Introducing “Output Bills”, a coin-splitting technique for increasing the privacy of HandCash’ transactions
Applying skeuomorphism to UTXO handling
“skeuomorphism is a term (…) used to describe interface objects that mimic their real-world counterparts in how they appear and/or how the user can interact with them. A well-known example is the recycle bin icon used for discarding files.” According to interaction-design.org,
Our team of engineers got inspired by bills and coins denominations when thinking about smart ways of handling UTXOs in Bitcoin. By using a limited number of amount denominations, cash became easy to divide and group.
This technique is based on Dr. Craig Wright’s article Bitcoin’s privacy model, on which he describes a coin-splitting method that drastically increases privacy by generating new addresses for each output for the same transaction.
In his own words, from the 2018 article: “Right now, no wallet does this, and a user would need to have the entire process completed manually. It is something that is simple to achieve in code, but has not been deployed, as the concepts haunting Bitcoin remain biased towards a misuse.”
Don’t worry, Dr. Wright — some people are waking up!
Most Bitcoin transactions nowadays work like this: you get one or multiple UTXOs (non-spent coins) as an input for the transaction, and then you generate one output for the receiver with the amount you want to send, and the rest comes back to your change address. With this approach is easy to guess which output belongs to each participant.
With “Output Bills” now users have a large set of UTXOs of different but regular amounts — just like bills and coins. This is what is called denominations.
For example, USD denominations are: 1¢, 2¢, 5¢, 10¢, 25¢, 50¢, $1, $2, $5, $10, $20, $50 and $100, in coins and bills.
These UTXOs are used as inputs for a new transaction and they in turn generate multiple outputs using the same denominations. Each of these outputs is headed to a different address from the same receiver. And, some of the outputs actually come back to the sender, in a random fashion. All of this happens in the same transaction. You can’t tell who sent what to whom.
“Simulating use” by splitting the coins makes the wallet much more private and secure. “If the coins remain separate, and we keep colour groups separate, we can now see how an analysis of the sources become increasingly difficult.”
This also serves as protection for users with big amounts of BSV in their wallets, as they typically receive one big UTXO from exchanges every time they top up their wallets. So with the legacy way of handling transactions, their big UTXO’s (like 30 BSV) gets revealed to the receiver that the sender has -at least- that amount of BSV in their wallet. If exchanges implemented this technique, all withdrawals would increase the privacy of their users.
Another big benefit of using this technique is it opens the door to a smarter, more flexible way of handling UTXOs to support more advanced use cases and products currently under development.
HandCash on Privacy and Security
We want our users to transact privately in a safe environment that offers the highest levels of security, while remaining simple for the our end users.
That’s why we offer best-in-class privacy when transacting from $handle to $handle — all $handle transactions are currently truly peer-to-peer, never re-using the same keys, we implemented the first 2FA non-custodial wallets, and now with “Output Bills” we are adding an extra layer of privacy for all your payments.
You don’t get any of these features with “raw Bitcoin”, so your mom transacting with HandCash has more privacy and security by default than you when using most other Bitcoin wallet services.
Usually, every time we simplify things for our users, we can make the process much more private and secure as a side effect.
Take a look at this transaction for example to check out how it looks like. 4 inputs and 19 outputs to 19 different addresses, in the same transaction. You can’t tell what’s going where from the outside. And, over time, with usage, the inputs will also use regular denominations more frequently.
We are only adding “Output Bills” to $handle to $handle transactions now, but in the future we will also do it for all Paymail transactions too. We don’t offer this privacy enhancement to raw legacy payments as not all services support multi-output transactions, and can cause issues with accounting.
Special thanks to Dr. Craig Wright, Ivan Mlinaric and Rafa Jimenez for making this possible.