Read on Twitter
1/ A small thread of #Ethereum privacy tips/rants for @coffeenaping and anyone else who either is worried about it or isn’t yet. https://twitter.com/coffeenaping/status/1248163100697780229
2/ First, remember everything you do in Ethereum is public. Every smart contract you use, your token balances, anyone you pay, any payment you receive is public and viewable to the whole world on https://etherscan.io and other block explorers.
3/ Even zkSnark mixers are relatively easy to correlate using Etherscan until they have considerably more users. Just see the transactions here https://etherscan.io/address/0x12D66f87A04A9E220743712cE6d9bB1B5616B8Fc
I’m glad to see that most of the transactions there are exactly 0.1 ETH which makes it more difficult to track.
I’m glad to see that most of the transactions there are exactly 0.1 ETH which makes it more difficult to track.
4/ What about ENS? ENS is excellent for naming services or public business accounts.
Just for god’s sake, please don’t use it as a personal username. You are doxing your self. Also, please do not add it to your twitter profile. @coffeenaps I was easily able to see your balances
Just for god’s sake, please don’t use it as a personal username. You are doxing your self. Also, please do not add it to your twitter profile. @coffeenaps I was easily able to see your balances
5/ Please Ethereum wallet and login systems, stop encouraging end-users who do not understand this to use #ENS.
It may make things more familiar, but you are exposing your users’ transactions. You may even be exposing yourself to GDPR risk as a business if you do so.
It may make things more familiar, but you are exposing your users’ transactions. You may even be exposing yourself to GDPR risk as a business if you do so.
6/ Use a new address for each dApp. Perhaps even multiple ones. Do not transfer funds or tokens directly between them if you can avoid it.
If your wallet only supports a single address, then switch! All good wallets have HD support and can instantly create new accounts for free
If your wallet only supports a single address, then switch! All good wallets have HD support and can instantly create new accounts for free
7/ Unfortunately, the current web3 provider paradigm that most web3 developers use makes it a pain in the ass to have different accounts for each dApp. @metamask_io supports multiple accounts, for example, but you have to remember which one you used for each dApp.
8/ Instead of transfering funds between accounts use centralized exchanges with vast amounts of transactions like Coinbase, Kraken, and Binance. They can be used as a simple privacy mixer for non-criminal purposes.
9/ Wallets supporting only one account are often smart contract based wallets as they are expensive to create.
This is also why we moved away from this approach 2 years ago at @uport_me.
This is also why we moved away from this approach 2 years ago at @uport_me.
10/ I am horrified by how many new projects reinvent smart contract wallets (and add ens usernames). Then excitedly announce they’ve finally solved Ethereum useability every year at #DevCon
11/ Even worse is that none of the #Ethereum podcast hosts or journalists (you know how you are and so do we), that keep pushing this narrative of ENS and smart contract wallets without understand the horrific privacy implications.
