As we mentioned in our earlier post announcing bchd beta, we have also ported the neutrino wallet backend to our
bchwallet codebase. This means that for the first time in the history of Bitcoin Cash users have access to a lightweight SPV wallet with strong network level privacy.
A Privacy Primer
When you think of privacy in cryptocurrencies most people tend to focus on blockchain privacy ― the degree to which people can trace your transactions through the public ledger. And rightfully so, the blockchain is an important component, but it’s not the only aspect of privacy. Network privacy refers to your privacy vis-a-vis the peers or server that your wallet connects to. Prior to neutrino there was not a single lightweight wallet available on the market that does not disclose all the addresses in your wallet and your entire transaction history to a third party.
While it’s true that you can use Tor to try to prevent your wallet’s transaction history from being associated with your IP address, it tends to be difficult to impossible to prevent your trading partners (who necessarily know the address your paid from or which they paid) from learning your real identity. Thus even when using Tor there are people who can link your identity to an address and still more people who can link that address to all the transactions in your wallet.
Client Side Filtering
The concept of client side filtering has been around for a long time but it wasn’t until BTC developers Roasbeef and Jim Posen and others took the initiative to create a specification for it (bips 157/158) and wrote the code that it came into being. Roasbeef in particular did an enormous amount of heavy lifting writing both the neutrino wallet code and making the modifications to
btcd(which we ported to
bchd). Technically they use neutrino as an SPV option as part of their Lightning Network implementation (lnd), but we just use it as a normal wallet unrelated to lightning.
The way it works is full nodes create a filter for each block in the chain. You can think of a filter as an ultra compact representation of all of the transactions in the block. The nodes store these filters on disk along with the block.
SPV wallets using neutrino sync the full chain of headers like a normal SPV wallets, but they also download the filter for each block. Once they receive the filter they can test all the transactions in their wallet against the filter to see if there are any matches. If there is a match, they download the full block and parse it for their transactions. Using this approach wallets avoid disclosing to the peers they connect to which addresses are in their wallet (note that Tor would still be recommended to remain private when making spends).
Old style SPV wallets were not capable of doing any block validation and thus would follow the longest (most work) chain regardless of whether that chain is valid or not. As an example, if a current SPV wallet connects to a BSV node, it has no idea that it’s being fed an invalid chain.
While neutrino isn’t capable of doing full validation, it can at least perform sanity checks on the blocks that it downloads. For example, neutrino will validate that blocks follow canonical transaction ordering and do not contain any invalid opcodes.
Thus neutrino would not sync onto the BSV network even if BSV were to create a chain with more work than the Bitcoin Cash chain.
Finally traditional SPV wallets have the problem where the peers or server they connect to can lie by omission and make the wallet believe it did not receive a transaction or that a transaction didn’t confirm. This is not possible with neutrino as attempts to bamboozle the wallet can be detected and the peer will be banned.
When we ported neutrino over to BCH it did not have any ability to discover unconfirmed transactions. The reason for this is pretty simple ― any attempt to filter transactions in the mempool would blow the privacy you gained by using neutrino. So it was programmed to only notify you of a transaction when it received its first confirmed.
This is one of the things we’ve changed. By default neutrino will listen on the network for all unconfirmed transactions (no filtering) so that it can detect if you receive a payment. This functionality can be turned off with a config setting.
At first glance this seems like users will be slammed with bandwidth usage, but when you crunch the numbers it’s really not that bad. Most SPV users don’t keep their wallet running 24/7. Typical usage amounts to opening the wallet for a few minutes here and there. If you have the wallet open for 10 minutes in a day, say, then that’s only the equivalent of downloading one block. Even at very large block sizes (say 100MB) data usage is still likely to be within the range of a typical mobile data plan (and of course wallets can be programmed to only sync or download unconfirmed transactions on WiFi).
Right now neutrino is command line only software. To use it you need to download the
bchwallet binary from our website.
To run it you must first create a new wallet:
Follow the prompts and write down your seed. Then you can start it with:
bchwallet --usespv -u username -P password
It uses the
bchctl CLI interface to control it the same way
bchctl --wallet -u username -P password getnewaddress
A Call for UI developers
If you’re a good UI designer/developer please get in touch (or not as this is free software :P). We’d love to see someone build a nice front end for it. Preferably for mobile but an electron desktop UI would be nice too.
There is a
gomobile compiler which will easily compile the wallet binary to run on IOS or Android. And the wallet comes with a modern gRPC API which you can use to control it. If there are any API calls that you need that are not implemented let us know and we’ll get them in there.
All that is needed is YOU to build the UI.
To Full Node Users
bchd is the only full node implementation currently capable of supporting neutrino SPV wallets. If you run a full node or are considering doing so, please consider running a
bchd node as you will help enable neutrino wallets and provide much needed privacy to Bitcoin Cash users.
Finally this is all beta software. If you’re using it on mainnet please only use it with a small amount of funds. Take note of any bugs you find and report them to us on github.