CoinBase, “the world’s most popular Bitcoin wallet,” recently placed last in a privacy report by the Open Bitcoin Privacy Project (OBPP). The spring report focused on usability, quality, and user feedback for address generation and backup, privacy from blockchain observers, privacy from network observers, and privacy for transaction recipients.
In the report by the OBPP, an open-source organization dedicated to financial privacy, CoinBase scored an 11 out of 100 and declined to answer a questionnaire about wallet capabilities. The report notes that CoinBase generates and holds all private keys server side, an act of low privacy which even Blockchain.info does not make. CoinBase additionally scored zero in the “privacy from blockchain observers,” “privacy from network observers,” and “privacy for transaction recipients” categories.
Darkwallet and Armory tied for first with 54 out of 100, with Darkwallet taking first in usability and Armory in quality. DarkWallet operates as a Google Chrome plugin and automatically utilizes CoinJoin transaction mixing with ECDH stealth address creation. Armory is similarly multi-platform and does not reuse transaction addresses by default with support for the Tor network. According to the OBPP report, Darkwallet can be improved with a larger user base for safer coin mixing, and Armory can be improved by implementing CoinJoin mixing.
CoinBase has long pursued regulatory compliance in the Bitcoin space, which has negatively affected it’s users. Recently, many user accounts were frozen without notice due to Bitcoin donations to “Gwern,” a “Dark Net” researcher. However, accounts with donations to Edward Snowden, a whistle blower charged with three felonies, have had no action taken against them.
CoinBase is often compared to a traditional bank due to their responsibility to regulators, including the reporting of suspicious activity. Many Bitcoin wallets and wallet providers the OBPP researched for their report are not inhibited by regulation, and therefore are able to offer better privacy to users.
OBPP contributor Kristov Atlas had the following to say on financial privacy:
“Financial privacy is enforced lightly by the Bitcoin protocol. The short section on the matter dedicated by Satoshi in his whitepaper contains helpful suggestions, but no rules. […] Our services and software have long ignored Satoshi’s suggestions, however, relying on a prevailing and dubious notion of Bitcoin as inherently anonymous.”