BitShares Forum
Main => Technical Support => Topic started by: Chronos on October 15, 2015, 10:24:51 pm
-
In case you didn't know, privacy is currently OFF by default in Graphene. If someone knows your account name, they can see all your balances and activity, unless you are using Confidential Transactions (not yet available in the GUI).
Simply hit Explorer, then Accounts, and you get this page: https://bitshares.openledger.info/#/explorer/accounts. Then you can search anyone's account by name. For example, here's Fav's account, one of our favorite forum regulars: https://bitshares.openledger.info/#/account/fav
If you value your privacy, act accordingly, perhaps by using an account name that isn't easily associated with your identity.
Have fun!
-
Thanks for bringing this up.
Does this apply to the old account type that used stealth addresses in BTS 0.9x ?
Are stealth address account types still supported?
-
Stealth transfers are still possible via the CLI wallet, but not via the GUI.
-
Stealth transfers are still possible via the CLI wallet, but not via the GUI.
Is there documentation concerning how to perform stealth transactions from the cli?
Any plans to implement GUI support for them?
Am I correct to assume that only transfers between accounts are shielded by this mechanism, and other things like placing market orders can be traced back ?
-
In case you didn't know, privacy is currently OFF by default in Graphene. If someone knows your account name, they can see all your balances and activity, unless you are using Confidential Transactions (not yet available in the GUI).
Simply hit Explorer, then Accounts, and you get this page: https://bitshares.openledger.info/#/explorer/accounts. Then you can search anyone's account by name. For example, here's Fav's account, one of our favorite forum regulars: https://bitshares.openledger.info/#/account/fav
If you value your privacy, act accordingly, perhaps by using an account name that isn't easily associated with your identity.
Have fun!
Is it correct that no one can see anyone's balance unless funds are transferred without the stealth mode? And then (no stealth mode used with transfer) only the amount tansfered is visible and to who it was sent?
And is is at all possible to keep your privacy when you import your keys / funds from Bitshares 0.9.3...? If it is possible what do I have to do in order to keep my privacy?
-
Don't import to an account linked to you
-
So first create an account with a random account name and then import my keys from my BTS 1 wallet? If I do this does it matter to the purpose of keeping my privacy whether my BTS1 account name from which I exported the keys that I now import is linked to my identity?
-
Also important privacy questions about new Graphene client:
1) Is any part of the connection encrypted?
2) Does my ISP know I am using the light client?
3) Is the account identity exposed to recover balances? send transactions?
4) What is sent in plain text over the connection?
Thanks.
-
How are stealth transfers in BTS2 done? Is there a thread explaining it?
-
How are stealth transfers in BTS2 done? Is there a thread explaining it?
https://github.com/cryptonomex/graphene/wiki/StealthTransfers
-
Also important privacy questions about new Graphene client:
1) Is any part of the connection encrypted?
2) Does my ISP know I am using the light client?
3) Is the account identity exposed to recover balances? send transactions?
4) What is sent in plain text over the connection?
Thanks.
1) wss indicates web socket over SSL, so: yes
2) no
3) of course! of account information including transsactions and balances are
publicly readble from the blockchain. To prevent that you can use stealth
transfers (see @cass's link above)
4) even if the connection was unencrypted .. all that is send is either public
knowledge from the blockchain, or simply a already signed transaction.
Nothing else
-
Thanks for your answers.
1) wss indicates web socket over SSL, so: yes
Great.
2) no
But aren't the first part of secure URLS i.e. wss://bitshares.openleddger.info sent to the ISP in plaintext to establish the connection?
3) of course! of account information including transsactions and balances are
publicly readble from the blockchain. To prevent that you can use stealth
transfers (see @cass's link above)
But could anyone log my IP address against the account balances I request and the transactions I send?
4) even if the connection was unencrypted .. all that is send is either public
knowledge from the blockchain, or simply a already signed transaction.
Nothing else
But for privacy one doesn't want their IP address connected to those public entries.....right?
-
2) .. the ISP only sees a SSL connection .. don't think they can figure out it's a websocket conenction .. and if they could .. they couldn't figure out its to a BitShares node
3-4) the relation of blockchain transactions and IP addresses can be shadowed by SSL or other techniques .. I wouldn't think anyone capable of intercepting your IP data can figure out what you are doing
-
Neat. :)
Thanks again.
-
So first create an account with a random account name and then import my keys from my BTS 1 wallet? If I do this does it matter to the purpose of keeping my privacy whether my BTS1 account name from which I exported the keys that I now import is linked to my identity?
Account names in BTS1 are not linked to the balances/funds you are going to claim.
-
So first create an account with a random account name and then import my keys from my BTS 1 wallet? If I do this does it matter to the purpose of keeping my privacy whether my BTS1 account name from which I exported the keys that I now import is linked to my identity?
Account names in BTS1 are not linked to the balances/funds you are going to claim.
That is exactly what I needed to to know :)
-
How does Bitshares 2.0 privacy compare to other contenders in the "anonymous" crypto space (when the feature is on of course, haha)? Dash, Monero, Etc..
-
It is best of what's out there
-
To answer bitmarlys question about isps seeing the url: In short yes they can.
The dns system is not encrypted so the first thing that is done when trying to establish the tcp connection to the server is to contact a dns server and ask for the information about the host you are trying to connect to. In most cases this dns server that you hit first is controlled by your isp and they can see what host you are looking for. The dns server (won't get into dns authorities as this will get really long) returns the ip address that your machine will actually connect to. So a url of say google.com/?q=dns (transport doesn't matter aka: http, https, ws, wss, ftp, tftp...) is actually 173.194.123.46/?q=dns. Essentially the name of the host in this url is google.com and it is just a friendly mask for the ip address 173.194.123.46.
You can try this yourself by opening a command prompt and typing ping google.com (or any other domain you want).