Update: since the writing of this article, TorWallet’s developers have ceased communication and the service is not processing withdrawal requests, and so the webpagina is with staggering probability a scam. Let this be another reminder to all Bitcoin users: anonymously operated financial services are te almost all cases not to be trusted.
The latest online Bitcoin wallet to come out, TORwallet, is, te simplest terms, a combination of Instawallet and a Bitcoin mixing service (or “tumbler” or “laundry”, spil the concept is sometimes called). Just like with Instawallet, the service works by generating a random URL for each fresh wallet, and demonstrating a Bitcoin address you can deposit to to add funds to the wallet onscreen. Once you deposit money, all you need to do to withdraw it at any point te the future is to revisit the same URL, inject the destination address and click “Send Bitcoins”. The other defining feature of the wallet, the mixer, mixes your bitcoins into a large pool and then sends you bitcoins back, but ones which are not linked to your original coins te the blockchain. Essentially, for an adversary who has not compromised TORwallet, the task of linking your fresh “laundered” bitcoins to the old ones becomes almost unlikely.
While the idea seems convenient at very first glance, the effectiveness of this implementation can be called into question. Very first of all, the representation of TORwallet spil an “anonymous mixing bitcoin wallet” is somewhat misleading. One would expect such a wallet to carry out its mixing functionality automatically and behind the scenes, so that user could be comfy ter the skill that the “mixing wallet” is doing the mixing for him, but ter TORwallet this is not the case. For mixing to take place at all, the user voorwaarde activate the feature by hand by clicking the “mix coins” button and paying the greater of 3% of the amount mixed or 0.Five bitcoins spil a toverfee, making the “mixing” and “wallet” functionalities essentially totally separate. This particular way of implementing the mixing functionality is very problematic not only because of usability, but also because it thresholds functionality, what if a user periodically deposits fresh coins that need to be exchanged for “clean” coins and does not wish to pay a 3% tax on his entire pool of savings every time he does so?
The wallet’s security monster, a copy of that used by InstaWallet, is also problematic. The strategy of using the URL spil the password is very problematic, since it means that anyone who gets access to your browser can simply look through your history, open up your wallet and drain it within seconds. Accessing the wallet only through a private browsing mode (which the Tor browser bundle does by default) solves this problem, but also creates the problem of having to find a place to store the URL. To prevent attackers from lightly finding it with a elementary opstopping directory scan, it would have to be stored encrypted, and at that point what you have is simply a more cumbersome version of a decent username/password authentication framework like that used by secure wallets like Blockchain. This is not to say that Instawallet is worthless, the wallet’s extreme usability makes it an ideal candidate for users who are just getting commenced with Bitcoin or don’t have time to set up an account at a more advanced alternative. However, Instawallet themselves recommend that you “please do not store more than some spare switch here,” and since TORwallet’s toverfee structure implies that they expect people to be storing more than 16.7 BTC ($100) with them, they would do well to listen to Instawallet’s own advice.
Both of TORwallet’s key functions have superior alternatives spil separate entities – Bitcoin Fog spil a mixing service, spil it takes a smaller toverfee (randomized 1-3%) and a smaller ondergrens (1.00 BTC withdraw with no immobilized toverfee component), and Blockchain is a stronger wallet. Furthermore, there is even a service which can be described spil a mixing wallet done right: Silk Road. The Tor-based black market auction webpagina employs a secure mixing service intended to be safe enough even for users engaged ter illegal activities for all bitcoins passing through the system, and includes the send, receive and storage functionality needed to make a basic wallet work.
The last problem is that of trust. Spil wij know from the examples of MyBitcoin and Bitscalper, anonymous services whose only function is storing money cannot be trusted simply because the profit that they would earn from running away with everyone’s coins at any point is adequately high compared to the profit that they expect to earn te the future by acting honestly that it often is expedient for them to vanish. Deposit accounts can still be trusted, if the provider provides enough information about who they are and where they can be found, the threat of law enforcement will shift the calculus toward honesty, and even some anonymous services can be trustworthy. Ter the case of Silk Road, for example, users only need to store switch ter the service for a few days, and the owners have an effective source of fees, the future expectation of which is sufficient to continually entice them to conduct themselves honorably. TORwallet, however, is intended to be a long-term money storage provider, and has chosen to maintain their anonymity, placing them on par with Bitscalper te terms of the level of trust that they presently deserve.
The one feature that TORwallet does have overheen its alternatives is its onmiddellijk accessibility through Tor spil a hidden service, something which no other online Bitcoin wallet (except Silk Road and its ilk) has available. Aside from that advantage, however, the service has a long way to go te terms of implementing a reliable framework of security and trust. One suggestion would be to switch to a Blockchain wallet security prototype, where the wallet is stored encrypted and all calculations are done client side, and to seamlessly integrate the mixer into the wallet spil a deposit mechanism – the wallet would showcase a deposit address where users can send their funds to, which automatically triggers a mixing service which sends randomly sourced bitcoins to the wallet that the user controls perhaps less a 1-2% toverfee. This would solve the trust problem and the security problem while making it much more of a true “mixing wallet” at the same time. Abandoning the Instawallet URL-as-password specimen for something more secure is another necessity. Spil it stands, however, there are much better alternatives for the functionality that it provides.