“Digital Law”: how Russian crypto-media got banned. Part 2

When paranoia is appropriate – how to save crypto assets

First of all, let’s try to understand what exactly you and I should be afraid of.

Probably, two main problems can be distinguished: this is traditional crime and state crime. Let’s make a reservation right away: it is highly undesirable to inform others about the presence of crypto assets in you – even if you are surrounded only by your best friends. Do you want to remain anonymous? So become anonymous!

It is vital to remember a few important axioms.

• The world is full of organizations dedicated to the development of specialized software for the supervision and tracking of crypto transactions. These structures receive very solid grants and delicious orders from government agencies. In other words, they are simply following you.
• Use hardware wallets.
• Never re-enable a bitcoin address. Use this ID once to receive cryptocurrency and spend bitcoins. The rule is elementary: a new payment is a new bitcoin address.
• When making transactions, try to disclose as little information about yourself as possible. In particular, avoid AML/KYC checks. Exercise particular restraint in response to the requirement to provide a real mailing address (agree, it’s stupid because it’s confidential to keep your bitcoins, and then spend a small amount on buying a T-shirt in an online store with delivery to your home address).
• Do not use web wallets.
• Transactions to the network broadcast the browser through Tor. If your wallet doesn’t support it, you can sign the transaction and copy the signature and then paste the hexadecimal transaction data into the webcast form via the Tor mentioned above. However, for the average user, this may be difficult.
• Learn the Lightning Network, and if you master this protocol, use it as often as possible.
• Master Tails Operating System and similar solutions.

Let’s look at a real situation using a specific example. Let’s consider how a user – even with adequate security concepts and using a hardware wallet – can compromise his public keys (addresses) where his bitcoins are stored.

Typical case

You are the owner of a hardware wallet that securely protects your private key. To one of your own public addresses, you withdraw money from the exchange where you went through the KYC (customer identification) procedure. Sometimes you transfer funds to “exchangers” to convert them into fiat.

If your transaction “hooks” one part of the coins from the address associated with the exchange where everything is known about you, and another part from another address, then the second address will be compromised, because it is associated with the first one.

However, you should make a reservation – you automatically compromise yourself by contacting the exchange service. The fact is that you, as a rule, indicate your email address, your QIWI wallet number (in fact, your mobile phone number) or, even worse, transfer money directly to your personal bank card.

When making transactions (purchases or transfers), we usually do not think about which addresses the funds will be debited from. But special services for tracking transactions, using specialized software and the “breadcrumbs” left by you, will very quickly come to the conclusion that all these public addresses are linked by a common private key. And it does not matter in what chronological order, in what sequence you make transactions.

What to do?

Let’s look at one of the options for getting rid of the digital tail. Let’s say you are an active cryptocurrency user and you have accumulated a decent amount of digital assets. Now you will need several crypto wallets.

If you make transactions on one (it doesn’t matter, Ledger or Trezor) (deposit / withdraw bitcoin to exchanges and “exchangers”, make purchases, etc.), it’s time to think about a second wallet. And Ledger in this case will not work.

Read also: How to store cryptocurrency safely?

Until recently, I belonged to the number of fans of this particular French company, but, as you may have recently heard, its database was hacked, and the hackers got the Ledger information array. It stored all the data that you provided to the company when making a purchase (name, home address, phone number, etc.).

And the question is not even how exactly the Ledger was hacked, but why did the French collect and store data about customers – and not just ordinary ones, but owners of crypto wallets ?!

It’s immediately fatinus karma of the firm. You can forget about it forever. What’s more, the Ledger software stores your online transactions on your own computer. And today we have enough reason to think about whether the company shares information with “hackers”? Will the data we provide serve as evidence against us in the future?

Trezor promptly issued a statement stating that they do not store personal data of customers after the transfer of the ordered wallet to the buyer. They also do not have specialized software, and work with the wallet is carried out through a web form. In other words, there will be no trace of the transaction on your computer, and clearing your browser history will also remove traces of visiting their site.

Why do I need another wallet – Trezor? You will begin to gradually dump conditionally “extra” bitcoins on it, each time using a new public address. Enter amounts that are not too large and “non-circular” (that is, with a decent number of decimal places). You should not send 0.1 or 0.2 BTC – it is better to transfer, for example, 0.1428354 BTC. Or calculate at the rate of the “exchanger” how much money you need to send to receive a round amount of fiat.

But this, of course, is not a panacea. The fact is that the algorithm of the tracking service and such transactions will seem suspicious. He will proceed from the fact that the asset has been spent and changed its owner, or the owner is just a cunning, crushing personal assets.

And here comes the need for a third Trezor wallet. From the second wallet, through decentralized exchanges, you need to convert your bitcoins into altcoins (preferably highly liquid, and even better, anonymous), and then send them to the address of the third wallet. Google will help you find the most popular (with the largest number of users and, as a result, with the maximum liquidity) exchanges.

After that, change altcoins back to bitcoin through DEX services – do not forget to use a new address for each transaction every time. By the way, Trezor itself has long had a built-in function for the direct exchange of cryptocurrencies through the DEX of the exchange, but Ledger still does not have it. But if there is a desire to implement this option, it is technically easy – therefore, the French have no such desire.

DEX exchanges do not require registration of participants in transactions, and the operation is carried out under a smart contract, where the exchange acts as a guarantor, while maintaining the anonymity of the parties. If the necessary amount of asset “A” was received from the first participant to exchange for asset “B” (and the corresponding amount of asset “B” was received from the second party), then the exchange transfers the assets to new owners. As a rule, decentralized exchanges are open source, but do not have a specific location.

And one more important point – do not store new public addresses on your computer, and especially in the “cloud”. It is most reasonable to delete the address immediately after confirming the transaction, especially since you do not need to know it at all. Your task is to securely store the private key.

Is it possible to get by with two wallets instead of three? Perhaps, but while decentralized services are in an active stage of development, losses due to commissions paid for a completed transaction can be significant. Therefore, it makes sense to wait for their development and reduction in price.

And finally, what to do next with your already cleared asset? And here think for yourself 🙂