[[TOC(noheading, depth=1)]]
'''Written:''' 22-03-2018 (Jaruga)
= Using Bitcoin over Tor =
It is a fairly common belief that using Bitcoin over the Tor network will allow a user to pay for various goods or services while maintaining full anonymity. Unfortunately, that is far from what one can realistically expect to achieve. 

While Bitcoin DOES provide a confiscation proof, government free form of common currency, its very nature is not designed to facilitate full anonymity, even when used in conjunction with tools that do. Ergo, BTC is widely recognized as '''psuedo-anonymous'''.

In early 2018, a mix of 5-year-old NSA documents discussing their blockchain tracking methods and a [https://arxiv.org/pdf/1801.07501.pdf research paper] by The Qatar University of Doha further confirmed the long-held beliefs that paper trails are almost impossible to avoid, even in the world of cryptocurrency.

Below, we will discuss and debunk many of the common claims and misconceptions about using BTC with Tor, as well as some potentially more secure alternatives.

== Dangers == 
As outlined in recent research, the Bitcoin blockchain can be traced and followed. This makes using the currency over the Tor network futile in the effort to increase anonymity. Example:

* John posts his BTC address on Twitter 
* He receives a donation to his BTC wallet (A)
* John goes to an onion service and makes a purchase
* He transfers the cost from (A) to the public address of the site (P), and in turn receives his items or services.

While the first 3 steps involve non-anonymous identities and transfers, John has an expectation of anonymity for the fourth step. Unfortunately this is a false expectation. Example of a deanonymising effort:

* Sally crawls and subsequently parses Twitter for BTC addresses
* Sally also crawls and subsequently parses onion services for BTC addresses
* She also parses the Bitcoin blockchain
* Sally discovers the address of (A), linking it to John's identity.
* She also discovers the onion service's public address (P)
* Sally finds the transaction record in the blockchain of A > P, and subsequently links Johns identity to the transaction

Because of this, even chaining wallets from one associated with a personal identity to one that is not before completing the transaction is also useless, as the chain of transactions is still present. Further, Bitcoin is retroactively and forever in the future exploitable to this tracing, making any transactions that have or will happen vulnerable.

== Misconceptions / FAQ ==
=== "But if I use BTC over Tor, then there is room for plausible deniability, right?" ===
'''No.''' See above.

=== "But does chaining wallets X amount of times help?" ===
You may delay the inevitable, but ultimately if the record is there, it can be eventually traced.

=== "What about tumbling?" ===
While the research that was recently conducted does not take tumbling into account, it is not out of the scope of possibility. With the vulnerability of the blockchain being retroactive and indefinitely into the future, tools and software could be developed by malicious actors to trace even formerly tumbled coins. We just simply cannot be sure of the potential down the road.

=== "So is there any way to effectively use BTC anonymously then?" ===
Not really, no. Short of some financial acrobatics and a serious amount of effort, your transactions will be forever susceptible to tracking.

[[br]]
== Potentially more secure Altcoins ==
'''PLEASE NOTE THAT THE TOR PROJECT DOES NOT VOUCH FOR THE SECURITY, ANONYMITY OR THE FUTURE SECURITY OF ANY CRYPTOCURRENCY.'''

The below examples are of anonymity-focused cryptocurrencies that are currently in development or circulation. Please feel free to contribute to this list if you have some to add.

=== Monero (XMR) ===
Monero is an open-source cryptocurrency created in April 2014 that focuses on privacy and decentralization that runs on Windows, macOS, Linux, Android, and FreeBSD. Monero aims to improve on existing cryptocurrency design by obscuring sender, recipient and amount of every transaction made.

Official site: [https://GetMonero.org]

=== ZCash (ZEC) ===
Zcash is a cryptocurrency aimed at using cryptography to provide enhanced privacy for its users compared to other cryptocurrencies such as Bitcoin. The Zerocoin protocol was improved and transformed into the Zerocash system, which was then developed into the Zcash cryptocurrency in 2016. 

Official site: [https://z.cash]

=== ColossusXT (COLX) ===
Colossus is a decentralised currency that aims to facilitate fully anonymous payments through obfuscation. Coins received can be instantaneously mixed within the wallet using a preconfigured number of rounds. An unlimited amount of sending / receiving addresses can be generated, allowing users to create one-use burner addresses for every transaction, or use them for specific tasks. It utilizes an energy efficient Proof of Stake 3.0 protocol and a second-tier Masternode network for community-based governance along with a blockchain based self-funding treasury system.

Official site: [https://colossusxt.io]

[[br]][[br]]
== References == 

[https://arxiv.org/pdf/1801.07501.pdf Deanonymizing Tor Hidden Service Users Through Bitcoin Transactions Analysis] - a paper by researchers at the Qatar University of Doha

[https://theintercept.com/document/2018/03/20/pages-from-oakstar-weekly-2013-03-08/ 2013 NSA memo regarding Bitcoin] - The Snowden Documents