When dust settles in your home, you wipe it up. But what about when unwanted dust makes its way into your bitcoin wallet? Well, cleaning it up may not be so simple.
In Bitcoin parlance, âdustâ is the technical term given to trace amounts of bitcoin that are considered too small to send in a transaction because the transaction fee would exceed the amount sent. Typically, dust is no more than a few hundred satoshis (a microunit of measurement for bitcoin).
Because sending dust is expensive relative to the transaction size, normal bitcoin users have no reason to transact with dust. But that doesnât mean other entities, like bad actors or blockchain researchers, donât have a use for it.
Entities conducting blockchain analytics may use dust to deanonymize users and their wallet addresses. The idea is to create enough deterministic links between the analysis firmâs wallets and the recipient addresses. Once these links are created, the firm can run analysis using the data it collects to trace IP addresses to the recipient wallets.Â
âWhen the dust is consolidated with the userâs other funds, it helps with chain analytics by making it easier to cluster addresses,â Sergej Kotliar, the CEO of Bitrefill, told CoinDesk. If users donât consolidate the unspent transactions (UTXOs), then they donât need to worry about their anonymity. However, most wallets automatically consolidate UTXOs when a user creates a transaction, so this can be tough to navigate around unless you are choosing which UTXOs to spend manually.
CoinDesk reached out to Chainalysis and CipherTrace to ask if they use dust in their analytics. Both companies denied using this technique, though Chainalysis Manager of Investigation Justin Maile added that dusting is âmore often [used] by investigatorsâ to trace illicit funds. Maile continued that exchanges may use dusting to trace stolen funds following a hack.
Read more: How Do Bitcoin Transactions Work?
Dave Jevans, the CEO of blockchain analytics company CipherTrace, told CoinDesk that âhackers may use dusting as a strategy for identifying individuals who can then be phished or extorted.â
The threat of anonymity aside, consolidating these UTXOs would mean spending more in fees than the dust is worth. The resulting dilemma then becomes: leave the too-piddling-to-spend UTXOs to clutter the wallet or consolidate them and thus compromise privacy. (Itâs not uncommon for users to have their wallets dusted more than once by the same entity, leading to significant clutter. Phil Geiger, the director of marketing at Unchained Capital, for instance, told CoinDesk he has âhad addresses dusted repeatedly.â)
Some wallets, like Samourai and Bitcoin Core, let you freeze UTXOs, which would bar them from being consolidated in a new transaction. But Kotliar emphasized that most average users will not know how to navigate this feature.
To mitigate the impact dust has on the network, Kotliar has suggested raising the dust limit as designated by the Bitcoin Core wallet. Currently, most wallets are designed to cap transactions at 546 sats (0.00000546 BTC, or roughly 7 cents).Â
âBlocking these would be censorship, but maybe raising the dust limit makes sense,â Kotliar said, adding that his proposal âis a way to raise the topic and have other people weigh in on it.â
If this limit were raised, then it would be more expensive to execute a dusting attack. But, of course, this comes at the detriment of honest users spending small sums. If bitcoin were to go up in price dramatically, then the dust limit would have to be recalibrated so as to not price out smaller accounts from sending transactions.
Read more: To Beat Online Censorship, We Need Anonymous Payments
âIf the destructive action is cheaper than a constructive one, then we should fix it. In Bitcoin, we donât have a way of censoring things we donât like, but we can change these defaults to make it more expensive.â
Sergej Kotliar
Another fix, proposed some time ago by Bitcoin Core developer Peter Todd, involves wrangling dust UTXOs and spending them in a CoinJoin transaction to preserve privacy. In a back and forth on Twitter discussing Toddâs âdust-b-goneâ proposal, a representative for Samourai indicated the privacy wallet is seriously considering adding such a feature in the future.Â
Thereâs no guarantee that raising the dust limit would clean this problem up for good.
âIâm not sure that raising the dust limit would prevent this,â Ergo, a pseudonymous analyst for OXT Research, told CoinDesk, though it would âcertainly [be] a deterrent.â
Blockchain analysts, for example, may still be willing to stomach the premium to send dust if the limit is raised, especially if they have high-dollar contracts with government agencies.Â
Still, it may deter some bad actors from wasting block space on trivial transactions. Bitcoinâs blockchain keeps a record of every transaction ever executed on the network, and thereâs only so much space per block to accommodate new transactions; dust, then, causes unnecessary bloat on Bitcoinâs transaction ledger because blockspace that may have been used to accommodate legitimate, larger transactions is instead devoted to transactions worth pennies.
Read more: Inside Chainalysisâ Multimillion-Dollar Relationship With the US Government
And the pennies (or satoshis) add up. In the most recent dusting attack to hit the Bitcoin network, for instance, Ergo has traced some 84,000 dust outputs from 146 transactions to an entity that appears to be advertising an obscure Bitcoin SV messaging application. Each transaction includes a message directing users to the application. (Kotliar noted, âThis does not appear to be a malicious attack.â)Â
The apparent advertising campaign has cost the BSVers roughly 1.147 BTC, according to the most recent figures produced by Ergo, and the attackers have spent three times more on fees than the dust itself. Ergo told CoinDesk that this round of dusting began on Aug. 4 and has been âfairly consistent.â
Jensen mentioned that promotional dustings like this are not uncommon. At the end of 2018, for instance, 100,000 addresses were dusted as a way to advertise the now-defunct mixing service Bestmixer.
