The Open Bitcoin Privacy Project (OBPP) met their initial goal with the May 19 release of their first wallet ratings. Justus Ranvier says he and the others involved in the project wanted to “meaningfully contribute to Bitcoin privacy,” and their report is already motivating at least two wallets — Darkwallet and Airbitz — to improve.
When contacted by Cointelegraph (CT), Peter Todd — an adviser to Darkwallet, which received the project’s top rating — said:
“Unfortunately the future of Darkwallet itself is a bit unclear to me; I personally have had very little contact in the past few months with the developers behind it. That said, the current state of Darkwallet is reasonably close to a beta release — I use it myself with real bitcoins. Being open-source software, it's quite possible that at worst new developers can take over.”
Darkwallet developers have been quiet on GitHub the last few months, leaving Todd and others to wonder whether the wallet itself had “gone dark.” Two days following the release of the report, however, Darkwallet tweeted:
Paul Puey, CEO of Airbitz — which ranked 6th out of the 10 rated Bitcoin wallets — thinks the OBPP report is “a great thing” and “it’s an honor” that Airbitz “was even included.” He said in an interview with CT:
“It’s hard to measure [privacy] parameters because there are many different aspects of privacy, and how you put that on a scale that’s objective is a challenging thing. But I think they’ve done a great job of getting a good start. Hopefully, this drives the importance of privacy, which is a big thing. I think a lot of people don’t see its importance, but having this [report], it starts to beg that question more.”
“The fact that Darkwallet came in first,” he continued, “is kind of obvious. It’s important that it does, given the actual goal of [their] entire project.” While he recognizes why Darkwallet came in at the top, he said he thinks Airbitz is “on the cusp of being the most private wallet — while not having people do any additional work, and [without them] even knowing” they’re using privacy features. Another way he put it:
“[With Airbitz,] Grandma thinks she’s just using a PayPal for Bitcoin. Yet at the same time, we’re [on our way to] being at the Darkwallet level.”
Airbitz earned the top score in a classification that OBPP contributors called “feedback,” meaning the wallet warns users if they are about to do something that could jeopardize their privacy. Even better, said Puey, “We just don’t let them do it.”
Overall, Airbitz landed in the midrange between #10 Coinbase, which earned the lowest spot in the rankings, and #1 Darkwallet. Puey said this is exactly where he and his team have designed their wallet to sit. They don’t want it to rate below five other Bitcoin wallets, but they do want it to feel somewhere in between Coinbase, which feels like “a mobile bank account,” and “the decentralization and the privacy model [of] a true Bitcoin wallet.”
The Airbitz wallet utilizes libbitcoin, an alternative implementation of the Bitcoin source code that was developed by Amir Taaki, who is the man behind Darkwallet and DarkMarket, now rebranded as OpenBazaar. The Airbitz team is a contributor to libbitcion. “Its manifesto is performance and privacy,” says Puey, and their use of it for their wallet is one of the reasons he thinks Airbitz could score higher than number six in the future. “We’re probably one of only two platforms that are utilizing it today, the other being OpenBazaar.”
Comparisons and Questions
Because of Airbitz uses libbitcoin and Mycelium uses their own servers, Puey said he was somewhat perplexed that Mycelium rated four points above Airbitz in the category of “privacy from network observers.” He said:
“[Mycelium sees] the traffic that all of their users make because they are the only node that [users’ phones] can talk to. If you consider that aspect, decentralization adds privacy, because I can’t own a libbitcoin node and expect to see all the transactions. [...] From the viewpoint of that one company and single point of failure and single channel of reducing privacy, they’ve not necessarily provided the same infrastructure that we have in that regard. Yet they achieved a score four points higher. Four out of a hundred. Four percent. That’s a significant amount.”
He called Mycelium a “feature factory” and said he understood why the wallet appeals to technologists. “But on a familiarity level, does it feel like mobile banking to the masses? I think a lot of these wallets at the top [of the ratings] don’t have that in their ethos and don’t try to achieve that.”
That’s the goal of the wallets closer to the bottom, like Coinbase. Airbitz equaled Coinbase in one area in the ratings, where they both received zero points. Puey said this was another area of the report where he would like to gain more clarity. The other eight wallets all received full points in the subcategory called “wallet avoids leaking information about recipients via an external identity lookup.” “There’s no external identity lookup in Airbitz,” he said. “That’s 5.56 points. ... With that alone, we’d be in the upper echelon of wallet privacy by receiving that full score.”
Even though they came in at number six, Puey still considers Airbitz to be among the “true Bitcoin wallets.” He noted that those at the top earned scores in the 40s and 50s. Darkwallet and Armory both came in at 54 points to take spots one and two, while Airbitz earned 45 points. Then there was a “huge drop” to the four wallets at the bottom that scored 22, 19, 14 and 11.
The top wallets represent the “core Bitcoin wallets,” favored by technologists and those such as Taaki who support Bitcoin for ideological reasons. The bottom ones are designed to appeal more to the masses, creating a stark contrast between anarchist-rooted Darkwallet at the top, and statist-leaning Coinbase at the bottom.
With the next release of Airbitz coming “probably within the month,” they will be adding rotating change addresses, which should increase their score. They also have other privacy features “in the pipeline” involving change outputs.
AirBitz is not ready to add mixing functionality, however, even though Puey says it’s an “ecosystem advancement that we need.” His take: “Right now, the technology isn’t friendly enough for the average person to use. ... [Airbitz] will incorporate it when we can effectively hide it and it just happens in the background.” He said:
“We want to hide the fact that people are using a very private wallet. We want to be like the dark horse that everyone is using, and by everybody using it, everyone else gets the privacy. ... That was our end goal, and we’re fitting in nicely with our placement in these rankings.”
Neither Coinbase nor Blockchain.info responded to requests for comment on the wallet ratings.