet is transformed into a "shuffle to something else" wallet, it'll always irreversibly keep watching the xpub.
• In conjunction with #72, basically output types that would be 2) is all sent to this xpub instead. 4) will still exist. Any spending and change done on that remote xpub is no longer considered - note that while this separation is cleaner, due to lack of separation between clean coins and their own change at the remote wallet, privacy might be degraded slightly.

[cculianu]

• To avoid address reuse, the wallet should keep track of the xpub as a watch-only that piggybacks on the main wallet.

Yes.. good point.

• Once a wallet is transformed into a "shuffle to something else" wallet, it'll always irreversibly keep watching the xpub.

Or.. make it explicitly hard to reverse -- without specifying another destination wallet ? (Destination could also be self, as we have now)?

[markblundeberg]

Pros:

• Perfect solution to firewalling between dirty / clean addresses; no extra code needed. Don't need complex 'unshuffled/shuffled send' logic. Each wallet just makes regular sends using its own addresses.
• Can achieve perfect second-layer shuffles by shuffling into a third wallet, if desired; no need to juggle additional category sets.
• Turning off cash shuffle doesn't result in a privacy disaster.
• Easy to redirect to a new xpub, so you can have multiple clean wallets for different purposes. Good privacy practice means compartmentalizing every "clean" use case.
• Multiple distinct dirty wallets can output to the same 'clean' xpub. Good privacy practice also means compartmentalizing every "dirty" use case.
• Trivial to shuffle out of Electron Cash directly into a bitcoin.com wallet; trivial to shuffle into a cold wallet / hardware wallet.

Cons:

• May or may not involve extra mnemonic.
• Need a few lines of code to probe for unused addresses on that other wallet. Note that for automatic address selection, you should never use receiving address set (better known as 'external addresses' because they are meant for user to manually share with others), rather it should use its 'internal' address set (so-called "change addresses") which are explicitly intended for automated use cases.

[acidsploit]

We can also add a (default?) option where it shuffles to the same wallet, but just to another hardened derivation path.

[imaginaryusername]

Additional pros:

• Chain of wallets will be fairly easy to port to another independent implementation, should they emerge.
• Allows another layer on top of EC to do even more complex manipulations like Deniability.

Additional cons and why this should remain optional:

• Bad UX ("What do you mean I have to make another wallet? What do you mean I should not send from this first wallet? The send tab is still there?")
• Difficult for automation to make user behave optimally (see above)
• More bad UX ("what the fuck is an xpub, and what do you mean i need to copy paste them?")

@acidsploit see #73

[markblundeberg]

Yes, the easiest way for this to be done (in Electron Cash at least) is to have a button that creates/opens the associated Shuffled wallet (which is on another derivation path). This would be accomplished by:

• deriving new xprv/xpub in background
• generating a new wallet file with that xprv/xpub, or finding the previously made one on the same automatic filename.

The user would click on a button and see a new wallet open with a filename like "CLEAN_76be98c44818df87". It should be password protected using same password, or something like that. It's also possible to do it without wallet files but it's a bit heavy to have to re-download transactions and SPV proofs every time.

An advanced config setting would let you select another existing wallet file to output to, or, enter an xpub.

[markblundeberg]

Another downside: Doesn't provide a firewall between different 'shuffled send' events -- the receiving wallet just acts like a regular wallet.

[CatatonicAdenosine]

Another way of doing this could be to implement the feature as a "sweep" instead of as a send, ie. "sweep and shuffle" under Private Keys>Sweep. The user would set up a new wallet in EC and sweep from their old seed or xprv/xpub. The sweep would be conducted via a shuffle to fresh addresses in this new wallet.

Pros:

• It would ensure that the user has the xprv as well as the xpub, avoiding some screwup when handling addresses in the send process.
• From a UX perspective, it better fits with the use case, ie. migrating to a new wallet.
• As per this use case, it wouldn't require the user linking a fresh xpub (or even a seed) to an old wallet. For example, If I wanted to send my EC balance to my Ledger for safe keeping using shuffle, I wouldn't need to provide my Ledger's xpub (or, god forbid, seed!) to my old EC wallet.