Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Wallet software
Re: Is the whirlpool by Samourai (Sparrow wallet and Whirlpool-cli) really blinded?
by
Kruw
on 21/04/2024, 16:48:49 UTC
Quote from: SagittariusV on Today at 08:15:22 AM
I think you’ve already read yourself that during the coinjoin process, tor identity is not changed, and establishing a new connection does not give anything for privacy.
 
The same thing happens with Wasabi. Wasabi uses a management interface, but does not change tor identity during the coinjoin process (at least in practice this is absolutely accurate. Anyone can verify this using the way I tested it)

Those. Both of these services are not blinded and can track the chain of your mixes.

I forwarded your analysis to the Wasabi developers that are focused on Tor, here's what they responded:

Quote from: Dev
What you first need to understand is that creating a new Tor identity is relatively computationally expensive, and therefore the client limits as much as possible usage of new circuits, and reuses circuits when it’s possible. You can look of the usages of WalletWasabi.Tor.Socks5.Pool.Circuits.Mode to see how Wasabi’s client manages your Tor Identities throughout the lifetime of the application, particularly during the coinjoin process.

DefaultCircuit is a circuit created at launch and maintained until closure of the software. It is use for requests that don’t require particular isolation. This is the case for looking at updates, or getting exchange rate information. The target can now that a client with this given identity is still online, but cannot link its activity to other more privacy critical information.

SingleCircuitPerLifetime is used when isolation from the rest of the application is required, but not isolation between the requests. The most interesting case where this mode is used is through the life of an Alice, an input: Several requests will be made for one input, and using one circuit for all the operations are enough, because all are linked altogether. So the client wants to register an input, a new instance will be created in SingleCircuitPerLifetime , which will create a new Tor identity, and this Tor identity will then be exclusively for the operations of this input, such as Registration and Confirmation. Another input will have a new SingleCircuitPerLifetime for its operations, and so on, which guarantee exclusive isolation. You can see the code related here: CreateRegisterAndConfirmCoinsAsync. See particularly the line var (newPersonCircuit, httpClient) = HttpClientFactory.NewHttpClientWithPersonCircuit();

NewCircuitPerRequest is then used for the operations that requires absolute isolation. One request = 1 circuit. See how it’s used to register the Outputs in ProceedWithOutputRegistrationPhaseAsync. That way, the outputs are absolutely isolated one from another and from the inputs, as a circuit will be created every time a request will be made.

I hope that this referenced explanation alleviated your doubts of Wasabi’s management of Tor Identities. You can read a higher level explanation here: Explaining Wasabi Wallet’s Tor Implementation