Although Bitcoin’s privacy-focused Wasabi Wallet (BTC) recently rejected claims that its anonymity features might be compromised, a third-party expert disagrees.
In a post on August 19, Wasabi competitor Samourai claimed to have “discovered potential privacy vulnerabilities in Wasabi Wallet.” According to the announcement, the company has also identified several anonymity issues for the Wasabi Wallet’s CoinJoin bitcoin mixer.
Mario Havel, co-founder of the privacy and cryptography nonprofit Paralelni Polis, said Samourai’s claims are reliable and can be checked in Wasabi’s code. It is to be explained:
“The vulnerabilities […] uncovered do not affect wallet security. [Instead] they only affect [anonymity in] some CoinJoin scenarios where the user is more confused [issuing unspent transactions].”
Adam Fexor, a senior developer at Wasabi, stated that the problem that Samourai posed was the lack of randomness in choosing unspent transactions or UTXO in the CoinJoin shuffle. He claimed that this does not compromise anonymity since only the users themselves know all of the UTXO in their wallet.
Havel noted that Wasabi users using the CoinJoin feature should always know how to manage their UTXOs in such a way that anonymity is preserved:
“Getting data protection right, especially with tools like coin control, requires some knowledge and attention. In this case, the user should be aware of potential attack scenarios and avoid them by properly managing UTXO.”
Wasabis Ficsor also said that samourai “has repeatedly claimed in the past to have” an unnamed “wasabi”. “This statement is in line with reports from July 2019 that samourai raised concerns about the implementation of Wasabis CoinJoin.” The Society knows that their claims are exaggerated, “said Vexor. Mario Havel disagreed:
“There have been a lot of engagements in the past, which makes sense to a certain extent, but overall Samourai’s research does a good and interesting job in Bitcoin’s data protection system. Most of the claims against wasabi are based on [the problem mentioned above] that it requires some knowledge to use properly. Certain. “”
However, Havel admits that “Samourai and Wasabi are competitors” and that both benefit from CoinJoin fees for their users. Both companies also benefit from hurting their competitors’ reputations. He completed:
“Personally, I use both wallets because they each have different functions and permissions. […] Both are great wallets even without the CoinJoin function, and it is only up to the user how to use them and what wallet functions they need. “