What is CoinJoin technology?

What is CoinJoin technology?

Although Bitcoin is decentralized, it is not a completely anonymous and confidential system. There are many ways for the government to audit your transactions or maliciously track them. Bitcoin transactions leave a kind of "digital fingerprint," with the result that transactions can be tracked by IP addresses. What's more, transactions on the network can be tracked through the blockchain browser. This means that much information is available to anyone who is interested.


What is CoinJoin

The idea behind CoinJoin was proposed by Gregory Maxwell, and CoinJoin essentially anonymizes bitcoin transactions. CoinJoin allows transactions to remain closed by combining coins. This is the process of adding transactions together, with no third party involved, to be sent as a single transaction.

However, CoinJoin interacts first with a central provider who coordinates the joint transactions. It also stores information about the user during the negotiation process.

CoinJoin allows users to save on fees-if you merge two transactions into one, only one fee is charged. What's more, once combined, one CoinJoin transaction takes up less space than two separate transactions and consumes less work for the network as a whole.

Read more: What is decentralized finance (DeFi)?


Bitcoin transaction basics and multisig

Since bitcoin transactions are a combination of UTXO, there is nothing in the original script that makes CoinJoin difficult or atypical. A bitcoin transaction touches one or more inputs and creates one or more outputs with specified values.

CoinJoins use multi-sig, hence no one person can have sole control over a transaction. Each signature is independent of the other and is provided individually for each entry. Therefore, Bitcoin users can easily agree to cooperate and share costs. CoinJoin, by definition, requires more than one signature to execute. Moreover, each input is an output from a past transaction. This means that there is a separate signature (scriptsig) for each input. The past signature was created according to the rules of a particular past output (scriptpubkey).

It is categorically impossible for scriptpubkeys to use the same key for multiple inputs. The design of the script makes it so that even when transactions are sent from the same address, they will not be identical, and hence there is no problem with multi-signing.

As mentioned, a bitcoin transaction is essentially just a combination of transactions that make up a new UTXO. Thus, it is quite possible to combine transactions from multiple accounts or people to make a new withdrawal sent to a single address. The transaction is invalid and will not be accepted by the network until all signatures are provided.

As a result, CoinJoin can increase privacy. The main reason is that a mandatory number of signatures is required of all senders. Thus, all parameters of the transaction must be agreed upon, otherwise, one or more participants simply will not agree to sign it.


Bitcoin's problems

Another reason to increase Bitcoin's security and privacy is to keep it functional. Bitcoin is often viewed as a fungible asset. Like gold, it has no unique value. In the case of bitcoins, each transaction is unique, but they are all valued and exchanged in the same way. This is the basis for it to function just like fiat currency.

A non-substitutable token (NFT) is a token that represents something unique that reduces interchangeability - each coin is valued differently. Real estate can be an irreplaceable asset because it has a relative value based on many variables.

However, autonomy is a growing problem as more and more Bitcoin-specific uses are investigated. The problem is that if a particular transaction or a particular address is blacklisted, Bitcoin loses its functionality because all bitcoins no longer have interchangeable values.

Therefore, the desire to use the CoinJoin method, such as the Wasabi wallet, is a growing trend. The main argument is that most people use the currency for legitimate purposes, and therefore they should not suffer losses due to unscrupulous users. Therefore, making Bitcoin less traceable is an attractive goal to preserve the value of the currency and user privacy.

Using mixers, the CoinJoin method returns bitcoin privacy - following the trail of transactions becomes simply impossible. But the problem with many mixers is that a trusted third party is required. That's why CoinJoin digital wallets are now available for security and simplicity.


CoinJoin operation process

The private CoinJoin process is done with the Wasabi digital wallet. Wasabi is an open-source, non-storage, privacy-focused bitcoin wallet designed for your desktop. The wallet creates mixed coin transactions through Chaumian CoinJoin. This wallet uses a type of verification based on a central server that operates anonymously using Tor and the Bitcoin P2P network.

The idea behind Wasabi is that you can merge transactions and not share personal information. Thus, when a joint payment is made, the input and output are not separated. They are combined to arrive as one bitcoin transaction. With this method, the exact direction of the money remains unknown to third parties.


How Wasabi Wallet protects transactions and addresses:

  1. Each user's wallet connects to other wallets using Tor. Connecting to other wallets makes it harder to track IP addresses.
  2. Once the user is ready, they can add their coins to the "queue".
  3. Once 50 wallets (current minimum) have joined the public queue, an unsigned bitcoin transaction is created.
  4. Before logging out, all users must verify that their inputs and outputs are correct. Only after the validity check, the process of electronic signatures begins. At this point, all users must complete the multi-signature transaction.
  5. Once all the necessary signatures have been collected, the transaction is broadcast to the network.


Security issues with CoinJoin

For CoinJoin, users must agree on the terms of the transactions they want to join. Early services were centralized servers. These centralized servers required users to trust the service operator with their coins because the transaction was first sent to a third-party provider. The problem users face is the risk of theft when the resource service coordinates a joint transaction. With centralized services, there is always a risk of privacy breaches because the service stores personal information. Newer projects are already decentralized and aim to circumvent the problems associated with centralization.



So we can see that with the CoinJoin method it becomes more and more difficult to track IP addresses or blacklist users. Consequently, the level of security increases. CoinJoin is built into the design of the script, so it requires no additional development. It uses the multi-signature method as a basis but offers more flexibility. Since collected transactions in CoinJoin are signed only after the script is considered valid, you don't risk losing your money and can save on transaction fees.