What privacy?

Dear incognito,

I spent a lot of time getting to know your platform and putting everything into practice, but I must say I’m disappointed as I can see no noteworthy increase in privacy. I deposited Bitcoin into your incognito wallet, shielded it, sent it to a second incognito wallet (since without that interim step for whatever reason shielding is useless anyway), back again to the first wallet and finally unshielded my Bitcoin by withdrawing it to an external BTC address. At each step I observed the changes in the BTC blockchain and I am very sad to tell that each transaction could be traced in the blockchain. Not even once the link from one BTC address to another BTC address has been broken, although you tell people that you can make their cryptos private, while in reality it looks like you are just giving them a false sense of security, which is even worse than public Bitcoin of which you at least know that it’s public. Please tell: how exactly do you increase users’ privacy if each and every shielded and unshielded transaction can be tracked on the blockchain anyway!?

4 Likes

5 Likes

If I’m reading your post correctly, you shielded BTC, moved it around on the Incognito network and then unshielded it, expecting the BTC now be private?

That’s not how Incognito works. Look at this graphic below:

bitcoin_cash

(I know the above graphic references Bitcoin Cash, but the principles are the same and I don’t have time to go looking for – or editing to make – the Bitcoin specific graphic.)

You essentially just stayed in the top half of the graphic with a brief dip into Incognito. Shield and unshield are public transactions, by definition. They occur on the public blockchain – in your case BTC, but any supported blockchain such as ETH, BNB, XMR or even NEO, for example. Once shielded, your pBTC (or other pToken/pAsset) can be transacted privately on the Incognito network. Once you unshield, your crypto is again on the public blockchain network and is no longer private.

The privacy features of Incognito only reside on the Incognito network.

Separately, the network could be used to break tracing, but that requires some additional planning on your part: unshielding in different amounts/tranches than shielded, allowing for (varying) idle time between shield and unshield, and not reusing public wallet addresses for any shield or unshield transaction.

26 Likes

@Mike_Wagner Thank you for jumping on the conversation and giving a very detailed response!

8 Likes

Excellent post and graphic MW…my compliments… :100: :sunglasses:

1 Like

Mike is always great at explaining things. Credit should be given where it belongs though, the graphic is Incognito material. A great team member did put this one, and variations of it together.

4 Likes

To be certain – it’s not my graphic. I just lifted it from here. Someone on the Incognito team made that graphic.

Here’s the extent of my super-duper graphic skillz describing how Incognito works:

incog

14 Likes

It’s a real masterpiece @Mike_Wagner . I will share it for sure and do not worry, I will not forget to mention that you are the creator and copyright holder of this astonish design :joy:

4 Likes

LOLOLOLO… :rofl:

Hey, @Jaques I would like also to add that the Privacy V2 module will bring Confidential Assets and One-time addresses to the on-chain transaction. It will bring on-chain privacy to the highest possible level at this moment.

Regarding cross-chain transaction @Mike_Wagner’s answer is quite full. If you want to experience the highest level of privacy I recommend you to keep assets Incognito.

6 Likes

Thanks for the reply and explanation. I definitely don’t want to over-criticize incognito since every work for more privacy with crypto currencies is needed, valuable and not easy, and they seem to be working on improvements like ring signatures (like used by Monero) etc., too, so hopefully one day not too far in the future they will live up to their privacy promise. But it shouldn’t be the case that users (“Aficionados”) do a better job at explaining their work than they themselves, because lack of transparency and conciseness while constantly implying “high privacy” creates a false sense of security to the everyday user, and incognito surely targets the everyday user unless they want to stay a nerd thing forever (and nerd users will go with zkSNARKs anyway because they know it’s the strongest crypto privacy technology currently out there). Terms like “shielding”, “highly private transactions” or “PRV” (=“privacy”) definitely and deliberately imply real privacy like known from e.g. Monero or Zcash, or at least like from CoinJoin, while in reality it’s not (yet?) the case. Synthesizing all information I could find, (and it’s widely dispersed over different channels like YouTube and this forum), the only kind of “privacy” with incognito currently offers is that a user’s funds enter a pooling (yet public) blockchain address upon “shielding”, so that the user’s funds are a little mixed with others. But it doesn’t matter how often he makes “shielded” transfers within the “private” incognito network – to eventually make use of his cryptos (i.e. spend them) he will have to unshield them again and his cryptos will be released at exactly the same public address, where he initially sent them to in order to shield them. So please do tell what the privacy gain here is, except that the user’s cryptos spent some time together with other users’ cryptos on the pooling address, but that’s not even as private as Bitcoin mixing because mixing breaks the transaction links on the blockchain more reliably and thoroughly? I may be wrong or incognito may improve their privacy features in the future, but then please explain step-by-step what exactly happens (now and in the future) in terms of revealing or not revealing information about sender, receiver and amount at each stage (shielding, ‘private’ transaction from one incognito wallet to another incognito wallet, unshielding) on the respective blockchain, because the above graphic may be the best about the functioning of incognito I’ve seen so far, but it still leaves much room for interpretation.

2 Likes

You got the wrong idea about how things work.

Shield your BTC, and yes it will end up in contract. That transaction is visible in the BTC explorer as it is just a regular BTC transaction.

The system will mint an equal amount of pBTC and send it to your Incognito Address. This transaction is already anonymous. The transaction will show up in the Incognito explorer without revealing details.

You can now move your pBTC around within the Incognito environment. You can send pBTC to me, and no one who tracks the BTC explorer will find a trace of that. Or you can use the Provide feature, stake your pBTC and get rewards. No traces of that in the BTC explorer either. You can trade your pBTC for pETH or any other cryptocurrency that rocks your boat.

All these transactions are anonymous. They leave no trace, do not link back to your initial BTC deposit.

You can unshield pETH to receive ETH in any wallet that is able to hold ETH. That part will show up in the ETH explorer, of course.

There are points in the process that can be improved to increase privacy, but at this moment, when you stay within the Incognito environment, your transactions are anonymous.

If you were to shield 3.23456 BTC and unshield the exact same amount later on, yep then people who are focused on tracking your steps will not have a hard time linking those transactions.

On a completely other note, this forum is set up to increase user to user interaction. As you can see, it works.

8 Likes

Hi Jamie,

thank you for the super-fast reply. This site may be and work like a forum, yes. But independently of the pros and cons of the incognito technology, what incognito lacks is a one-stop landing page where all information is presented in a way that someone with basic blockchain knowledge can – after investing let’s say half an hour – know which level of privacy he can at best expect of incognito wallet (and if it’s not 100% privacy then also what’s currently missing and possibly how that will improve over time) and which exact steps he needs to take in order to put it into practice. Or better yet, make the tech so simple (e.g. make “shielding” work like the word implies) that it’s foolproof to use even to the uninformed user. You know, like Apple did. You guys can do it, too, I’m sure.

But as it’s currently not the case, please allow me to rephrase my question. And I want to avoid pDEX, because an exchange on pDex currently seems to cost between 0,6% and 2,2%:

  1. With any one crypto currency (let’s say BTC) and your incognito wallet technology, can a user somewhere in between break the transaction links from his Bitcoins’ KYCed source (let’s say a fiat-to-crypto-exchange) to his Bitcoins’ final destination (e.g. another crypto-to-fiat exchange)?
  2. If yes: how exactly? With one incognito wallet app? With two incognito wallet apps (I couldn’t test it with two because the second incognito wallet gave me a strange error when trying to withdraw from it to an external crypto address)?

Thank you.

3 Likes

The answer is yes, but I’d also like to emphasize, that is not what the system nor the project is aiming at. The main focus of the project is to provide a privacy layer to all your transactions, within the Incognito environment. The big plus is, you keep your initial coin, every pToken is pegged 1:1 to the original Token.

Once you transfer your BTC to an Incognito Address, everything after that is processed anonymously. That is because the transactions are done with the private version of the currency you transferred.

If you don’t want to trade your pTokens for another pToken, you can break the link to the BTC address you deposited from by transferring smaller amounts to a second BTC address you have access to, in different time intervals.

But again, the system is not a tool to mystify your money routes. That just happened to be a way it can be used due to the anonymity supplied in the Incognito environment.

People who do want to use the system like that, do use pDEX. The amount stated is the MINIMUM amount of tokens you will receive in a trade. Unless you do not check the numbers carefully, pDEX is not a bad trading place. The thing people don’t understand about AMM is the calculated price heavily depends on the impact of your trade on the liquidity of the trading pool of that pair.

5 Likes

Let’s assume you are buying 2 BTC and using the Electrum wallet. Addresses are shortened for brevity’s sake.

  1. Buy KYCed BTC
  2. Receive 2 BTC
    (From Exchange address 3aaa1 to Electrum address 3nnn1)
  3. Shield KYCed BTC
    (Incognito shared deposit address 1nnn1)
  4. Receive 1:1 pBTC
  5. Wait a period of time
  6. Unshield 0.5 pBTC (1.5pBTC, 0.5 BTC) to Electrum
    (From Incognito address 1nnn6 to Electrum address 3nnn2)
  7. Wait a period of time
  8. Unshield 1.2 pBTC (0.3pBTC, 1.7 BTC) to KYC off-ramp
    (From Incognito address 1nnn6 to Exchange address 3bbb1)
  9. Wait of a period of time
  10. Unshield 0.3 pBTC (2 BTC) to Electrum
    (From Incognito address 1nnn6 to Electrum address 3nnn3)
  11. Send 0.8 BTC to KYC off-ramp
    (From Electrum 3nnn2 and 3nnn3 to Exchange address 3bbb1)

The link from your origin KYC source (3aaa1) to your destination KYC source (3bbb1) is broken. When the BTC is shielded on Incognito, the BTC that is released when you unshield is not the same BTC. Someone tracing your transaction history from the first KYC source will not be able to trace your crypto movements after the shield.

You withdraw your pBTC in three separate tranches to break any “guessing” links. For example, if you shielded exactly 1.22225 BTC on Monday and unshielded the same amount of BTC 1 day later, it would be a reasonable guess that those two transactions are linked since the amount is the same and somewhat unusual (ie not a whole number or human friendly fraction such 0.5, 0.25 or 0.333). The longer you wait between shielding and unshielding, it becomes harder to guess-link the transactions.

7 Likes

hey, I guess the answers or explanations prior to the comment were sufficient for you to get the general Incognito’s ideas (e.g., how interoperability and privacy protocols work, what Incognito’s privacy is, …) so I just wanted to add a few more points here:

  • In the current privacy protocol, only sender and amount are not being revealed and an upgrade version will be released next March that would help bring Incognito to the next level of privacy (at that point sender, amount, receiver, and asset type will also be unrevealed) - like @andrey mentioned earlier.

  • As you could see in somebody’s comments above, an interim step of transferring privately to a second incognito wallet is needed in order to obtain privacy. The friction will be gone away completely once the new protocol launches with a one-time address supported.

  • It’s worth to note that, Incognito’s approach is pretty different from Monero’s or Zcash’s, we don’t intend to create another privacy blockchain (or private coin) but a privacy hub for the other mainstream blockchain (so public coins)

Hope that this can help you have a clearer picture of Incognito. For more details about tech the core team has been building, please look at the Tech section on the forum (if haven’t). Thanks.

8 Likes

Thank you for the explanation, Jamie. The crucial point seems to be that as of now, you have to use two incognito wallets to break the link (I couldn’t test that, though). Once shielding breaks the link (sender, receiver, amount) within just one incognito wallet app (you usually only have one smartphone and hence only one incognito wallet app), and possibly also once the IP address is obfuscated by Tor being built into your app like in electrum or Samourai wallet, then you can rightfully claim that you finished Satoshi Nakamoto’s vision by adding privacy back again, and not just to one crypto currency, but to as many as you’ve got covered. Your success might then bring greedy governments on the scene with what they call fight against terror LOL. I hope your team is as anonymous and decentralized as your pDex or your local government or an international organization might crack down on you. Do have a contingency plan!

1 Like

Hi Mike,

many thanks for the very detailed and comprehensible explanation. You should play an important part in designing incognito’s future communication strategy.

The only doubt I have regarding this explanation is with:

3. Shield KYCed BTC
(Incognito shared deposit address 1nnn1)

6. Unshield 0.5 pBTC (1.5pBTC, 0.5 BTC) to Electrum
(From Incognito address 1nnn6
[…])

According to my test (effectively shielding and unshielding within the same incognito wallet app), both addresses would have been 1nnn1 and therefore the same. I think that’s also in line with what duc wrote. If so the problem should be gone by March. Right, Duc?

2 Likes

You can create as many accounts within the app as you like. And again, the project is providing an environment within which you can perform transactions anonymously. The project is not created for what you try to do with it. With a few steps it is possible though. The fact that deposit and withdrawal happen in the same smart contract should not be a problem unless you deposit/withdraw the same amount to and from the same external wallet.

Furthermore, I assume people who have money no one is supposed to know about do at least have two phones.

1 Like

Hi duc,

I think you hit the nail on the head. Glad the new protocol will remove this friction. It’s of course totally legitimate that incognito is a work in progress. But it’s not ideal (to put it mildly) that this information has to be extracted and condensed from many different sources and discussions. If you created one single landing page basically with what Mike and you wrote with a graph linked to screenshots from your app so that the user really understands what happens on the blockchain (now and after improvements on your side) if he presses button XYZ that would raise trust and customer adoption a lot. The more the users like and adopt incognito’s work, however, the less their deep states will, I’m afraid. I hope you are organizationally prepared for privacy attacks disguised as regulation efforts so that nobody will be able to stop this great project before it’s even done…

2 Likes