Privacy is standard in Bitcoin—it has been since it was released and had an entire section dedicated to it in the whitepaper. It advises that new key pairs should be used for each new transaction which means that coins should be sent to new addresses. Wallets needed to implement some form of this and users need to be diligent in how they transact.
Most did not understand this, thus the move by Bitcoin Core, Bitcoin ABC and other privacy coin developers towards implementing anonymity features. These radical changes to the code can have high risk, will potentially have legal consequences and are unnecessary—all because they did not understand that Bitcoin was capable of privacy from the very beginning.
This is a classic example of head-in-the-code developers trying to overengineer an issue and make a name from themselves vs. implementing something simple, yet powerful.
As HandCash quotes Craig on in their Medium post:
It (privacy) is something that is simple to achieve in code, but has not been deployed, as the concepts haunting Bitcoin remain biased towards a misuse.
Legacy method of sending transactions
Most wallets today send transactions via the ‘Status quo’ means of taking a single input, or as many as necessary then sending to a single output address (receiver) and back to a single change address (sender).
In this manner it would be fairly is easy to tell who sent to who with some basic investigation and previous knowledge of a value transfer. Only 2 UTXOs (unspent transactions) are created from 1 in this case. We do not achieve much privacy in this case at all and it is very easy to trace.
Output Bills method
With this new method HandCash introduced, random denominations of ‘bills’ like pennies, nickels, dimes, dollars, etc., are created from the inputs and sent to the recipient(s).
In the transaction example provided by HandCash in their Medium post, you cannot tell which outputs are going to the sender vs. the receiver at all:
The majority of outputs are denominated in some standard value, where only two outputs (highlighted above) indicate the differential values.
This means of transacting is actually more private than cash, as cash transactions today occur in the manner of the legacy way detailed above. They are only binary in the sense that you can only have one sender and one receiver.
With this method, those involved in the transaction can give the illusion that there are many different recipients when in fact there could only be one—or many! This transaction has the benefit of being permanently recorded on the blockchain, so we still get the auditability and accountability features that we do not have with cash, providing even more incentives to use this method.
Another added benefit is that the more this method is used, the more private the wallet becomes since the end result is that most of the UTXOs in one’s wallet will end up as being denominations.
We could have a scenario where instead of just 4 inputs going to 19 outputs, we can have 19 inputs going to 19 outputs.
UTXO management implications
With the ‘Output Bills’ method, logic could now be implemented across wallets to account for the denominated coins when gathering UTXOs to send to another party. As HandCash alludes to, different use cases can be enabled by having sets of coins to choose from initially (ex. 1 BSV, 0.5 BSV, 0.25 BSV) as opposed to something like a human randomly grabbing and calculating coins from their pocket to get the amounts you need to hand over to the 7-Eleven clerk.
For example, if I am buying a new game system for 1.762 BSV, the logic in wallets would query my UTXOs to find input(s) that are sufficient for that amount and send over via the ‘Legacy’ method, i.e. finding one UTXO with 2 BSV and sending 1.762 BSV to the recipient, and the remaining 0.238 back to myself as change, creating two new UTXOs from one.
With output bills a wallet implementation could first attempt to find the denominated coins that sum up to the value. If we have one potential combination:
1 BSV, 0.5 BSV, 0.25 BSV, 0.01 BSV = 1.76 BSV (customer has no UTXO of 0.002 BSV)
Perhaps the merchant could have some agreement with their miner/wallet provider to grant zero fee transactions in exchange for not dirtying up their UTXO set, as a result they could pass on some discount to the customer (in this case 0.002 BSV) for complying.
This scenario provides enhanced privacy for both sides where no change is needed, so only denominated coins are being exchanged thus no new UTXOs are created (4 inputs send to 4 outputs). As a result, transaction details between parties are even more obfuscated since we have no non-denominated values exchanging hands.
The approach also solves this issue brought up by Brenton in the comments section of the Medium article where in the example transaction above (of 4 inputs, 19 outputs) the two non-denominated change outputs of 0.00005606 BSV and 0.00008061 BSV indicate the number of recipients:
Increasing competition between wallets
Of course, we must discuss the impacts of the implementation of this feature on competition. Users who value privacy will use HandCash more over other wallets. As a response we must see other popular wallets implement this same feature in order to stay relevant just as in the “Red Queen’s race.”
Given that Bitcoin is an incentive-driven network, other wallets now have an incentive to implement this vs. trying to do their own way since all participants in the network can benefit from such a feature. The more output bills are implemented, the more private the network as a whole becomes.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.