Back to top

Transactions in Stamp: Part 1 - Privacy

Transactions in Stamp: Part 1 - Privacy

Stamp is a project that will change the way people communicates by attaching spendable value directly to messages - or messages to Bitcoin Cash transactions depending on your perspective. It uses a suite of protocols called CashWeb.

When Stamp sends a Bitcoin Cash transaction, to another CashWeb wallet, it also attaches metadata that is relayed directly to the recipient. This allows your wallet to instruct your friend’s wallet on how to spend that transaction.

Currently, the recipient of a transaction must first send you an address via email, or telegram, or some other messaging service. This puts all the terms of the contract in the recipients hands. It also means that the sender cannot generate a contract and give it to you like cash. Any metadata associated with the transaction must also be sent off-chain manually – this could be, for example, an invoice, a receipt, or contract details.

There are two things that separate cash and digital (non-crypto) payments right now: the ability to push, rather than pull money; and doing that without a fee paid to a specific organization.

Someone cannot give you money without your consent, and the payment system’s consent (and without your attention). Smart contracts cannot make unsolicited payments to Bitcoin Cash users right now because this control is in the hands of recipients.

By having an encrypted off-chain metadata also attached to every transaction, there is a mechanism to provide seamless integrations for standard contract types; and without any possible third party interference. (e.g. maybe you want to make a friendly binary contract with a friend over the price of BCH in a year from now.)

The first contract that has been written is one that sends a recipient a bundle of multiple transactions. This bundle includes instructions on how to generate spend keys for all of the outputs. It prevents any Stamp transaction from being associated with a public address, or a third party knowing how much money is being sent.

This also means that you can send a total amount to your intended recipient across multiple transactions. Because of this, a wallet never needs to re-combine any outputs - a recipient’s wallet can understand that multiple Bitcoin transactions are being used as part of one transaction.

Because re-combining outputs leaks information to chainalysis programs and reveals associations which previously could not be inferred. Stamp, by obviating the need to recombine outputs, makes chainalysis lose a significant source of data. This means chainalysis becomes significantly less reliable for identifying co-party to all transactions.

This greatly improves Bitcoin Cash privacy and Stamp sends all transactions in this way.

Additionally, when sending multiple transactions as a group, most of these transactions will not require a change output. Imagine you want to send a friend 100000000 sats. But you have UTXOS of 43214230 sats, 34124312 sats, and 43224312 sats. Your wallet will send three transactions, one sending 43214015 sats, 43224097 sats, and a final one sending 13561888 sats to the recipient and 20562424 in change.

In the above example, 2 out of 3 transactions had no change. That is to say, the majority transactions will have one input, and one output.

Currently, Chainalysis is able to be almost entirely sure that any transaction that has one input, and one output, is still owned by the person who generated the transaction. They can do this because it is unlikely that an individual UTXO (Coin) that is exactly the right size for the amount they wish to send someone else - not so under the regime of Stamp-compatible wallets.

Under a future where people are using Stamp-compatible wallets, the majority of transactions will be 1x1 transactions. Which means that the majority of transactions transferring “ownership” of a UTXO will be 215 byte 1x1 transactions. Re-keying a UTXO becomes very likely a change of ownership. Previously, to generate uncertainty about UTXO ownership, you needed to generate at least a 1x2 transaction, and even then there was a 50% chance that an individual UTXO was owned by the sender. 1x1-transactions were almost always held by the same party.

This is extremely important, because almost all court cases hinge upon proving that a defendant made a specific financial transaction. Ultimately, Chainalysis data must be valid in a court of law. Their data cannot be accepted when the probabilities of association are too low.

If, in the future, there is no deductive basis for determining transaction ownership, Chainalysis data becomes worthless.

With Stamp-compatible wallets the majority, on the Bitcoin Cash network, it becomes possible to add uncertainty to the blockchain simply by moving coins around without requiring 3rd party liquidity. Moving UTXOs a few times generates anonymity similar to things like CoinJoin and CashShuffle, but without liquidity constraints.

This is only one of the benefits of allowing Bitcoin Cash transactions to have attached off-chain metadata. There are many others which I will discuss in coming articles.

Read the original post on read.cash here.