Sunday, June 24, 2012

TORwallet Sparks Trust Without Jurisdiction Debate

By Jon Matonis
Forbes
Tuesday, June 19, 2012

http://www.forbes.com/sites/jonmatonis/2012/06/19/torwallet-sparks-trust-without-jurisdiction-debate/

In the world of the Internet, entities can provide online services without any consideration for a legal jurisdiction. But, in the world of Tor or Onionland, entities can do so anonymously.

Intended to protect users' personal freedom, privacy, and ability to conduct confidential business, Tor (The onion router) is a system that improves online anonymity by routing Internet traffic through a worldwide volunteer network of layering and encrypting servers which impedes network surveillance or traffic analysis.

TORwallet has just announced an online bitcoin wallet run as a TOR hidden service (to access the service users must run the onion proxy software on their computer). They do not log any information except the current account balance and the bitcoins from many TORwallets can be mixed instantly to a single address in a single transaction to make them extremely difficult to trace. The same anonymity and untraceability of that crumpled paper money in your pocket is now available in electronic form.

Obviously, the cashless society people do not want this because full transaction traceability is the unstated motivation behind eliminating cash. Don't fall into this complacent attitude of a 'cashless society represents the future' because if we lose the monetary privacy features that we already have, it is a grim future indeed! Game over.

With Tor, the trade-off then becomes near total anonymity versus the ability to have legal recourse in a national jurisdiction. In relinquishing the option for legal recourse and for identifying the site operators, users must be content with the ongoing trustworthiness of the service. How do users become content and satisfied? Is anonymous reputation even possible? Trust will always be relative so is that enough?

eBay pioneered large-scale reputation credentials with its buying and selling platform that rewarded excellent service and punished repeat offenders. Long-standing positive reputations became very valuable in the competitive online marketplace, but users still had limited legal recourse against eBay and even though they may not know the other party to a transaction at least eBay did. The digital marketplace Silk Road currently operates a platform with a participant reputation system. However, in a two-party online Tor wallet service, you only have the earned trust of the non-jurisdictional site operator and that is comprised mainly of longevity and customer service. Only time will tell.

Essentially, the principle behind all mixing services is the ability to remove or obscure any linkage to a real-world identity because the bitcoin blockchain maintains a public transaction log of all transactions. Since the method used to obtain or purchase bitcoin may have revealed certain financial or personal links, it becomes necessary to render the blockchain useless for traffic analysis. Properly mixing bitcoin with other users' bitcoin will cause a chain of custody to break down and thereby provide plausible deniability for any transactions.

The privacy advantages of Tor-based mixing services are numerous. For instance, compared to proxy servers or VPNs, there are usually no IP logs kept which would be vulnerable to a court order or a server raid even if you paid for the VPN anonymously. A court order can also force a VPN to commence logging at any time.  According to TORwallet, "Any service not on Tor probably keeps logs of your IP address and could be coerced into giving up your information. Anyone wanting to force us to talk would have to find us first." They also claim that moving clean coins around from several large disconnected pools decreases the risk of matching inputs and outputs to trace client coins. Additionally, "being a Tor relay mixes your traffic in with other people's traffic, making it more difficult to do timing and correlation attacks." And from the user's perspective, the use of multiple wallets and mixers distributes risk.

Another Tor-based mixing service is Bitcoin Fog which charges between 1%-3% (randomized for obscurity). Perhaps the earliest and original bitcoin mixing service is Bitcoin Laundry which acquired the BitLaundry service running on Google App Engine in 2011. 

Disclaimer: bitcoin is not a recognized currency or monetary instrument in any jurisdiction.

For further reading:
"Review: TORwallet", Vitalik Buterin, Bitcoin Magazine, June 19, 2012
"Tips for Running an Exit Node with Minimal Harassment", Mike Perry, June 30, 2010
"Plaintext over Tor is still plaintext", phobos, June 1, 2010
"Anonymity and the Tor Network", Bruce Schneier, September 20, 2007

2 comments:

  1. There seems to be a trend towards anonymity services for bitcoin, probably because of the recent talks/papers coming out dispelling the myth that bitcoin is by default untraceable/etc.

    TOR wallet got a pretty harsh review on bitcoin magazine, but all the same its good to see this push.

    ReplyDelete