Are you exposed? How Chainalysis cracked the Wasabi Bitcoin privacy wallet

SymbiosisSymbiosis

Although the Bitcoin network is a permanent open record of transactions, many third parties have built privacy functionality on top of it. One such service is Wasabi Wallet, which uses a mixer protocol, Tor integration, and is free to use and open source.

Mixers work by “mixing” transaction inputs and outputs together so that the relationship between senders and receivers isn’t clear. Thus a degree of anonymity is provided by making it difficult to trace the flow of funds.

In her recently released book Cryptopians, which details the early days of Ethereum, journalist Laura Shin claims Wasabi Wallet was the weak link, resulting in blockchain data analysis firm Chainalysis tracing stolen funds from The DAO hack of 2016.

How did hackers exploit The DAO?

Decentralized Autonomous Organizations (DAOs) refer to a decentralized fund in which token holders govern how it is run through proposals and voting. There is no hierarchical structure, only holders making decisions upheld by smart contracts.

The first DAO created was called The DAO and set up by Slock.it, which Blockchains LLC acquired in June 2019.

It launched in 2015 to raise funds for Web3.0 projects and startups. As the first of its kind, it became a smash hit, attracting 12 million ETH of investment ($150 million at time, but $30.2 billion today).

However, attackers managed to exploit a recursive calling vulnerability, meaning they could withdraw funds without the withdrawal being reflected in the account balance. This enabled hackers to set off a loop of withdrawals indefinitely, resulting in the loss of 3.6 million ETH ($50 million at the time, but $9 billion today).

Some of the stolen funds were sent to a Wasabi Wallet for washing. But a flaw in the protocol setup meant Chainalysis could deanonymize the mixer functionality using open source methods.

How did Chainalysis “break” the Bitcoin privacy Wasabi Wallet?

Shin claims this was possible because Wasabi Wallet failed to fully implement the ZeroLink protocol.

ZeroLink claims to fully anonymize Bitcoin transactions using a defined pre-mix and post-mix mixing technique. Pre-mix functionality is said to be easily implemented “without much overhead.” However, adding post-mix functionality to a wallet was an altogether more complex affair.

“Post-mix wallets on the other hand have strong privacy requirements, regarding coin selection, private transaction and balance retrieval, transaction input and output indexing and broadcast.”

Instead, it’s claimed that Wasabi Wallet opted for a “peel chain” method that offers fewer protections, resulting in Chainalysis being able to trace transactions from the DAO hack.

As such, Chainalysis did not “break” Bitcoin as such, only take advantage of a careless integration.

Nonetheless, there is an increasing narrative that financial privacy, as it pertains to cryptocurrency, is somehow wrong. While it’s true the majority of crypto transactions are above board, that hasn’t stopped authorities from enforcing ever-stricter policies.

Get your daily recap of Bitcoin, DeFi, NFT and Web3 news from CryptoSlate

It’s free and you can unsubscribe anytime.

Get an Edge on the Crypto Market 👇

Become a member of CryptoSlate Edge and access our exclusive Discord community, more exclusive content and analysis.

On-chain analysis

Price snapshots

More context

Join now for $19/month Explore all benefits

Comments (No)

Leave a Reply

Advantages of Using Cryptocurrency
The Evolution of Cryptocurrency
How to Trade With The FutureTrade
How Crypto Marketing is Emerging
Astrology NFT project ‘Lucky Star Currency’ rugged for over $1m – Certik
What is going on with Sam Bankman-Fried’s defense?
South Korean UPbit counters 1,800% surge in hacking attempts with AI-driven security measures
Crypto investment products see largest inflows since July — CoinShares
Gods Unchained: The Ultimate Guide
Boost Your Business with These AI Marketing Tools
Best AI Profile Pic Generators in 2023
Shazane Nazaraly’s Inspiring Journey to Launching Ares Corporation
Decentraland Hosts An Ugly Sweater Wearable Competition For Xmas!
Next Earth Introduces LAND Descriptions For Its Metaverse Plots
Degen Toonz & CULT&RAIN Lead the Way in Digital Fashion
Degen Toonz & CULT&RAIN Lead the Way in Digital Fashion