All articles

Bitcoin privacy: how to protect your financial identity

A guide to Bitcoin privacy: UTXO, CoinJoin, Wasabi, Ashigaru and JoinMarket explained in plain English. Protect your financial identity with concrete tools.

Bitcoin privacy: how to protect your financial identity

Bitcoin is not anonymous by default. Satoshi Nakamoto knew this, and wrote it clearly in the whitepaper: transactions are public and pseudonymous, not private.

Bitcoin privacy is not an optional extra for paranoids. It is a fundamental skill for anyone who wants to truly exercise sovereignty over their money. This guide explains how the Bitcoin blockchain works at the traceability level, what UTXOs are, and what concrete tools you can use today to increase your financial privacy.

Why Bitcoin is not anonymous (and what that really means)

When you buy bitcoin on an exchange, that exchange knows your identity. You know this is the case: you went through KYC, uploaded your ID, provided your bank details. At that point, your exchange associates your real identity with every bitcoin address it has given you.

From that moment on, every transaction you make is public on Bitcoin's distributed ledger. Anyone - your exchange, tax authorities, blockchain analytics firms like Chainalysis or Elliptic - can in theory follow, with a reasonable degree of confidence, the path your bitcoin takes across the entire chain.

Authorities in numerous countries use these tools for investigations. Exchanges have reporting obligations. The point is obviously not to engage in illegal activity. The point is that financial privacy is a fundamental right. Do you know how much money your neighbor earns? No. Do you know how much they spend on rent, groceries, vacations? No. Because that is their private information, which in a healthy system should not be public.

With bitcoin that is not properly managed, that information becomes public to anyone who knows one of your addresses.

What UTXOs are and why they matter for privacy

To understand Bitcoin privacy you need to understand the UTXO model. It is the foundation of everything.

UTXO stands for "Unspent Transaction Output" - literally, a transaction output that has not yet been spent. Every time you receive bitcoin, you receive one or more UTXOs. Every time you spend, you consume those UTXOs and create new ones.

Think of UTXOs as physical banknotes. If you have a UTXO worth 0.1 bitcoin and want to spend 0.07 bitcoin, you cannot "cut" the UTXO like a piece of paper. You must spend the entire 0.1 UTXO and receive back 0.03 bitcoin as "change" to a change address.

This mechanism is extremely efficient but has privacy implications:

  1. The change problem. When you have a 0.1 bitcoin UTXO, spend it for 0.07, and receive 0.03 in change, anyone analyzing the blockchain can clearly see that the 0.03 probably belongs to the same owner as the 0.1. This links your addresses together.

  2. UTXO consolidation. If you combine multiple UTXOs in a single transaction, you are telling the blockchain that all those UTXOs very likely belong to the same entity.

  3. Address reuse. Reusing the same bitcoin address is the worst way to manage your privacy. All modern wallets generate a new address for each receive precisely for this reason.

  4. The dust attack. An attacker can send you small amounts of bitcoin to addresses they believe are yours. If you then consolidate those UTXOs with your other funds, you have confirmed the link between addresses they wanted to verify.

Good practices before advanced tools

Before talking about CoinJoin, it is worth pausing on basic behaviors. Many people skip the fundamentals and look for advanced technical solutions, when the main problem is simpler.

Use a non-custodial wallet with automatic address generation

Keep your bitcoin in a wallet where you control the private keys. No exchange, no custodian. On the privacy front, every decent non-custodial wallet generates a new address for each receive. Use it: never share the same address twice.

Choose KYC sources carefully

The source where you buy your bitcoin is the entry point into the transaction graph. If you buy on a KYC exchange, that exchange knows you hold bitcoin and knows your withdrawal address.

Alternatives exist: peer-to-peer purchase through platforms like Bisq, RoboSats, HodlHodl, or Peach Bitcoin. Every sat acquired outside the KYC system is a "clean" sat from a traceability perspective.

Separate funds by purpose

Good on-chain financial hygiene means keeping funds separate based on use. The bitcoin you have accumulated over time should never end up in the same wallet you use for daily transactions.

Connect to your own node

When you use a wallet that is not connected to your own node, you are broadcasting your information requests to third-party servers. Those servers know which addresses you are monitoring. Connecting Sparrow, Electrum, or similar to your own full Bitcoin node eliminates this de-anonymization vector.

CoinJoin: the technical tool for on-chain privacy

CoinJoin is the main technique for increasing the privacy of Bitcoin transactions already on the blockchain.

The concept is simple: instead of making a transaction alone (from me to you), multiple users combine their UTXOs into a single transaction with multiple outputs. This way, an outside observer cannot determine with certainty which input corresponds to which output. The deterministic link between old UTXOs and new UTXOs is broken.

Gregory Maxwell proposed the concept in 2013. The three main implementations today are: Wasabi Wallet, Ashigaru, and JoinMarket.

Wasabi Wallet: automatic and accessible

Wasabi Wallet is an open source desktop wallet for Windows, Mac, and Linux. It implements the WabiSabi protocol, which allows transactions with variable amounts.

You download the wallet, put your bitcoin in it, and configure a mixing strategy. The software does the rest automatically. All communications and transactions pass through Tor. The wallet uses BIP-158 client-side filters to avoid revealing your addresses to external servers.

Historically the coordinator was run by zkSNACKs Ltd, which shut down the service in June 2024. The community responded with alternative coordinators like Kruw. Today multiple coordinators exist, making the ecosystem more robust. From Wasabi 2.2.0.0 onwards, the wallet itself charges no fees of its own - you only pay mining fees.

Pros: accessible interface, automatic process, zero proprietary fees. Cons: depends on a coordinator, desktop only, no mobile app.

Whirlpool / Ashigaru: the Zerolink privacy comeback

Whirlpool was Samourai Wallet's CoinJoin implementation. In 2024 US authorities arrested the founders on money laundering charges - a troubling precedent: developers charged not for what they did with the funds, but for building a privacy tool.

The community responded: the protocol was relaunched by Ashigaru, an independent open source project available at ashigaru.rs.

The workflow is in two phases: an initial Tx0 that separates the "toxic" change from the UTXOs destined for mixing, then mixing rounds with fixed-size outputs. After the first mix, it is possible to participate in additional rounds for free, increasing the anonymity set at no extra cost.

Fee: 5% on the pool value at entry, then free remixing.

Pros: uniform outputs (greater privacy), free remixing, greater decentralization. Cons: 5% entry fee, less immediate interface, requires more manual intervention.

JoinMarket: the pure peer-to-peer model

JoinMarket is the veteran - announced by Chris Belcher in 2015, and still today the most decentralized option available.

It uses no central coordinator. It works with a peer-to-peer market between makers (who provide liquidity and earn fees) and takers (who pay to use that liquidity). Communications happen via Tor. The protocol is trustless: every user always signs with their own private keys.

To become an attractive maker it is useful to create a Fidelity Bond: you lock a quantity of bitcoin for a set period, demonstrating commitment and discouraging Sybil attacks. It is an elegant mechanism: the security of the protocol is guaranteed economically, not by a central entity.

JoinMarket is primarily a command-line tool. For those who want a graphical interface there is Jam, particularly recommended for its usability.

Pros: maximum decentralization, ability to earn fees as a maker, full control over UTXOs. Cons: steep learning curve, requires a node, less accessible interface.

Direct comparison

| Criterion | Wasabi | Whirlpool/Ashigaru | JoinMarket | |---|---|---|---| | Ease of use | High | Medium | Low | | Decentralization | Medium | Medium | High | | Uniform outputs | No | Yes | No | | Proprietary fees | 0% | 5% entry | Market | | Node required | Recommended | Recommended | Required |

If you are just starting out, Wasabi is the most accessible entry point. If you want maximum decentralization, JoinMarket is the most consistent choice. You do not have to choose just one: some users use different tools for different use cases.

Privacy after CoinJoin: what to do (and not do)

Doing CoinJoin and then behaving carelessly undoes all the work. The most common mistakes to avoid:

Do not consolidate mixed outputs with unmixed UTXOs. It is the fastest way to link "clean" funds with traceable ones.

Do not send mixed outputs to known addresses. If you send mixed bitcoin directly to your KYC exchange, you have undone the mixing.

Handle change carefully. After every transaction there is a potentially traceable change UTXO. Keep it separate.

Use Lightning Network for small transactions. Lightning transactions do not appear on the public ledger. For daily payments of small amounts, Lightning already offers a good level of operational privacy.

Use Tor when broadcasting transactions. The node that first receives the transaction knows your IP. Broadcasting via Tor hides this information.

The regulatory context: why Bitcoin privacy is increasingly urgent

In February 2026 the European Parliament approved two amendments unlocking the development of the digital euro. Christine Lagarde used precise words: "I implore you to move forward". The ECB estimates the CBDC could be operational by 2029.

In this context, financial privacy is not a technical whim for cryptography enthusiasts. It is the concrete response to a system that is equipping itself with the tools to know exactly what you do with your money, when, where, and why.

Bitcoin does not automatically guarantee privacy. But Bitcoin, used correctly, allows you to build a level of financial privacy that no CBDC system will ever be able to offer.

Recommended wallets for Bitcoin privacy

Sparrow Wallet - Desktop, open source, excellent for UTXO management, native integration with CoinJoin via Whirlpool/Ashigaru. The most complete wallet for those who want granular control over their on-chain privacy.

Wasabi Wallet - Desktop, open source, CoinJoin integrated with WabiSabi. The easiest way to do CoinJoin without advanced technical skills.

Electrum - Desktop, open source, extremely configurable. No native CoinJoin, but ideal if you want to connect to JoinMarket. Built-in Tor support.

Bull Bitcoin Wallet - Mobile, open source, with native PayJoin integration. Ideal for both beginners and advanced users.

Want to dig deeper into how to protect your on-chain financial privacy? Book a consultation for 30 minutes.

Every week on Bitcoin Train - analysis and in-depth coverage of Bitcoin.

Related guides

How to buy Bitcoin without KYC: the 2026 guideBitcoin self-custody: the definitive guide 2026Lightning Network: what it is and how it works

Have questions about this topic? Book a 30-minute Bitcoin technical consulting session.

Book a consultationSubscribe to Bitcoin Train