Mental exercise and UTXO privacy question

It's the year 2047. The IRS has a brand new Quantum Computer and it's starting to mess around with it. The Bitcoin community saw this coming and implemented a quantum resistant cryptography address type a while ago. You moved all your funds to this new type of address, they are SAFU. You know your stuff, so instead of batch sending all your UTXOs to a new address type, you waited for the record low 30sat/vbyte fees (we haven't seen 1sat/vbyte since the year 2036 or so…) to make your transactions UTXO by UTXO, each to a different address so you don't link them all to the same owner. You also did it in different times around the clock to break any timezone analysis and used different fees to break any type of possible link between old and new addresses, other than "the owner of the old UTXO is highly likely the owner of the new UTXO" because you transferred 100% of the funds.

Good. You are smart. However, you start to wonder. Your past self wasn't as privacy oriented, and you likely made some mistakes along the way – you've been holding these coins since the year 2023 after all. You were careful enough to mix the coins through the Samousabi implementation, after Samourai and Wasabi became friends in the year 2022 and joined forces to develop the ultimate mixer. You kept your mixed coins in separate UTXOs, but you remember that all these UTXOs belong to the same wallet, meaning you have one seed, one passphrase, and they are allocated to derivation paths M/84’/0’/0’/0/0, M/84’/0’/0’/0/1, M/84’/0’/0’/0/2… or whatever, the main point being they can be derived with the same master private key. You also remember that you purchased a bitrefuel card to pay for Spmusicfy Premium once, and that the email account is linked to your meatspace self in various KYC services (water, electricity, you name it). Important: the UTXO you used to pay for this has nothing to do with the mixed ones, they were never together and never will be, but they belong to the same wallet. If the mixed coins are in M/84’/0’/0’/0/0-1000, the UTXO used to pay for this was the 1001. Completely different address and history.

Now, the big question. The IRS can't prove you own coins now, because we're quantum resistant. They can't seize the funds either. However, they can know everything inside bitrefuel (because NSA and tinfoil hat) so they can link your meatspace self to that one payment, meaning they can link you to a public address. With their QC, they can bruteforce-get the master private key for that address, from which it is trivial to derive all the public addresses that share that private key. Therefore, they can prove you owned X bitcoin at certain given time (all the mixed coins in separate UTXOs), and checking their records they can see you never reported owning them (it became mandatory in the year 2040). Even more, they can link you to the UTXOs in the quantum safe format (because of one by one 100% UTXO transfer) and know you currently own X bitcoin, and that all of these "mixed", "independent" and "unrelated" quantum safe bitcoin are indee related and are yours.



1) Is it safer (privacy-wise) to keep your UTXOs not only separate within the same wallet, but belonging to different wallets so in a QC future they won't be linked? The moment you KYC one of the UTXOs, would you be KYCing them all?

2) Would having the UTXOs under one seed and different passphrases mitigate this issue? I guess all UTXOs under that same master private key would be revealed, but I am not positive a QC could derive the seed and the passphrase from the master private key, to then bruteforce the seed with different passphrases looking for more used TXOs that have been

3) Would "hiding" UTXOs in non-trivial derivation paths mitigate this? Say, instead of M/84’/0’/0’/0/212, using M/84’/0’/0’/0/212568. How much of a difference would that make in a QC space?

Thanks! =)

submitted by /u/Jack1602
[link] [comments]

Leave a Reply

Your email address will not be published. Required fields are marked *