Understanding UTXOs, the Change That Controls Your Bitcoin Privacy

Bitcoin is a highway, and the coins traversing its network are the traffic. In this model, the coins nestling in your wallet can be thought of as your car. Learning to drive that car, in order to send coins from A to B, is simple. It doesn’t require any knowledge of Bitcoin’s internal combustion engine, or demand memorization of its streets and highways. Your bitcoin wallet software can be thought of as the Google Maps that does the navigation for you, selecting the right coins in your wallet and routing them to their destination.

Unspent transaction outputs (UTXOs) are way more interesting than they sound: you just have to get to know them. In this guide you’ll learn how UTXOs hold the key to your bitcoins and how mastering them can level up your privacy. 

But let’s imagine you’re not just a Sunday driver, cruising around the Bitcoin highway: you’re a bank robber that’s just emptied Chase bank of $50,000. Now you’re on the run and there are cops posted at intersections all around the city. Google Maps and an ability to follow road markings no longer cut it. Your freedom depends on the ability to navigate alleyways and unmarked tracks. If you’re to escape the scene of the crime, you’ll need to deploy subterfuge, cunning, and the knowledge accrued through weeks spent reconnoitring the neighborhood. You’ll need to know when to duck down a backstreet and when to blend with the traffic, hiding in plain view.

On the Bitcoin network, you’re probably not a criminal, but it still pays to operate like a getaway driver. Doing so will allow you to transact without alerting chain analysis, nosey surveillance exchanges, tax authorities and all the other busybodies with an unhealthy interest in what you do with your money. Here’s how to leave them in the dark. 

How UTXOs Work

You know how, when you hand over a $20 bill to pay for a gallon of milk, the cashier gives you $17.55 in change? Well, the same thing happens every time you spend bitcoin. You send 0.1 BTC to an acquaintance and see the funds leave your wallet as a single transaction. Behind the scenes, though, your bitcoin wallet isn’t sending a single chunk of bitcoin: it’s actually sending several smaller amounts, formed out of the shrapnel you have lying around in your wallet.

Most bitcoin wallets abstract this process away, so you never get a chance to see each UTXO without consulting a block explorer, which is a shame, because once you understand how UTXOs work, you understand how your on-chain privacy can be fortified or eroded depending on your UTXO selection.

Usually, your wallet won’t hold the exact amount required to send 0.1 BTC, so it will assemble a total that exceeds this amount, built out of the available parts of a bitcoin stored in your wallet, and then return the excess to you in change. As a result, most bitcoin transactions contain one input (i.e funds that emanate from a single entity) and two outputs – one for the amount you’re sending to your acquaintance, and the other for the change which is returned to your wallet. (There’s also a miner fee deducted, but that can be disregarded for the purposes of this example.)

Got Milk?

Now let’s return to the store and your gallon of milk. The cashier handed you $17.55 in change but it wasn’t a single bill. Rather, they gave you $15 in notes and the remainder in coins. You would think that the cash was untraceable, with no connection to its previous owner, right? Wrong. It just so happens that the $10 bill was stolen in a $50,000 hold-up from Chase bank that morning (how do you like that callback?) and a dye pack exploded, contaminating it with small traces of indelible ink.

Now there’s a $10 bill in your pocket that connects you to a federal crime. You know you didn’t commit the crime, but proving it is impossible. On your way back from the store, you step into the amusement arcade and feed the incriminating bill into a change machine that gives you 10 coins. Now your dirty note is gone and there’s nothing tying you to a crime that had nothing to do with you in the first place.

And that is what good UTXO management is about: breaking the links between you and the previous owners of those coins and/or the location where you obtained them. Removing these deterministic links doesn’t just shield you from suspicion; it also protects you from revealing the value of your assets to others. For instance, when you send an acquaintance that 0.1 BTC, they need only look at a blockchain explorer to see the balance of the wallet you sent it from, and the address that the change is returned to. Now they’ve discovered your net worth, and you’ve just become a target.

Know Your UTXOs

Inadvertently disclosing your bitcoin net worth is like opening your wallet to buy a round of drinks, only to reveal a fat stack of 100s. Understanding UTXOs is the key to making smarter transactions that will allow you to benefit from bitcoin without suffering from its shortcomings.

As noted earlier, most bitcoin wallets make unsophisticated selections when it comes to choosing which UTXOs to send. They optimize for the size of the transaction rather than its privacy level. As a result, they mix clean and tainted UTXOs together, broadcasting far more information about your spending patterns and past behavior than is necessary. Tainted doesn’t just mean associated with illicit activity; it could refer to a UTXO from a KYC’d exchange that your wallet has now combined with a freshly mined UTXO, associating the latter with your identity in the process. Thankfully, not all bitcoin wallets are made that way.

Samourai and Wasabi are two privacy-oriented wallets that, through a combination of coin mixing and smart UTXO selection, enable you to discreetly go about your bitcoin business. In part two, we’ll go through how they work, and how you can use these tools to reclaim the on-chain privacy that’s rightfully yours.

Leave a Reply

Your email address will not be published. Required fields are marked *