Question for the Bitcoin Pros:
1. Say i send 1000 sats from an KYC Exchange to the first address of my wallet.
2. Then i clear that address. I send 800 sats back to the exchange and pay 200 sats fee. 1000 sats spent. Wallet Balance: zero.
3. Then i send 2000 sats from a non-KYC p2p exchange to the second address of that same wallet.
Will that 2000 sats be linked to my kyc sats in any way? Can someone find out my identity? 🤔
in my opinion no but there are a lot of pitfalls that depend very much on the wallet software
i would always try to separate the accounts
So generate a completely fresh wallet with a passphrase for example?
there are so many philosophies
all you need is a new derived account with a new zpub
but if you can imagine a case where someone comes to your home to get your keys, a completely separate seed would be a good idea.
and yes also a passphrase can achieve that
but im not an expert just a pleb
An address is like a mail box in front of your house. You can own the entire street, each house will have its own mailbox.
What ever a mailbox receives is to that house.
The houses are connected underground with a key that only you can access.
No one knows that you live in all these houses.
But every time you go to pick up the mail from one, they will.
Or you can send your dog.
I enjoyed writing this, hopefully it’s all analogously correct.
Your wallet’s list of addresses is generated by your xpub (extended public key).
If that xpub (and all of its addresses) have been leaked, then any address you use will be linkable (with some effort) to that initial KYC’d transaction.
I don’t believe you can infer an xpub from a wallet address (although I could definitely be wrong about that, so #asknostr), but your watching wallet software (and I maybe even the node you broadcast transactions to?) can see your xpub/addresses.
So if you use Ledger Live, for example, then Ledger does know all of your addresses. It would take coordination between Ledger and the exchange to dox all of your addresses, but it’s possible in a way that doesn’t exist when you have a separate, KYC-free wallet. (Highly recommend).
The other difficulty (which I think you’re covered in when emptying a wallet) involves change addresses. You can end up accidentally doxxing your stack if you “share” a wallet because of how UTXOs are managed.
It’s 1000% better to have separate wallets, separate stacks, to never need to worry about this.
Would srperation be given by generating a fresh wallet with a fresh passphrase?
I believe so, but I’m not sure. Paging nostr:npub1ltt9gry09lf2z6396rvzmk2a8wkh3yx5xhgkjzzg5znh62yr53rs0hk97y for this one
Yes
What if you derive a first xpub with a passphrase. Is Ledger able to link the 2 xpubs?
If you’re using their software wallet, I’m pretty sure ledger can see everything you do, along with your IP address if you don’t use a VPN, which they store for 5 years:
😱😱😱😱
Correct
Your wallet’s list of addresses is generated by your xpub (extended public key).
If that xpub (and all of its addresses) have been leaked, then any address you use will be linkable (with some effort) to that initial KYC’d transaction.
I don’t believe you can infer an xpub from a wallet address (although I could definitely be wrong about that, so #asknostr), but your watching wallet software (and I maybe even the node you broadcast transactions to?) can see your xpub/addresses.
So if you use Ledger Live, for example, then Ledger does know all of your addresses. It would take coordination between Ledger and the exchange to dox all of your addresses, but it’s possible in a way that doesn’t exist when you have a separate, KYC-free wallet. (Highly recommend).
The other difficulty (which I think you’re covered in when emptying a wallet) involves change addresses. You can end up accidentally doxxing your stack if you “share” a wallet because of how UTXOs are managed.
It’s 1000% better to have separate wallets, separate stacks, to never need to worry about this.
Beware! The observer always observes... 👀
