UTXOs, addresses, and CoinJoins: Preserving privacy in a bitcoin economy

First published: 10/03/2022
| Last updated: 07/10/2023
| -- min read

Earlier this year, we published two articles focusing on UTXOs. The first article (and video!) served as an introduction to understanding UTXOs and why actively managing them should be important to anyone who holds bitcoin in self-custody. The second article, More UTXOs, more problems: High fees, signing failures, and how to avoid them, focused on how to think strategically about the amount of UTXOs you are holding to reduce your future transaction costs and help prevent signing failures.

This article, the third in the series, dives deeper into how to manage UTXOs to preserve privacy. Since all standard bitcoin transactions are recorded publicly on the blockchain, how you approach sending and receiving bitcoin can determine what information you are exposing to other people. Understanding how UTXOs and wallet addresses operate, and being mindful of how you interact with them, can limit the ability of prying eyes to track your spending behaviors and bitcoin balances.

We will start by reviewing what transaction information is always made publicly available on the blockchain. Then, we will cover some techniques you can use to help preserve privacy while receiving and sending bitcoin. Finally, we will discuss what you can do if you suspect your activities are being tracked by a bad actor so you can assist them with minding their own business.

Publicly available information

The first step in learning how to protect your privacy is understanding what information is publicly available for everyone to see. While bitcoin can be used quite anonymously, it is also intentionally a very transparent system, so that users are able to verify all of the protocol rules are being followed (such as the 21 million supply limit) and confirm the receipt of payments without trusting a third party. As such, reviewing how bitcoin addresses function with the blockchain is a crucial foundation upon which to build.

UTXOs exist on addresses

UTXOs and addresses are not the same thing. They are often conflated, and we will see why soon, but it is important to think of them separately. While you can imagine a UTXO as an individual chunk of bitcoin, you can think of an address as the location where the UTXO is stored. An address can hold zero UTXOs, one UTXO, or many different UTXOs.

Bitcoin wallets, whether they are singlesig or multisig, can generate many different addresses for receiving bitcoin UTXOs. In fact, your wallet can generate more unique addresses than you could ever possibly use! There are so many combinations of letters and numbers that could be picked to create an address, there is no realistic chance of your wallet generating an address that is also generated by someone else.

Addresses are tracked by the blockchain

You can think of the bitcoin blockchain as a public ledger that keeps track of the addresses containing UTXOs, as well as the value of each UTXO. However, the blockchain has no way of knowing which wallets—or which people—those addresses and UTXOs belong to. 

When you want to check the balance of your bitcoin wallet, your wallet software will use your public key (or public keys, if using multisig) to list out the addresses that may have been sent bitcoin previously. It will then scan the blockchain to see if any of those addresses contain UTXOs. If they do, it will add up the amount of bitcoin you control and display the number. In other words, the knowledge that your different addresses are connected to the same wallet is not public on the blockchain, but it can be known by anyone with the proper public key(s).


This visualization is not an accurate representation of the blockchain, but may be useful for imagining where certain information is stored.

Maintaining privacy while receiving bitcoin

Your wallet can generate addresses while completely disconnected from the internet. Other people generally have no way of knowing which addresses belong to you if they don’t have access to your public key(s) or private key(s). 

However, if you ask someone to send some bitcoin to your wallet, you must share one of your addresses with the sender. Once you do, you have permanently exposed to the sender that this particular address belongs to you. The sender could then also share the information with others. Unless you fully trust the sender, or your identity was hidden throughout the transaction, some of your privacy has been lost. The blockchain can forever be monitored to see how much bitcoin you are keeping on that address.

If you move the bitcoin off of the exposed address and onto a new address (either a new one that you control, or one controlled by someone else), that secondary transaction is also publicly recorded on the blockchain. Someone tracking your activity can not only see that your bitcoin has moved, but they can also see the new address(es) that the bitcoin was sent to. They might assume that any new addresses also belong to you, although you may have some plausible deniability in that regard.

No matter how many times you move the bitcoin to new addresses, there is a trail leading back to your exposed address. However, certain techniques can be used to help break the trail, which will be covered later in this article.

For now, a key point is this: be mindful of reusing addresses. Using a brand new address each time you receive bitcoin—especially from a new sender—is wise. If you provide an address to Sender A and receive 0.2 BTC, and then provide the same address to Sender B and receive 0.3 BTC, both senders can see that you have received 0.5 BTC from multiple different sources. 

This concept is why many people choose to only have one UTXO per address. Each time you are ready to receive some bitcoin, you can use a new address generated by your wallet for no extra cost. The sender cannot associate the new address with any addresses you have used before, unless other information was previously exposed.

Maintaining privacy while receiving bitcoin

Whenever you send bitcoin to someone, they can see which address(es) the bitcoin came from. This is another way certain addresses can permanently become associated with your identity. 

Once you empty bitcoin out of an address, it is a good idea to avoid using that address again. When you spend from a bitcoin address, you also reveal publicly how the address was constructed (e.g. 2-of-3 multisig) and the individual public keys used to build that address. As mentioned in the previous section, your wallet will always be able to provide you with fresh addresses, so there is seldom any need to reuse an old one. 

There are also some extra things to consider when sending bitcoin to a new address. First, you should be mindful of which addresses you might be combining when providing inputs to the transaction because this can expose new information to people you’ve transacted with in the past. Second, the various sizes of UTXOs you select for a transaction can determine how much change you get back and therefore how much bitcoin you are revealing as still belonging to you. Let’s examine these concepts in greater detail.

Avoiding unwanted address combinations

Suppose you grab multiple UTXOs from your wallet that are sitting in different addresses, and combine them as the inputs to a single transaction. In that case, you are displaying your ownership of all the addresses involved. If someone trying to track you only knew about one of the addresses, they would now know about the others as well. They could then look at the blockchain to see the history of those other addresses and learn more about your activity.

Let’s take a look at an example:

In the above illustration, Sender A has sent you 0.2 BTC, Sender B has sent you 0.3 BTC, and Sender C has sent you 1.1 BTC. Because you used a different address each time, none of the senders are aware of the bitcoin in your possession beyond the amount they themselves sent to you. 

However, once you take the UTXO from each address and combine them to send 1.6 BTC somewhere, your three addresses are connected. If Sender A was a bad actor tracking your behavior, they have learned that the other two addresses providing inputs to the transaction likely belong to your wallet. They can also see that those addresses at one point contained 1.4 BTC in total, and they might be able to discover who held that bitcoin before it got to you (possibly learning of your relationship with Sender B and Sender C).

Keep in mind that UTXO consolidations, discussed in the prior two articles in this series, often involve combining UTXOs from different addresses. The illustration above could represent a UTXO consolidation if the recipient address is simply a new address from your wallet. Due to privacy concerns, some people are very selective about which UTXOs they choose to consolidate, and others choose to avoid consolidations completely.

Avoiding large amounts of change

In our first UTXO article, we discussed the privacy issue that occurs when using a large UTXO to send someone a much smaller amount of bitcoin. For example, if you are using a UTXO worth 0.9 BTC to send someone 0.2 BTC, you will also want to send the remaining 0.7 BTC back to yourself at a new wallet address as change.

If the recipient looks up the transaction on the blockchain and sees the second output worth 0.7 BTC, they can reasonably assume it is your change. They could then be quite certain you still own at least 0.7 BTC, which might be more information than you want them to know.

By storing your bitcoin in smaller UTXOs, you will have more options to prevent substantial amounts of change being revealed to other people. However, it might also mean that you must combine UTXOs from different addresses to reach the full amount you want to send… which, as we just discussed, can also be bad for your privacy.

The perfect solution is to figure out precisely how much bitcoin you will send to other people in the future; what products or services you will want to buy with your bitcoin, and how much bitcoin those things will cost at the time of purchase. If you had this information, you could store a single UTXO in a single address for the exact amount you needed to pay someone, and you wouldn’t ever have to worry about combining addresses or getting change back. Obviously, this solution is highly impractical.

Less ideal, but perhaps the next best alternative, is to store your bitcoin in various sizes of UTXOs so you have a wide range of options to choose from any time you want to send bitcoin. Like cash in a piggy bank or physical wallet, most people would choose to have many different denominations of dollar bills rather than just one $100 bill or a hundred $1 bills.

Regaining anonymity with CoinJoins

What we’ve covered up to this point may lead you to believe that maintaining privacy while using bitcoin can be quite a headache. Not only would you need to put a lot of thought into selecting addresses and UTXOs every time you move bitcoin around, but you would also need to keep track of every address you’ve ever used to receive a UTXO, and note who the sender was that can connect that address to your identity. It can feel overwhelming, especially if you have some UTXOs in your possession that you acquired a long time ago and have no confident recollection of who sent them to you.

Luckily, a very powerful tool can be used to turn the tide against anyone trying to track you maliciously. A CoinJoin is a technique that allows you to reclaim lost privacy and, to an extent, undo some privacy mistakes that you may have made in the past. Sending bitcoin into a CoinJoin will scramble the path that leads back to you, making it very difficult for anyone to continue associating UTXOs with your identity.

Before conducting a CoinJoin, it is important to check your local laws and regulations. While designed to enhance the privacy of regular people, there are suspected instances of CoinJoins being used to launder money, which is illegal. Such suspicions dampen the enthusiasm of certain people toward this otherwise benign tool. It is also worth noting that some financial institutions may refuse to accept bitcoin that has been involved in a CoinJoin.

So how does a CoinJoin work?

The concept is fairly simple: a CoinJoin is a trustless collaboration among several people to create a transaction. In its simplest form, each person involved will contribute an equal amount of bitcoin as the inputs to the transaction, and each person will then receive back that amount of bitcoin as an output.

Let’s take a look at an example:

This visualization demonstrates a CoinJoin between you and four other participants. Each person takes 0.05 BTC from an address linked to their identity and agrees to contribute it to the overall transaction (plus fees). As the transaction finalizes, each person receives 0.05 BTC back as a UTXO on a brand new wallet address they control. The five new addresses acquiring the UTXOs should be anonymous, and therefore any observer looking at the blockchain will have no idea which of the receiving addresses belongs to you. Each receiving address only has a 20% chance of being yours.

As the other four participants eventually spend their bitcoin and expose which addresses are theirs, the address belonging to you can become less obfuscated by process of elimination. However, this can be easily combated by doing multiple CoinJoins, or performing CoinJoins with a much larger number of participants.

There are several different CoinJoin implementations commonly used by people around the world to come together anonymously and coordinate this maneuver. The most well-known options are WabiSabi, Samourai Whirlpool, and JoinMarket. Each implementation works differently and has its own tradeoffs, so conduct further research before deciding which method to use.

Also, remember that after putting bitcoin through a CoinJoin, the bitcoin can once again become associated with your identity by subsequent actions. For example, sending some of the bitcoin to someone else and receiving change back, may expose the change until it is included in a new CoinJoin. Or, if you use the bitcoin with a financial service that knows your identity, naturally the bitcoin will become linked to you in the eyes of the service provider.

If you want to learn more about CoinJoins, we have another article dedicated to the subject!

Final Considerations

Privacy is an extensive subject and it is impossible to cover all aspects of it in one article. However, there are a few more miscellaneous topics we want to touch on. Many folks learning about bitcoin have heard claims that dust attacks, running your own node, and the Lightning Network can impact your privacy. Let’s take a brief look at each of these.

Dust attacks

If you have ever noticed a small amount of bitcoin (usually less than 1000 satoshis) that has been added to your wallet but don’t know where it came from, you have likely received what is called a “dust attack.” This term sounds much more frightening than it is.

Typically, a dust attack is just a bizarre form of advertising and has no impact on your privacy. If you ever receive a small number of satoshis to an address you control already holding bitcoin, you can ignore it. When you move your bitcoin out of the address down the road, you can either take the tiny UTXO with you or leave it behind.

On the other hand, if you ever receive a small number of satoshis at an address you control that was otherwise empty but previously used, you should try to leave that UTXO behind while moving your bitcoin. While such an occurrence is rare and not especially dangerous, combining that UTXO with your other bitcoin could reveal your ownership of other addresses to interested parties (see the earlier section, “Avoiding unwanted address combinations”). Many wallet softwares protect you from this automatically, leaving the small UTXO behind by default.

Running your own node

Whenever you check your wallet balance or send bitcoin, you must connect to the bitcoin network through a node. There are tens of thousands of nodes worldwide that make up the network, and they communicate with each other to keep bitcoin decentralized. To learn more about this crucial aspect of how bitcoin operates, see Ted Stevenot’s article: What is a bitcoin node and how does one work?

With a bit of research and not too much difficulty or cost, you can run your own bitcoin node and connect to the network directly. If you don’t run your own node, you are forced to send information through someone else’s node when interacting with your bitcoin wallet. Often the wallet software you are using will have nodes you can connect to by default, but what if you don’t want your privacy to depend on the security and integrity of the third party node? Instead, you can take matters into your own hands and only send and receive information through your own equipment. Privacy is one of the several reasons to consider running your own node.

Lightning

A great way to round out this three-part series on UTXOs is to discuss the Lightning Network. Lightning is by far the most popular second-layer technology built on top of bitcoin. It allows bitcoin transactions to take place outside the blockchain, using a network of 2-of-2 multisig arrangements called lightning channels. 

By avoiding the blockchain, lightning payments can be settled faster (nearly instantly) and with lower transaction fees. They are also not recorded on a public ledger. From a privacy standpoint, this offers some substantial advantages. Sending bitcoin through the Lightning Network is another method that can cause difficulties for someone trying to track where your bitcoin ends up.

However, lightning is complicated and still relatively new. The privacy advantages are far from perfect, and it is generally not recommended to put large amounts of your bitcoin into the Lightning Network for security reasons. Yet with every passing month, improvements are being made; lightning developers are truly on the cutting edge of payment technology.

Many of the topics covered in this trilogy of articles do not apply within the world of lightning, because UTXOs are not directly involved in lightning payments. Nonetheless, it is likely that the highest-security base layer of bitcoin—which necessitates conventional transactions on the blockchain—will always be relevant, and therefore so will UTXOs. Now that we’ve gone through the basics of UTXOs and the tradeoffs involved while managing them, you will be much better prepared to operate in the bitcoin economy with confidence.

Take your bitcoin journey to the next level

Preserving your privacy is just one part of increasing your sovereignty in a bitcoin economy. Other important issues include taking self-custody of your funds and eliminating single points of failure when storing your bitcoin for the long term. Whether you’re curious about best practices for managing UTXOs, holding your own bitcoin keys, or multisig vault solutions, Unchained’s Concierge team is here to help. Learn more by scheduling a call to speak with one of our experts—and take your bitcoin journey to the next level. 

Sign up to get notified for future blog articles.