I wanted to start this topic because for a while I had some concerns regarding some privacy aspects of Grin. I shortly discussed it on KeyBase and made it into a future request, but it might be good to discuss it with the wider community here.
The problem is that currently a public/external tor address is the same as your wallets slate-pack address, see here technical details. and this is potentially a bad thing . Not the case, only a .onion address linked to it is visible.
My concern is two fold
a) By directly broadcasting a tor address as external tor address, anyone who scans the tor network can simply log and collect slate-pack address information. With this information public, it is easy to mark wallets with outputs especially when there is auto-receive enabled in the wallet, which is currently the case.
b) When a node goes offline, anyone who connects to enough nodes can detect this and store the IP and time information. An attacker who monitors the tor network and connects to enough nodes, can also map tor/slate-pack nodes that go offline.
by matching the time, an attacker can relatively easily map IP’s to slate-pack addresses which compromise the online ID of the wallet owner.
- Add one extra level to tor, meaning you broadcast a random address and only when asked for the specific slatepack address, the wallet pretends to relay it. This only adds one extra step of decrypting incoming packages which is relatively cheap with a lot of privacy gain. At least it will not enable attack a), anyone from scanning for slate-pack addresses, and it will make b) slightly more difficult.
- Make it possible to run nodes via tor. Even if they would have some sort of permanent ID, as long as that would not involve an IP address, there is no significant privacy leak when nodes and wallets go offline at the same time.
- Optionally make some sort of tor decoy service, meaning when you shutdown your wallet. The tor address stays online longer or pretends to be online even when all packages are simply written to output 0.
- Suggestion by @davidtavarez use Nostr to solve all these issues
I hope that these concerns also make it a bit more clear why as community we funded the implementation of the option of generating a new slatepack address in Grin++ as well as why we are having so many discussion on whether auto-receiving of funds is good (good UX) or bad (anyone can send your wallet tainted coins).
Edit: According to @joltz, slatepack addresses are not broadcasted via tor (see discussion on Keybase). So this takes away 90% of my concerns. It is however still a privacy concern that nodes leak users IP address, which when combined with their time of going online and offline could be linked to a slapack address or transaction if sufficient data is collected. One easy way to mitigate this is by running your wallet and node continuously, good for the network and good for your privacy! So consider running a dedicated node and wallet on a Raspberry Pi (minimal 4 GB) for example.