Disclaimer: Vitalik Buterin and Mihai Alisie have some involvement in the Dark Wallet project
The Bitcoin Dark Wallet has been all the rage in the Bitcoin news these past few days. While the media was abuzz with claims that Bitcoin is finally abandoning its cryptoanarchist past and going mainstream, and cashless society advocate David Wolman writing an article in Wired calling for increased centralization, this collaboration between Cody Wilson’s Defense Distributed, unSYSTEM and Coinpunk seems to have fired a shot out of left field in the exact opposite direction. In the project’s Youtube video and project page, its organizers have denounced the Bitcoin Foundation as “a group of corporations and lobbyists … trying to both agree with and maintain an independence from regulatory power”, accused Bitcoin developers like Mike Hearn of “active collusion with law enforcement” and created and advertised a project to make a wallet with the explicit intent of “locking out the State [and] flipping the channel to one beyond observation”. The project page lists dozens of articles and manifestos on topics ranging from open source software to direct democracy and anarchism and links to examples of what the Dark Wallet’s creators see as explicit attempts by the “core” Bitcoin community to marginalize the radical extremes.
Amidst all of the ideological grandstanding and inevitable backlash, however, there has been surprisingly little talk of what the Dark Wallet actually is, and what Amir Taaki, Cody Wilson and its other creators intend to achieve on a practical level. At the core, Dark Wallet is going to be a Bitcoin wallet that exists entirely as a Chrome and Firefox browser extension, allowing Bitcoin users to make payments online much more conveniently than was possible before. Imagine double-clicking on a Bitcoin address, double-clicking on a price, and being able to send the payment right there. No tab opening or separate applications required. Currently, there is only one browser-extension Bitcoin wallet that continues to be seriously maintained, blockchain.info, and its interface is essentially equivalent to a web page; Dark Wallet, on the other hand, will be the first wallet to take the concept of an in-browser wallet and truly bring it to the next level.
Second, and arguably more important, is the “dark” part of Dark Wallet. In what way exactly is Dark Wallet dark? The answer is simple: built-in trustless mixing. Mixing services in general are an essential complement to the anonymity properties that Bitcoin has today to preserve privacy. The problem that they solve is this: although Bitcoin allows anyone to easily create an account and start making transactions without providing any personal information whatsoever, what it does not do is hide the actual transactions. Every transaction that takes place through the Bitcoin network is public, and is remembered in the Bitcoin blockchain in perpetuity. Using this information, in theory it may be quite possible to de-anonymize some Bitcoin users after some time. In practice, mathematical analyses done by university research departments over the past two years have managed to successfully identify the Bitcoin exchange MtGox, the now-defunct online black market Silk Road and other large businesses, so the worry is that it is only a matter of time until smaller and smaller Bitcoin users start to be de-anonymized as well.
The way a traditional, centralized mixing service works is that it provides the user with an address to send bitcoins to, waits for the user to do so, and then sends an equal number of bitcoins (or perhaps minus a small fee), but from a different source, to the user’s desired destination address. The mixing service then deletes all of the data about the transaction once all the funds have been sent out. Because the user gets back different bitcoins from what they put in, the theory goes, mixing services break a blockchain sleuth’s ability to trace money through the system. The most popular mixer today is operated by blockchain.info, and charges a 0.5 fee for the service.
However, there are obvious problems with centralized mixing. The two most serious problems both revolve around the issue of trust. When you send money to blockchain.info, blockchain.info can theoretically simply keep the funds for themselves; you would have no way of proving that you sent money into the mixer, as the whole point of the mixer is to anonymize as much as pssible and leave no traces. More importantly, however, you can never be sure that blockchain.info actually deletes the data about transactions through the system once they send out the funds. Blockchain.info may well be quietly collecting the data, and selling it to the Chinese government – or simply giving it to the US government, under the force of a secret government subpoena or a national security letter. And finally, but somewhat more mundanely, centralized mixers often charge high fees; blockchain.info’s 0.5 is actually on the low side.
How can these problems be fixed? In essence, the answer is decentralized mixing. It is possible to create a mixing service with no central party, where users download specialized Bitcoin clients which come together on a chat channel over the encrypted Tor network and create a mutually anonymizing transaction with each other. If the process is done right, none of the users would be able to tell which output of the resulting mix belongs to whom. The simplest way to accomplish such a thing in practice is using the CoinJoin protocol, developed by Gregory Maxwell; two months ago, Amir Taaki and Pablo Martin created the first truly practical implementation of the protocol. In Dark Wallet, however, Taaki and Martin intend to take trustless mixing to the next level: the mixer would be integrated directly into the wallet, so its users can simply use the wallet and benefit from the privacy that trustless mixing offers automatically.
The third major feature of Dark Wallet will be a built-in identity system. The identity system will serve two purposes. First, it will serve as an alternative to traditional password-based and social network-based authentication schemes. Instead of relying on one of those schemes, authentication through Dark Wallet would be done with a relatively simple cryptographic protocol. When a user registers with a site compatible with the Dark Wallet authentication scheme, the wallet would send to the site the user’s public key. When a user wants to log in, the site would send the user’s wallet a message, the user’s Dark Wallet would sign the message with the user’s private key and send back the signature, and the site would verify the signature against the public key (for more on how public key cryptography works, see the Wikipedia article on the subject, or my own recent piece which, among other things, looks into the public key cryptography used in Bitcoin). Hopefully, some Bitcoin sites will be persuaded to adopt the scheme.
Further in the future, however, the identity system may serve as the basis for a cryptographically secure social network – which could then be used to implement the holy grail of “dark” privacy and security: a fully decentralized, private and uncensorable crypto-market, with a powerful reputation system for consumer protection built in. Will such a crypto-market be “just for drugs”? Just like Bitcoin, probably not; regular users can still benefit from such a market’s near-zero fees, friendliness to automation and the assurance that there is no central third party that they need to trust to keep the market online and not defraud them.
Ultimately, however, the Dark Wallet project is about more than just the wallet. As Amir Taaki describes it, the ultimate aim is to build a community, which will stick together and continue to develop tools for the Bitcoin community even after the original project is done. “[I want to] create an environment where creativity and merit thrive,” Taaki explains. “So, create the space where we can operate, put all the talented people there, and the magic will happen by itself. Planning is premature because maybe everyone else has different ideas on how things will go.” Alongside Dark Wallet, some of the other projects that will take place include a concerted effort to bridge together the Python Bitcoin software tools (currently consisting of Electrum, Robert Williamson’s Block Alchemy, Pablo Martin’s pure python ZeroMQ implementation and Obelisk client and my own pybitcointools, among many others), development on libbitcoin and SX and the continued effort to convert the project’s de-facto homebase, Calafou, into a fully-fledged unSYSTEM project incubator. “This is the story we need to get out,” Taaki writes, “one of cooperation and mutual solidarity between competitors finding middle ground to make effective use of resources. This is the power and beauty of openness.”
Is the project’s extremist ideological marketing and image unnecessarily repelling people who would otherwise be interested in cooperating? Perhaps so. On the other hand, Dark Wallet has already been covered by Forbes and the project has received over $20,000 in donations in under two days. Furthermore, one of the project’s partners, Coinpunk, is the recipient of a grant from the very same Bitcoin Foundation that Taaki and Wilson are so keen to criticize. Perhaps, beneath the disagreements and the rhetoric, there is a set of common ideals shared by many members of unSYSTEM and the Bitcoin Foundation alike, and there is actually much more room for cooperation between the business-focused entrepreneurial community and the cryptoanarchists, the seemingly two great factions of the Bitcoin divide, than we think.
Vitalik Buterin is a co-founder of Bitcoin Magazine who has been involved in the Bitcoin community since 2011, and has contributed to Bitcoin both as a writer and the developer of a fork of bitcoinjs-lib, pybitcointools and multisig.info, as well as one of the developers behind Egora. Now, Vitalik's primary job is as the main developer of Ethereum, a project which intends to create a next-generation smart contract and decentralized application platform that allows people to create any kind of decentralized application on top of a blockchain that can be imagined.