Wasabi Wallet: Difference between revisions

From Bitcoin Wiki
Jump to navigation Jump to search
Jesse.am (talk | contribs)
m added the definite article "the"
Kristapsk (talk | contribs)
Fix GitHub link
 
(26 intermediate revisions by 4 users not shown)
Line 1: Line 1:
'''Wasabi Wallet''' is an open-source, non-custodial, '''privacy-focused''' Bitcoin wallet for Desktop, that implements trustless '''[[CoinJoin]]'''. The CoinJoin coordinator (run by zkSNACKs Ltd., the company that is sponsoring the development of Wasabi) cannot steal from, nor breach the privacy of the participants.
'''Wasabi Wallet''' is an open-source, non-custodial, '''privacy-focused''' Bitcoin wallet for Desktop that implements trustless '''[[CoinJoin]]'''. The code is on GitHub at [https://github.com/zkSNACKs/WalletWasabi zkSNACKs/WalletWasabi] where anyone can see, verify, and contribute to the project. Wasabi Wallet is trustless by design, meaning neither the public nor the developers can breach your privacy. This is accomplished via [https://github.com/bitcoin/bips/blob/master/bip-0158.mediawiki client-side block filtering](BIP158), communication over the [https://www.torproject.org Tor anonymity network], and the [https://github.com/zkSNACKs/WabiSabi WabiSabi] protocol: an anonymous credential scheme for centrally coordinated coinjoin transactions. The coinjoin coordinator is run by zkSNACKS Ltd., the company that sponsors the development of Wasabi Wallet. The developers have gone to great lengths to ensure that the coordinator cannot steal nor breach the privacy of any participant. This can all be verified by examining the open-source code.


The package includes built-in [[Tor]] and, by default, all traffic between the clients and the server goes through it, so IP addresses are hidden and privacy of the users is respected. Under normal conditions, Wasabi Wallet never leaves the Tor onion network and it never uses Tor exit relays, significantly decreasing the network attack surface.
Wasabi Wallet strives toward establishing solid industry best practices and standards. It implements [https://en.bitcoin.it/wiki/Deterministic_wallet Hierarchical Deterministic wallets] , [https://en.bitcoin.it/wiki/Address_reuse address reuse avoidance], as well as mandatory coin labeling. The wallet uses BIP-158 client-side block filtering to obtain its own transaction history in a private way and it has a one-click partial full node integration as it ships with Bitcoin Knots. If the user already has a Bitcoin full node on a local or remote device, then it is possible to specify the IP address and port, or the Tor onion service, and Wasabi will use it to verify and enforce the rules of Bitcoin.  
 
Wasabi also includes all standard privacy tech like Hierarchical [[Deterministic wallet]]s, [[address reuse]] avoidance, as well as mandatory coin control and labeling. The wallet uses BIP-158 [[Client-side block filtering]] to obtain its own transaction history in a private way and it has a one-click partial full node integration as it ships with Bitcoin Knots.
If the user already has a Bitcoin full node on a local or remote device, then it is possible to specify the IP address and port, or the Tor onion service, and Wasabi will use it to verify and enforce the rules of Bitcoin.
 
In addition to this, it has advanced cutting-edges features like:
* Opt-in [[PayJoin]]
* Dust attack protections
* Custom change address
* Anti wallet fingerprinting
 
Wasabi also has a [https://docs.wasabiwallet.io/ complete and detailed documentation] containing explanations on the architecture of the program, on its functioning and tutorials on how to use it.  


In addition to this, Wasabi has advanced cutting-edge features like Opt-in PayJoin and [https://docs.wasabiwallet.io/FAQ/FAQ-UseWasabi.html#what-is-the-dust-threshold Dust attack] protections. You can find a full list of [https://docs.wasabiwallet.io/using-wasabi/BIPs.html#what-is-supported supported BIPs] in the wallet documentation. This is part of Wasabi Wallet’s [https://docs.wasabiwallet.io/ complete and detailed documentation] containing descriptions about the architecture and functionality of the wallet, as well as helpful tutorials on how to use it. There is also a [https://www.youtube.com/watch?v=ry6qIyQmzRE&list=PLPwc75tPMdsi2bSYL6qi79izHIvps2E6b tutorials playlist] on YouTube with short videos on how to use and interact with Wasabi Wallet.
=Wasabi Wallet installation=
=Wasabi Wallet installation=
[[File:WasabiWallet.io_Website.jpg|thumb|right|WasabiWallet.io homepage]]
[[File:Wasabiwallet.io.png|thumb|right|WasabiWallet.io homepage]]


Wasabi Wallet is easy to install. First, you have to go to https://wasabiwallet.io or http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion (for the onion service) and download the version for your own operating system. Wasabi is available in most operative systems with 64-bit architecture.
Wasabi Wallet is easy to install. First, you have to go to https://wasabiwallet.io or http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion (for the onion service) and download the version for your own operating system. Wasabi is available in most operating systems with 64-bit architecture.


The officially supported OS are Linux, Windows and macOS, for the complete compatibility list you check the [https://github.com/zkSNACKs/WalletWasabi/blob/master/WalletWasabi.Documentation/WasabiCompatibility.md Wasabi Compatibility document]. It is also possible to manually verify the PGP signatures and the deterministic builds.
Linux, Windows and macOS (intel & M1) are the officially supported operating systems. For the complete compatibility list check the [https://github.com/zkSNACKs/WalletWasabi/blob/master/WalletWasabi.Documentation/WasabiCompatibility.md Wasabi Compatibility document]. It is also possible to manually verify the PGP signatures and the deterministic builds.


For a step-by-step tutorial on the installation and PGP verification, you can follow the [https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html relevant chapter in the documentation].
For a step-by-step tutorial on the installation and PGP verification, you can follow the [https://docs.wasabiwallet.io/using-wasabi/InstallPackage.html relevant chapter in the documentation].
Line 27: Line 17:
=Run Wasabi Wallet=
=Run Wasabi Wallet=


When you run Wasabi for the first time, you will be proposed to generate a new wallet. Choose a unique name for the wallet so that you remember what it is about. Next choose a very secure password, as this encrypts the secrets and protects your wallet. You will always need the password in order to spend your bitcoins or do CoinJoins, so remember to back it up properly.
When you run Wasabi for the first time, you will be prompted to generate a wallet. You have the option to create a new wallet, connect to a hardware wallet, import a wallet from a file, or recover a wallet with a 12 word seed. When you generate the wallet, you will then be prompted to choose a unique name for it; choose a name that reflects the purpose of the wallet. If you create a new wallet you will be presented with 12 recovery words to record ([https://github.com/bitcoin/bips/blob/master/bip-0039.mediawiki BIP39]), followed by the option to encrypt your wallet with a secure password ([https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki BIP38]). You will always need the password in order to login to your wallet and whenever you spend your bitcoins, so remember to properly backup both the password and the 12 recovery words.
At worst, Wasabi has a '''Password Finder''' tool, designed for helping those who made a mistake typing the password during the wallet creation process. The Password Finder will try to find the password that decrypts the encrypted secret key stored in a given wallet file.
 
=Send and Receive bitcoin via Wasabi Wallet=
 
As explained above, Wasabi has '''mandatory coin labeling'''. This means that in order to send or receive bitcoin we have to specify custom labels for the address. These labels should be the name of any entities who know that this address is yours. Properly annotated labels is one of the most important features in Wasabi Wallet because it helps you better manage your privacy. A simple example of labeling is as follows: Alice pays you back for last night's pizza, so you label your receive address as ''Alice''. Now you have a record of the specific UTXO that Alice is aware of and can trace on the [[Block chain]].
 


After that, Wasabi will show your 12 recovery words. Remember to backup those (together with the password), as they are needed to recover your wallet in the future.
'''Receiving Bitcoin'''
# Click ''Receive'' button
# Add Labels
# Scan or copy the unused bitcoin address.


=Send and Receive bitcoin via Wasabi Wallet=
'''Sending Bitcoin'''
# Click ''Send'' button
# Paste bitcoin address
# Enter amount in BTC or USD
# Add Labels
# Preview Transaction (option to specify custom transaction fee rate)
# Enter password.
 
=Coinjoin via Wasabi Wallet=
 
[[File:Wasabi Wallet Coinjoin.png|thumb | right |Wasabi Wallet 2.0]]
 
 
'''Coinjoins''' are the most important feature of Wasabi Wallet. '''Schnorr blind signatures''', (which is similar to the cryptography used in chaumian blind signatures and [[blinded bearer certificates]]) make it possible to run '''trustless''' (meaning nobody can steal) and '''private''' (meaning even the coordinator cannot spy) coinjoins where nobody learns the linkage between the mixed transaction inputs and outputs.
 
Wasabi Wallet implements the [https://eprint.iacr.org/2021/206 WabiSabi] protocol, which is an anonymous credential scheme for central coordinated coinjoin transactions. The zkSNACKs Ltd. company is who coordinates the coinjoin transactions for Wasabi Wallet. They take a fee for coordinating the coinjoin and use these funds to sponsors the Wasabi developers. The fee structure is as follows: coins with a value above 0.01 BTC costs 0.3% as a [https://github.com/zkSNACKs/WalletWasabi/tree/master/WalletWasabi.Backend coordinator fee] + [https://mempool.space/ mining fees]. Inputs of 0.01 BTC or below do not pay coordinator fees, nor remixes, even after one transaction. Thus, a payment made with coinjoined funds allows the sender and the recipient to remix their coins without paying coordinator fees.
 
<br>


As explained above, Wasabi has '''mandatory coin control and labeling'''. This means that, in order to send bitcoin, you have to manually choose [[UTXO]] specify a custom ''Known by'' label which will allow you to always have under control which entities you transact with and which addresses in your possession they are aware of.
{| class="wikitable" style="text-align:center;"
|- style="text-align:left;"
!
! > 0.01 BTC
! 0.01 BTC and less
|- style="vertical-align:middle;"
| Fresh input
| 0.3% coordination fee + mining fees
| mining fees
|- style="vertical-align:middle; background-color:rgba(73, 88, 107, 0.1);"
| Remix*
| mining fees
| mining fees
|- style="text-align:left;"
|}
<nowiki>*</nowiki>Remix includes a 1 hop transaction


The same applies to receiving bitcoin. First, you need to generate an address in the ''Receive'' tab and label it with the names of any observers who know that this address is yours. For example, if Alice pays you back for last nights pizza, then the label is ''Alice''. This is one of the most important features in Wasabi Wallet and it will help in managing better your privacy.
<br>


=CoinJoin via Wasabi Wallet=
[https://github.com/zkSNACKs/WabiSabi WabiSabi] was introduced in Wasabi Wallet 2.0 and improves upon the original [https://github.com/nopara73/ZeroLink ZeroLink] protocol of Wasabi Wallet 1.0. WabiSabi is a novel communication protocol for creating bitcoin coinjoin transactions with arbitrary amounts, which provides more privacy at less cost for the user. This new protocol utilizes keyed verification anonymous credentials and homomorphic value commitments to enable novel use cases and reduced overhead. WabiSabi enables the emergence of much larger coinjoins rounds with hundreds of inputs and outputs (e.g., [https://mempool.space/tx/4f0436e9406e5930f9cdaaf94144de72b2b204690e7b19fe5f80067545440a7c 4f0436e9406e5930f9cdaaf94144de72b2b204690e7b19fe5f80067545440a7c]).
[[File:Wasabi CoinJoin tab.png|thumb|right|Wasabi CoinJoin tab]]
'''CoinJoins''' are probably the most important feature of Wasabi. Thanks to '''Schnorr blind signatures''', (which is similar to the cryptography used in chaumian blind signatures and [[blinded bearer certificates]]) it is possible to run '''trustless''' (meaning nobody can steal) and '''private''' (meaning even the coordinator cannot spy) CoinJoins where anyone does not learn the linkage between the mixed transaction inputs and outputs.


Thanks to the technologies behind Wasabi, it is therefore possible make CoinJoin between Wasabi users without any liquidity provider middlemen.
=Controversies=
Users' wallets connect to a server which coordinates the [[CoinJoin]], that is run by the zkSNACKs Ltd. company. The company sponsors the development of Wasabi Wallet and makes its income by taking a fee (0.003% * anonymity set) from each CoinJoin transaction.
The anonymity set is essentially the size of the group you are coinjoining in. If 3 people take part in a CoinJoin (with equal size inputs) and there are 3 outputs then each of those output coins has an anonymity set of 3.


Wasabi allows you to make CoinJoins up to 100 peers. This means that a maximum of 100 anonsets can be earned per CoinJoin round.
On March 13 2022, Wasabi announced that its zkSNACKs coordinator had plans for blacklisting tainted coins, which would prevent them from participating in CoinJoins.<ref>https://www.coindesk.com/tech/2022/03/14/wasabi-wallets-coinjoin-coordinator-to-blacklist-certain-bitcoin-transactions/</ref> This was met with backlash from some parts of the Bitcoin community who did not like the concept of taint.<ref>https://bitcointalk.org/index.php?topic=5405325.0</ref>. Wasabi has stated that they do not have access to any information that can link user identities, and acknowledged that the decision to blacklist tainted outputs was done proactively, with no legislation requiring them to do so.<ref>https://bitcoinist.com/wasabi-side-reasons-blacklisting-from-coinjoin/</ref>
Of course, you can do multiple rounds, greatly increasing your total anonset (and, consequently, your privacy).


[[Category:Privacy]]
[[Category:Privacy]]
=References=

Latest revision as of 14:20, 3 July 2023

Wasabi Wallet is an open-source, non-custodial, privacy-focused Bitcoin wallet for Desktop that implements trustless CoinJoin. The code is on GitHub at zkSNACKs/WalletWasabi where anyone can see, verify, and contribute to the project. Wasabi Wallet is trustless by design, meaning neither the public nor the developers can breach your privacy. This is accomplished via client-side block filtering(BIP158), communication over the Tor anonymity network, and the WabiSabi protocol: an anonymous credential scheme for centrally coordinated coinjoin transactions. The coinjoin coordinator is run by zkSNACKS Ltd., the company that sponsors the development of Wasabi Wallet. The developers have gone to great lengths to ensure that the coordinator cannot steal nor breach the privacy of any participant. This can all be verified by examining the open-source code.

Wasabi Wallet strives toward establishing solid industry best practices and standards. It implements Hierarchical Deterministic walletsaddress reuse avoidance, as well as mandatory coin labeling. The wallet uses BIP-158 client-side block filtering to obtain its own transaction history in a private way and it has a one-click partial full node integration as it ships with Bitcoin Knots. If the user already has a Bitcoin full node on a local or remote device, then it is possible to specify the IP address and port, or the Tor onion service, and Wasabi will use it to verify and enforce the rules of Bitcoin.

In addition to this, Wasabi has advanced cutting-edge features like Opt-in PayJoin and Dust attack protections. You can find a full list of supported BIPs in the wallet documentation. This is part of Wasabi Wallet’s complete and detailed documentation containing descriptions about the architecture and functionality of the wallet, as well as helpful tutorials on how to use it. There is also a tutorials playlist on YouTube with short videos on how to use and interact with Wasabi Wallet.

Wasabi Wallet installation

WasabiWallet.io homepage

Wasabi Wallet is easy to install. First, you have to go to https://wasabiwallet.io or http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion (for the onion service) and download the version for your own operating system. Wasabi is available in most operating systems with 64-bit architecture.

Linux, Windows and macOS (intel & M1) are the officially supported operating systems. For the complete compatibility list check the Wasabi Compatibility document. It is also possible to manually verify the PGP signatures and the deterministic builds.

For a step-by-step tutorial on the installation and PGP verification, you can follow the relevant chapter in the documentation.

Once the software is installed, icons will be created on the desktop and on the menu, you can click on them to open the program. If you have downloaded the .tar.gz version, then first extract it and then run the ./wassabee command.

Run Wasabi Wallet

When you run Wasabi for the first time, you will be prompted to generate a wallet. You have the option to create a new wallet, connect to a hardware wallet, import a wallet from a file, or recover a wallet with a 12 word seed. When you generate the wallet, you will then be prompted to choose a unique name for it; choose a name that reflects the purpose of the wallet. If you create a new wallet you will be presented with 12 recovery words to record (BIP39), followed by the option to encrypt your wallet with a secure password (BIP38). You will always need the password in order to login to your wallet and whenever you spend your bitcoins, so remember to properly backup both the password and the 12 recovery words.

Send and Receive bitcoin via Wasabi Wallet

As explained above, Wasabi has mandatory coin labeling. This means that in order to send or receive bitcoin we have to specify custom labels for the address. These labels should be the name of any entities who know that this address is yours. Properly annotated labels is one of the most important features in Wasabi Wallet because it helps you better manage your privacy. A simple example of labeling is as follows: Alice pays you back for last night's pizza, so you label your receive address as Alice. Now you have a record of the specific UTXO that Alice is aware of and can trace on the Block chain.


Receiving Bitcoin

  1. Click Receive button
  2. Add Labels
  3. Scan or copy the unused bitcoin address.

Sending Bitcoin

  1. Click Send button
  2. Paste bitcoin address
  3. Enter amount in BTC or USD
  4. Add Labels
  5. Preview Transaction (option to specify custom transaction fee rate)
  6. Enter password.

Coinjoin via Wasabi Wallet

Wasabi Wallet 2.0


Coinjoins are the most important feature of Wasabi Wallet. Schnorr blind signatures, (which is similar to the cryptography used in chaumian blind signatures and blinded bearer certificates) make it possible to run trustless (meaning nobody can steal) and private (meaning even the coordinator cannot spy) coinjoins where nobody learns the linkage between the mixed transaction inputs and outputs.

Wasabi Wallet implements the WabiSabi protocol, which is an anonymous credential scheme for central coordinated coinjoin transactions. The zkSNACKs Ltd. company is who coordinates the coinjoin transactions for Wasabi Wallet. They take a fee for coordinating the coinjoin and use these funds to sponsors the Wasabi developers. The fee structure is as follows: coins with a value above 0.01 BTC costs 0.3% as a coordinator fee + mining fees. Inputs of 0.01 BTC or below do not pay coordinator fees, nor remixes, even after one transaction. Thus, a payment made with coinjoined funds allows the sender and the recipient to remix their coins without paying coordinator fees.


> 0.01 BTC 0.01 BTC and less
Fresh input 0.3% coordination fee + mining fees mining fees
Remix* mining fees mining fees

*Remix includes a 1 hop transaction


WabiSabi was introduced in Wasabi Wallet 2.0 and improves upon the original ZeroLink protocol of Wasabi Wallet 1.0. WabiSabi is a novel communication protocol for creating bitcoin coinjoin transactions with arbitrary amounts, which provides more privacy at less cost for the user. This new protocol utilizes keyed verification anonymous credentials and homomorphic value commitments to enable novel use cases and reduced overhead. WabiSabi enables the emergence of much larger coinjoins rounds with hundreds of inputs and outputs (e.g., 4f0436e9406e5930f9cdaaf94144de72b2b204690e7b19fe5f80067545440a7c).

Controversies

On March 13 2022, Wasabi announced that its zkSNACKs coordinator had plans for blacklisting tainted coins, which would prevent them from participating in CoinJoins.[1] This was met with backlash from some parts of the Bitcoin community who did not like the concept of taint.[2]. Wasabi has stated that they do not have access to any information that can link user identities, and acknowledged that the decision to blacklist tainted outputs was done proactively, with no legislation requiring them to do so.[3]

References