zkSNACKs, the company behind the Wasabi wallet, will bar certain bitcoin (BTC) transactions from its service that facilitates privacy-enhancing transactions known as CoinJoins, according to a tweet under the Wasabi Wallet Twitter handle.
A Wasabi developer said the move was necessary to prevent hackers and scammers from using the service and to keep the company out of unspecified “trouble” (presumably the legal kind). The move underscores the challenges faced by centralized companies that provide services built to facilitate interaction with a decentralized ecosystem. It also serves as a reminder that fungibility – the quality that makes any unit of a currency interchangeable with another – is hard to maintain with bitcoin’s auditability.
Wasabi is known for its mechanism that helps to coordinate CoinJoins between different users. CoinJoins are a method of mixing coins to protect users’ privacy on a public ledger. Users send their coins (input transactions) into a sort of pool where they are mixed with other users’ coins. Then they receive an equal value of bitcoins (output transactions) at the other end. The connection between the input and output transactions is thus obfuscated and hard for blockchain detectives to trace.
It is important to note that CoinJoining is not unique to Wasabi. It is a type of send transaction that is used by the Bitcoin protocol itself. CoinJoins are, by nature, decentralized and peer-to-peer. But it can be tricky to use ConJoin and even harder to find pools of other people who are willing to participate. The coordinator service that operates Wasabi Wallet, called zkSNACKS, provides an easy way for Bitcoin CoinJoin users to find each other and “coordinate” their transactions.
What it means
Wasabi’s zkSNACKS coordinator does just that: Its code coordinates transactions. It doesn’t actually hold user keys, nor can it actually see what is happening with the transactions once they are in the coordinator pool or trace the origins of the outputs on the other end.
What it can do, however, is see where inputs are coming from. Because zkSNACKS is a centralized service, it can prevent input transactions sent by certain addresses from entering the pool and CoinJoining with other inputs.
Does this mean CoinJoining is ‘broken’?
Wasabi Wallet will continue to operate using the zkSNACKS coordinator, albeit with a certain level of restrictions now in effect. Although it now excludes blacklisted addresses, zkSNACKs will remain operational for all other users who want to maintain their bitcoin privacy.
The wallet’s new screening measures have prompted other CoinJoin-enabling platforms to assess their own practices.
Samourai Wallet, for example, also uses a coordinator, Whirlpool, to facilitate CoinJoining among its users. It noted in a Twitter thread that coordinators simply “pass data packets from one connected client to another”:
Furthermore, because CoinJoin is an open-source protocol, restrictions imposed by one centralized coordinator do not spell the end for CoinJoins and the bitcoin privacy they protect. As privacy advocate Matt Odell pointed out in a Twitter thread, “Anyone can run a competing coordinator that does not do this blacklisting and users can switch to it.”
CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.