OpenBitcoinPrivacyProject/wallet-ratings

Issues

• add to threat model to cover this bitcoin core rebroadcast feature

  #146 opened 5 years ago by kristovatlas
  0

• add countermeasure -- do not update blockchain data filters

  #137 opened 8 years ago by kristovatlas
  7

• Criterion: Don't allow users to screenshot sensitive data

  #143 opened 7 years ago by dcousens
  2

• Criteria: Does wallet with BIP70 support reserve a refund address?

  #145 opened 7 years ago by kristovatlas
  0

• Preferred Transaction Version

  #116 opened 8 years ago by dcousens
  17

• Anti-fee sniping counter-measures

  #115 opened 7 years ago by dcousens
  11

• Determine weight for temporal window for attack as a cost factor

  #144 opened 7 years ago by kristovatlas
  0

• Add criteria (NO 5-of-16)

  #138 opened 7 years ago by dcousens
  1

• Countermeasure against linking IP to address based on first hop analysis: random delays

  #136 opened 8 years ago by kristovatlas
  5

• Network criteria: Fingerprint specific client version based on SSL cipher suites

  #142 opened 8 years ago by kristovatlas
  1

• Add Attacker category descriptions

  #140 opened 8 years ago by kristovatlas
  10

• Determine Severity Benchmarks for 3rd edition

  #135 opened 8 years ago by kristovatlas
  18

• new criterion: wallet client uses Tor when Tor is running with default configuration

  #141 opened 8 years ago by kristovatlas
  0

• Add Network observer attack: Identify Internet user as a Bitcoin user

  #139 opened 8 years ago by kristovatlas
  1

• relist CR48 (coinshuffle criterion) under relevant attack

  #133 opened 8 years ago by kristovatlas
  2

• remove duplicate, unlisted countermeasures

  #132 opened 8 years ago by kristovatlas
  2

• consider rewording attacks related to change instead in terms of output ownership

  #134 opened 8 years ago by kristovatlas
  0

• reword CR09 (BIP126)

  #129 opened 8 years ago by kristovatlas
  0

• Alternative to creating identity containers: Just never merge heterogenous inputs

  #131 opened 8 years ago by kristovatlas
  1

• Re-write all criteria descriptions as questions

  #130 opened 8 years ago by kristovatlas
  0

• criteria: BIP 126

  #102 opened 8 years ago by kristovatlas
  6

• rephrase criteria: "Only query one address at a time from a specific connection context"

  #103 opened 8 years ago by kristovatlas
  10

• consider time of privacy breach for blockchain-based attacks

  #127 opened 8 years ago by kristovatlas
  4

• Revisit criterion for number of clicks to import a private key into an identity container

  #112 opened 8 years ago by kristovatlas
  3

• JSON comment: annotate why bip 62 is listed in list of countermeasures to detecting which output is change

  #122 opened 8 years ago by kristovatlas
  0

• Reword criteria about detecting whether wallet was installed

  #108 opened 8 years ago by kristovatlas
  14

• Revisit criterion for number of clicks to perform first backup

  #111 opened 8 years ago by kristovatlas
  2

• RBF: changing inputs may link merged inputs not present in final version

  #128 opened 8 years ago by kristovatlas
  0

• consider detectability as a severity benchmark

  #126 opened 8 years ago by kristovatlas
  0

• review the network observer, transaction participant, and wallet provider attacks to look for attacks that should be listed commonly but are not yet

  #125 opened 8 years ago by kristovatlas
  0

• consider allowing same attack to be listed under multiple attackers

  #124 opened 8 years ago by kristovatlas
  0

• new attack: wallet provider use order of inputs or outputs to surreptitiously leak info

  #123 opened 8 years ago by kristovatlas
  0

• consider adding client fingerprinting attack to wallet provider and network observer

  #121 opened 8 years ago by kristovatlas
  0

• change countermeasures/criteria related to randomizing change outputs

  #104 opened 8 years ago by kristovatlas
  11

• report clarification: who is our sample user?

  #96 opened 8 years ago by kristovatlas
  1

• de-list the "# of mixing partners" criteria from countermeasure for "risk-free mixing"

  #109 opened 8 years ago by kristovatlas
  2

• rename countermeasure concerning querying blockchain data for multiple addresses

  #110 opened 8 years ago by kristovatlas
  3

• who is the target user in the threat model?

  #120 opened 8 years ago by kristovatlas
  0

• meta-attack: unfriendly contribution setting dissuades participation and thus peer inspection of source code

  #119 opened 8 years ago by kristovatlas
  0

• maybe new attack -- another app on the same device captures keystrokes

  #118 opened 8 years ago by kristovatlas
  1

• Reword countermeasure about address reuse

  #106 opened 8 years ago by kristovatlas
  2

• enumerating forensic attacks on data at rest

  #117 opened 8 years ago by kristovatlas
  0

• Task List for 3rd Edition Report

  #114 opened 8 years ago by kristovatlas
  0

• Review document comments for “Rating Procedure” from 2nd edition, incorporate into new procedure

  #113 opened 8 years ago by kristovatlas
  0

• Review comments on “2015-2 Criteria” document for proposed changes

  #105 opened 8 years ago by kristovatlas
  1

• clarify what is meant by "BIP 62" compliance

  #107 opened 8 years ago by kristovatlas
  4

• miner attack: delay or prevent mining of transaction based on amount

  #98 opened 8 years ago by kristovatlas
  1

• report clarification: intro to bitcoin privacy section

  #97 opened 8 years ago by kristovatlas
  2

• enhancement: add wallet provider questionnaire document for 3rd edition

  #95 opened 8 years ago by kristovatlas
  0

• possible new attack/countermeasure/criteria: network provider observes sensitive traffic such as bloom-related queries

  #93 opened 8 years ago by kristovatlas
  0