After several months of discussion and work, we created a rating criteria for Bitcoin wallets to measure their effectiveness at protecting user privacy. Our criteria considers user protections on the blockchain, protections when receiving balance information and broadcasting signed transactions, and compatibility with complementary technologies such as Tor. Once we felt pretty good about our draft, we released it publicly to the Bitcoin community for comment. We’ve spent the last month or so incorporating that feedback. This will be a constantly evolving set of criteria as new techniques for damaging and preserving privacy emerge, but you can find our finalized criteria for Spring 2015 here on GitHub.
After finalizing our criteria, we applied these ratings to 10 of the most popular Bitcoin wallets. The results can be found in our Spring 2015 report, also hosted on GitHub here. How well are these wallets protecting user privacy? Not all that well, as it turns out. As you might expect, the privacy-centric Darkwallet came out on top, but with a mere score of 54 out of 100. The lowest ranking wallet was Coinbase’s, with an 11 out of 100. Please read our report for the complete results, as well as details on our methodology.
We hope that readers will find the report informative, and that this will drive further innovation and raise the bar of best practices for wallet privacy protections. Wallets will only get better when users demand better, and that conversation starts with a clear picture of performance. We look forward to receiving your feedback and incorporating it into our Summer 2015 report!
We’d like to thank everyone who contributed in various ways to make this report possible. The following individuals participated in the creation of the threat model and associated criteria for the Spring 2015 rating exercise:
- Chris Pacia (@ChrisPacia)
- Justus Ranvier (@JustusRanvier)
- Kristov Atlas (@kristovatlas)
- Samuel Patterson (@SamuelPatt)
The following individuals participated in the wallet rating process:
The following individuals provided feedback and suggestions about the initial drafts of our criteria:
- Sergio Demian Lerner
- Olivier Lalonde
- Eric Voskuil
- Whit J
- Alon Muroch
Special thanks to Jon Vaage of BTC Design for the graphic design and production work on this report.