[tor-talk] Tor as ecommerce platform

Gregory Maxwell gmaxwell at gmail.com
Sun Aug 12 01:59:38 UTC 2012


On Sat, Aug 11, 2012 at 1:54 PM, Mike Perry <mikeperry at torproject.org> wrote:
> But from the paper, it sounds like the BTC flow to Silk Road itself is
> quite large and might be measurable or at least can be approximated from
> the website itself...
[snip]

Unless I understood the paper, their measurements appear to be based
on watching listings go up and down,
which only provides a upper bound on the public activity.

> The problem is that even with mixes and batching, bitcoin provides a
> Global Passive Adversary for free, which can be used to map and measure
> total BTC flow through the network to various sinks (eigenvectors +
> eigenflow). Based on the established dogma that still rules the Tor
> threat model, "BTC cannot win!!!1" for this reason.

When Bitcoin is correctly used the sources and sinks are one-time-use
pseudonymous locations and the standard operational practices for
private— much less, "I'm a target for wealthy adversaries"— usage is
to run bitcoin over tor.  the most obvious vulnerable points are on
the goods and inexplicable income ends— like in cash.

With poor use the activity could be very vulnerable to correlation via
compressed sensing techniques.  I and the other developers have found
it to be surprisingly hard to convince Bitcoin users how non-private
their activity can be, even with pointing them to public tracking
sites. Regardless, I still expect the high profile trouble making
users to eventually succumb to fairly boring police work rather than
fancy technical analysis, as usual.

> At least, not when
> you're a substantial and atypical chunk of the BTC flow versus norm.

This is what I really responded to correct.

In the last 4 hours the Bitcoin network processed 291,326 BTC in
transactions— about 3.3million USD at the current trading prices. In
_four hours_.  And this doesn't include the significant amount of
off-network BTC changing hands inside exchanges and bank like
services, though it may well be double counting coin that effectively
moved multiple times. (Which cant be measured, because it's not always
the same coins moving even if its the same 'value' moving, or the
opposite).

As long as at least the parties are trusted to not doublespend against
their counter parties (bad dealing which can be trivially proven to
ensure that a cheater's reputation is destroyed) it's perfectly
possible to perform unbounded amounts of party to party transactions
totally invisibility to the network too, or to form join transactions
which concurrently settle multiple parties in a single act, and other
weirdness which makes even estimating the true activity level
difficulty.   Bitcoin transactions are just a few hundred bytes, and
there often is no need to make them public in a hurry.  I can think of
little else of value which could be made more immune to timing
analysis, if people cared to do so.

I already think these estimates of underground black-market volumes
are exaggerated, but it's impossible to know for sure. But the data
simply does not suggest that this is a substantial chunk of the
activity.

Like Tor, Bitcoin suffers from a fair amount of people eager to play
up the most controversial uses: Some do so to attack it, some because
it resonates with their juvenile desire to 'stick it to the man', but
most importantly: its a lot more exciting to present it by emphasizing
those things, regardless of how (in-)significant they are or how much
many of the users and developers wish they'd go away.

Whatever the reasons, skepticism is healthy all around.

> Like I said, it will be very interesting to watch. It's almost like some
> aliens came down from space and double-dog-dared the ballsiest,
> craziest, most aggro humans on the planet to try to solve timing
> correlation attacks and then called them all pussies, threw the bitcoin
> source code at their feet, and then flew off. You know, because they
> needed that shit to interact with our violent monkey society at a safe
> enough distance and everybody else on this planet had given up. The bad
> Sci Fi just writes itself. ;)

If you had any doubts before:  Welcome to the future.


More information about the tor-talk mailing list