Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wallet recovery: sync federation history to preserve privacy #5584

Closed
bradleystachurski opened this issue Jul 8, 2024 · 1 comment · Fixed by #5697
Closed

Wallet recovery: sync federation history to preserve privacy #5584

bradleystachurski opened this issue Jul 8, 2024 · 1 comment · Fixed by #5697
Assignees
@dpc
Labels
wallet

Comments

@bradleystachurski
Copy link
Member

Our current implementation of recovering the wallet client degrades privacy by batching requests to both the bitcoind backend (to check an address's history) and to the federation (to attempt claiming any potentially missed peg-ins). Since the queries are done for all tweaks controlled by the client until there's a gap of unused addresses, it's trivial for the federation to correlate the addresses to a single client even if the requests are made over separate Tor circuits.

Instead of iterating through all tweak indexes on the client until we find a tweaked address without history, the client can download the history of session outcomes of the federation, similar to fedimint-observer. The client can then reference the local copy of the full history of peg-ins to the federation without revealing to the federation the addresses the client tweaked. This also obviates the need to query a bitcoind backend to check if an address has history for already claimed peg-ins.

More context in this PR thread
@bradleystachurski bradleystachurski mentioned this issue Jul 8, 2024
Merged
@dpc dpc self-assigned this Jul 8, 2024
@dpc
Copy link
Contributor

dpc commented Jul 8, 2024

My bad for not thinking about it before. But it a relatively straighforward addition to the current logic.

We still need the eixsting logic from #5546 because Federation history can't have items that the client possibly did not not claim yet. So it will go:

  1. Scan Federation history first (what this issue is about) and determine all past pegins and last known peg-in index.
  2. Do the current logic from max(last_used_idx_from_history, last_used_idx_from_backup)`

In addition, during history scanning, we could observe some few most recent peg-in addresses that do not belong to the user performing the recovery and opportunistically query for them just a form of decoy.

All in all, it's not going to be a lot of work, but I think we'll have to ship 0.4 with what we have now. In particular since we want to keep the wallet module in an "expert only recommended" state, and because the new scheme is just more robust and should have any possibility of accidentally losing funds, which is an important improvement in itself.

dpc added a commit to dpc/fedimint that referenced this issue Jul 19, 2024
@dpc
chore: wallet client recovery privacy improvements
abbf366 
See comments in the code.

Fix fedimint#5584
@dpc dpc mentioned this issue Jul 19, 2024
Merged
dpc added a commit to dpc/fedimint that referenced this issue Jul 19, 2024
@dpc
chore: wallet client recovery privacy improvements
6e7b6ad 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Jul 19, 2024
@dpc
chore: wallet client recovery privacy improvements
e1211fa 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Jul 19, 2024
@dpc
chore: wallet client recovery privacy improvements
58c3d8d 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Jul 19, 2024
@dpc
chore: wallet client recovery privacy improvements
87ba9eb 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Aug 8, 2024
@dpc
chore: wallet client recovery privacy improvements
2c4e8da 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Aug 22, 2024
@dpc
chore: wallet client recovery privacy improvements
1960a76 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Aug 23, 2024
@dpc
chore: wallet client recovery privacy improvements
e9c048e 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Sep 17, 2024
@dpc
chore: wallet client recovery privacy improvements
dcefe1e 
See comments in the code.

Fix fedimint#5584
dpc added a commit to dpc/fedimint that referenced this issue Sep 17, 2024
@dpc
chore: wallet client recovery privacy improvements
c852f37 
See comments in the code.

Fix fedimint#5584
maan2003 pushed a commit to fedibtc/fedimint that referenced this issue Sep 17, 2024
@dpc @maan2003
chore: wallet client recovery privacy improvements
fb8fd26 
See comments in the code.

Fix fedimint#5584
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dpc dpc

Labels
wallet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

chore: wallet client recovery privacy improvements dpc/fedimint
2 participants
@dpc @bradleystachurski