Bitcoin is not inherently private. This is because transactions and balances are made public on the blockchain, thus rendering them traceable. Moreover, if a user purchases bitcoin from an exchange requiring KYC (know your customer) documentation, the funds are directly linked to a personal identity.
Coinjoin is an optional tool that enhances privacy in bitcoin transactions: when bitcoin users conduct transactions with one another using coinjoin, they obscure the origins and destinations of the funds, greatly enhancing their privacy.
Watch the following video to learn more about how coinjoin on Trezor helps keep your transactions private:
How does it work?
Coinjoin is an optional feature that lets Trezor users obfuscate their existing blockchain history, and getting started requires a few simple steps:
- Add a dedicated coinjoin account in Trezor Suite
- Send some bitcoin to your coinjoin account
- Click ‘Start’ to begin the process
- Confirm the action on your Trezor device
- Leave your Trezor connected to complete the coinjoin
You can send as much bitcoin as you like to your coinjoin account, and these funds are kept separate from those held in your ‘standard’ bitcoin account(s). Any bitcoin you want to spend privately can be sent directly from your coinjoin account.
In the simplest terms, coinjoin combines multiple coins (UTXOs) from multiple users into a single transaction. The output of this transaction yields the same value of bitcoin, but the addresses have now been changed. This makes it extremely difficult for external parties to deduce the relationship between the coinjoin transaction's inputs and outputs, because the sources of the UTXOs are obfuscated.
Coinjoin involves multiple rounds, which are an essential component of privacy-enhancing techniques used in bitcoin transactions. In simple terms, each round consists of:
- Input registration: one or more coins (UTXOs) in your coinjoin account are automatically registered to the coinjoin transaction.
- Output registration: one or more outputs are created for the coinjoin transaction—these are fresh addresses for where the funds will be sent.
- Coinjoin transaction creation: a coinjoin transaction is created by combining all user inputs and outputs into a single transaction.
- Transaction signing: each user signs their part of the coinjoin transaction with their private key.
- Transaction broadcast: the coinjoin transaction is broadcast to the Bitcoin network and recorded on the blockchain.
Failures during the transaction signing step are not uncommon (these can be caused be e.g. bad internet connection, or a user accidentally disconnecting their device) and the result is that coinjoin will drop the round and start again. This is expected behavior that ensures coinjoin is functioning properly.
Not all rounds are successful; they may fail due to an insufficient number of participants (coinjoin requires a minimum of 150 participants, and a maximum of around 500) or incompatible inputs. It is important to remember that the failure of a round does not pose any risk to your funds.
To ensure the security and privacy of participants, your Trezor asks for multiple confirmations during the coinjoin process. As with any other type of transaction, it is important to trust only the instructions shown on your Trezor hardware wallet.
How private are my funds after coinjoin?
Privacy level represents the number of identical amounts used in a coinjoin transaction.
Trezor Suite uses a default desired 'anonymity level' of 5 (sometimes referred to as ‘1-in-5’) for the recommended coinjoin setup; this means that one UTXO is indistinguishable from 4 other UTXOs of exactly the same amount in the same transaction.
Your sats are considered private whenever the desired privacy threshold has been reached. You do not need to move these funds anywhere—you should send them directly from your coinjoin account. If you do move funds from a coinjoin account to any other standard bitcoin account, the already private coins will be combined with non-private ones, effectively ruining the privacy of your coins.
The ‘privacy level’ one can achieve is dependent on the number of other participants with indistinguishable outputs.
- If you send coinjoined coins from your coinjoin account, the receiving party will not have any knowledge of how you obtained the funds.
- If you receive bitcoin to your coinjoin account and anonymize it, the sender will not know anything about how you spend the funds.
Coinjoin does not guarantee 100% privacy, but it does improve bitcoin user privacy significantly when compared to transactions made without this protocol.
Answers to the most common questions related to coinjoin on Trezor hardware wallets can be found on our dedicated Coinjoin FAQs