• Change outputs are bad for Bitcoin privacy because they allow third-parties to track payments.
• CoinJoins work as a solution to this issue, as they enable users to group up their UTXOs with other people’s coins without losing custody of them.
• While CoinJoins offer privacy advantages, they still produce a change output which can be linked back to the sender.
What Are Change Outputs?
Bitcoin transactions involve sending all the sats from an original address into new ones, creating a change output which is the amount you get back when making a payment. This creates an opportunity for third-parties to track related payments and identify who owns what addresses.
Why Are Change Outputs “Toxic”?
Change outputs are often referred to as “toxic” and bad for privacy because they make it easy for outsiders to track all related payments and undo years of diligent UTXO management. As such, change outputs have become one of the biggest issues in Bitcoin privacy today.
CoinJoins To The Rescue?
CoinJoin is a type of collaborative bitcoin transaction that enables users to group up their UTXOs with other people’s coins in order to gain more privacy without ever losing custody of them. These transactions include multiple inputs and outputs from many different users, making it hard for outsiders to know who owns what after the CoinJoin is done. However, most implementations still produce a change output which can be linked back to the sender.
Minimum Amount Requirements
CoinJoins usually have minimum-amount requirements that users must meet in order to participate and most implementations still produce a change output whose amount could theoretically be anything but due to DoS attack threats it usually has equal denominations than others , creating high levels of obscurity for participants .
Conclusion
Change outputs are bad news for Bitcoin privacy as they enable third-parties track every transaction made with an address and even link them back together if needed. While CoinJoins offer some level of protection against this problem, they still need careful consideration when choosing denominations in order not create any easily identifiable patterns or change outputs that might give away user identities or data trails.