The core one: decouple the transaction address from the identity link. This is essential.
Written by: Leo Young
Blockchain, encrypted assets, and decentralized finance (DeFi) do not naturally protect user privacy. On the contrary, all transaction information in the chain, so that DeFi user’s habits and even personal identity completely exposed in front of the world.
A recent example is that Sam Bankman-Fried , the derivatives trading platform FTX and CEO of Alameda Research, is suspected of shorting DeFi tokens, causing controversy. Someone in the DeFi community pointed out that the data on the chain clearly showed that he transferred nearly 80 million US dollars of platform currency FTT to Cream Finance to mortgage and borrow assets such as COMP and YFI, and then sold them. Although he explained the motive of this operation, it still caused dissatisfaction in the community.
A wallet address of Sam Bankman-Fried has been closely monitored by DeFi enthusiasts, source:
https://debank.com/portfolio/0x477573f212a7bdd5f7c12889bd1ad0aa44fb82aa
Whether for giant whales or individuals, I believe no one wants to disclose all their past transaction records to the outside world. Privacy will also be the basis of DeFi scale applications. With DeFi applications, privacy issues must be concerned.
In fact, for ordinary users, it is possible to improve the level of privacy protection through some simple techniques. This article recommends some basic methods for protecting privacy.
Of course, if you want to get advanced skills, understand more information about Ethernet Square privacy principles and practices recommended reading chain smell the previously released ” Ethernet Square’s Online Privacy Protection Practical Guide .”
Basic Skills: Getting Started to Use DeFi Safely
1. Register a new email address
Having a brand-new, unrecognizable e-mail is the basis for ensuring your anonymity.
Recommend the use of encryption software service postale.io, ProtonMail, Tutanota, anonymous e-mail service Secure Email, or can also be considered a one-time e-mail service Guerrilla Mail.
Useful links
postale: https://postale.io/
ProtonMail: https://protonmail.com/
Tutanota: https://tutanota.com/zhhans/
Secure Email: https://www.secure-email.org/
Guerrilla Mail: https://www.guerrillamail.com (There are often problems that cannot be linked)
Registering a new email address requires avoiding personal identity verification or phone registration, and at the same time, enabling two-step verification. After registering a new email address, you can receive push messages from applications such as Etherscan .
You must pay attention to avoid any communication related to your identity in the mailbox. Remember, this is your dedicated DeFi mailbox .
2. Separate public transaction addresses from private transaction addresses
Any public address transaction should be separated from the private address private trading area, such as the address for receiving donations and personal assets addresses should be separated.
3. Use full nodes for transactions
Use full node wallet, all transaction information stored locally by its own node to verify the results of the whole network will broadcast transaction information, guaranteed not to leak information IP address. Full deployment of nodes not only to protect its own transaction security, is also beneficial to network more to the center. Of course, this requirement is somewhat high, because the hardware requirements of a full node are not low for most users. At present, the entire block of Bitcoin is nearly 360 GB, and the entire block of Ethereum is nearly 480 GB.
4. Use hardware wallet
The hardware wallet has Ledger, imKey, Cobo, etc. optional. Another approach is to store digital assets using a special phone, but keep in mind that usually need to stay offline, set your password, security custody.
5. Things not to do
Avoid social networking site saying, “I just paid 20 gwei gas costs”, “MKR vote failed,” such words. These are likely to leak their transaction addresses.
More importantly, avoid ENS (Ethereum Name Service) with the same name as your social account.
Essential skill: decouple transaction address from identity link
Familiar Bitcoin network of friends all know that Bitcoin wallet transaction using hardware, every transaction using the new address, or use a special address for different types of transactions, so if not completely get rid of the EU data analysis to track, but if you do it every time transaction using a different address, do not reuse the same address, past transaction history can break contact, protection of personal privacy to a certain extent.
The bit credits UTXO different account model, the model accounts for the balance of the Ethernet Square without reuse addresses privacy protection effect is minimal. Want to eliminate Ethernet Square on past transaction history, you have to create a new account.
Solution: Tornado Cash
Tornado Cash is a use of zero-knowledge proof privacy protection technology of mixed coins applications on Ethernet Square. The currency mixer can mix user funds with other users’ funds to achieve the effect of ” destroying transaction history “.
Users can transfer a certain amount of ETH to the smart contract fund pool (currently 0.1, 1, 10, 100 ETH), obtain a transaction certificate, and then withdraw funds from the fund pool to a new address.
The longer you deposit funds in the fund pool, the greater the amount of funds in the fund pool, and the stronger the privacy you can obtain when withdrawing funds.
However, there are a few things to note when using Tornado Cash:
Deposit withdrawals transaction voucher may choose to retain for proof of the transaction. If you accidentally leak in the future, you will also leak your transaction records.
If you use the same IP address or API interface for deposits and withdrawals to the fund pool, you may expose your position.
If deposits and withdrawals using the same DApp, not cleaned during the browser cookie, DApp service provider may contact through the cookie teller identity. It is best for users to use different IP, different browsers, different computers and other enhanced measures.
If stored in multiple transactions from one address, withdrawals same number of transactions transferred to the same address, is likely to be identified. For example, an address transfers ten transactions to the Tornado Cash fund pool, each with ten ETH, and then there are ten transactions with each ten ETH transferred to the same address, then there is a high probability that the deposit address can be the same as the withdrawal address. contact.
Further, batch extraction at various time points. Avoid disclosing relevant address, transaction amount, time and other information.
Special risk warning: IP address leakage
Use Uniswap, Balancer, Synthetix, Compound these decentralized applications, not only intelligent retrieval of your wallet contract can address all use the records are public.
And, your wallet can address linked to your physical location.
All behavior operators, public network service providers, and online service providers on the user network will be tracked.
The most commonly used applications of Ethereum are wallet MetaMask and browser Etherscan . Like any Internet service, MetaMask and Etherscan can read your IP address and associate your physical location with your wallet address.
solution:
Use virtual private network (VPN)
Use the virtual private network to hide the physical location of the wallet address. If you use a virtual private network and use Tor browser at the same time, you can enhance privacy through nodes.
Privacy Browser Brave
Brave is a privacy protection browser with built-in Tor privacy protection function. Native token BAT.
The browser is recommended to use the incognito window mode to clear the historical browsing records before and after each use.
Recommended other useful tools
