,
17 tweets,
5 min read
Read on Twitter
PSA
There exists an entity operating as a de-anonymizing “hot wallet” present within transactions by Wasabi since June 1, 2019. This entity has been clustered very easily due to flagrant address reuse, and downright bizarre behavior. This impacts ALL users since June.
👇👇
There exists an entity operating as a de-anonymizing “hot wallet” present within transactions by Wasabi since June 1, 2019. This entity has been clustered very easily due to flagrant address reuse, and downright bizarre behavior. This impacts ALL users since June.
👇👇
This entity participates in Wasabi transactions and enjoys an address reuse rate of over 60%. Of course, there should be 0% address reuse within any mixing platform, so something is not right. Let's look into it.
OXT Entity Cluster: oxt.me/entity/tiid/23…
OXT Entity Cluster: oxt.me/entity/tiid/23…
The two primary addresses of interest are Address A (bc1qutrq7rfhv56gdqn4m0nm8agygepxahd7cz3j8u) and Address B (bc1q2673rjvne7z9ncqnd7a2pxk6grkwzumgesgauj). Both addresses are active and have balances today and appear to participate in almost all Wasabi transactions since June 1,
These two addresses are the biggest address reuse violators, and by merging unconnected UTXOs with these addresses have created a cluster of 254 addresses connected to this entity
Address A often appears on both the input side and output of a Wasabi mix. This means it is sending from and to the same address.
A second output, is sent to Address B. This same pattern is repeated over and over again. Two recent examples of this are linked next tweet...
A second output, is sent to Address B. This same pattern is repeated over and over again. Two recent examples of this are linked next tweet...
oxt.me/transaction/fe…
oxt.me/transaction/21…
These are recent examples, but you can find the same behavior going back much further. Almost every transaction since June 1 is impacted by this.
oxt.me/transaction/21…
These are recent examples, but you can find the same behavior going back much further. Almost every transaction since June 1 is impacted by this.
Eventually Address A and Address B (and others of the same cluster) merge inputs from many Wasabi transactions into one consolidated transaction off the platform. However, both addresses make sure to maintain an active balance, they are never emptied.
oxt.me/bookmark/5d358…
oxt.me/bookmark/5d358…
Orange circles = cluster consolidation/payout
orange lines = the path as they are mixed
blue circles = the actual "mixing" transaction.
This visualization only shows a fraction of the scope of this problem. Review the bookmark on OXT to explore deeper yourself.
orange lines = the path as they are mixed
blue circles = the actual "mixing" transaction.
This visualization only shows a fraction of the scope of this problem. Review the bookmark on OXT to explore deeper yourself.
We have circumstantial evidence to who this entity may be. However, we are not in the business of peddling false info, so will avoid preemptively naming this entity.
To be clear, we are NOT suggesting this activity is known or condoned by the operators of Wasabi Wallet.
To be clear, we are NOT suggesting this activity is known or condoned by the operators of Wasabi Wallet.
More concerning is the fact that this serious and glaring issue has gone unnoticed by Wasabi developers since June 1, In this time they have claimed the responsibility for proper coin hygiene rested solely with users...
However, users who have done everything right are impacted by the bad behavior of this entity. Again, It is highly doubtful that Wasabi is aware of this entity residing within their platform. But the question must be asked, if they missed this what else are they unaware of?
Mixing is holistic, and due other weaknesses in Wasabi, the fall out from this flagrant address reuse is needlessly amplified. Wasabi maintainers should act quickly to ban any UTXOs associated with this address until further information can be gained and the entity can respond.
Furthermore users should consider demanding refunds for the coordinator fees paid to participate in flawed mixing since June 1. The coordinator is expected to maintain a healthy environment for users. Users aren't getting what they paid for.
The obsession with the 100 input target, largely meaningless due to the high prev transaction % and users mixing with themselves, masks larger issues and makes the peeling chain unmanageable for its operator.
Based on timelines and circumstantial evidence, we have a good idea who is operating the entity within the Wasabi platform. We don't believe it is Wasabi. We will continue to investigate and name names, if the entity doesn't publicly acknowledge and apologize.
Users should avoid registering their UTXOs for mixing until this is addressed by Wasabi Wallet. This report was initially intended to be sent privately to the developers, but due to yet another social media attack by those developers upon our team, it was decided to go public.
Responsible disclosure does not apply in this case, The effects of this are on the public blockchain since June 1 and cannot be erased. We are simply the first to see it and say something about it. Good luck and stay safe out there.
