Wasabi Wallet mixing is broken
4 min readDec 28, 2020
- Wasabi user account is flagged at BitFinex and this is pointed out by anonymous tweets thus causing Wasabi Lead Dev Nopara73 to dox competitor who he suspects is spreading the (true) facts about Wasabi’s poor implementation. https://web.archive.org/web/20200128233910/https://old.reddit.com/r/WasabiWallet/comments/beqj8r/bitfinexlockaccount/ https://twitter.com/sthenc/status/1251655851443515393
- There have been 5 documented cases of coinjoins being flagged by exchanges and brokers. All have concerned Wasabi. Rather than fix recurring issues with their implementation, Wasabi claimed that the problem was due to an anti-coinjoin campaign by KYC actors despite the fact that only Wasabi coinjoins have ever been targeted (Update: now 6 documented cases. See below.)
- 6 arrests each from PlusToken and WoToken scams. See OXT Research links below.
- Bitcoin address bc1q3zr88h3czss85xxp4lyyhes2xcgu7cg8vhcnzy is tagged as being BitClub. 700 btc into Wasabi via transaction 9a9cb20635db66de837685d01e7d00de9cc13c9bc80f7bcd1fe4f4173a4c503c. 3 arrests soon followed.
- Wasabi hires known scammer Cedric Dahl as paid shill. Dahl peddles bogus DNM stats and falsely claims to have subjected Wasabi to a battery of tests.
- Wasabi staff member doxes Wasabi corporate account via his own use of Wasabi wallet.
- Respected developer confirms that Wasabi ZeroLink is incorrectly implemented.
- PlusToken uses Wasabi, mixes unwound.
- China & North Korea entities use Wasabi, mixes unwound.
- Nopara73, Wasabi lead developer, “donated” a Wasabi mixed output (almost 0.1 BTC) to a scammer who was stealing funds from Wasabi users in the Wasabi Telegram chat. The “donation” took place in transaction 683aba09e87f02611842c698bad49f48734247358c673b48941f8075416a3d49 and the amount was thereafter sent to an address controlled by Huobi. This can be confirmed in the Wasabi Telegram chat logs.
- Wasabi lead developer publishes misleading usage statistics.
- Wasabi staff member admits providing liquidity to Wasabi via multiple wallets (Wasabi is self-sybilling and wash mixing).
- Serious red flag about Europol report and Wasabi collaborating with law enforcement.
- Explanation of how Lasarus Group mixes were unwound.
- More about the purported Europol report: closer examination of the PDF file reveals many major differences with other Europol EC3 reports available to the public via their website. As opposed to being a PDF-exported report with selectable text like all the others, the Wasabi report is a document made up of scanned images. In addition, the page template used for the Wasabi report is not used in any other EC3 report available which all use identical page layout and style templates.
- Wasabi Wallet caught using fraudulent data against a competitor.
- 114 new arrests of individuals associated with the PlusToken scam.
- 3 arrests following use of Wasabi wallet mixing by the #TwitterHack scammers.
- OXT Research identifies vulnerabilities in Wasabi Wallet mixing. Wasabi ignores disclosure and accuses OXT Research of “blackmail”.
- 6th instance of user account blocked due to proximity to Wasabi Wallet.
- Upon Wasabi’s refusal to acknowledge reported vulnerabilities, OXT Research publishes report which confirms that a modified Wasabi client can be used to observe the anonymity set without taking part in any actual mixes. Chain analysis companies and law enforcement have probably been doing the same thing for quite some time which would certainly explain the 132 arrests and the 6 blocked/flagged accounts.
- Wasabi Wallet linked to demise of Empire Market. Addresses were “peeled back”.
- Wasabi Wallet developer “NothingMuch” admits that he would never use Wasabi Wallet for DNM purchases and advises users to do likewise. It should be noted that “NothingMuch” is the same developer who teamed up with a business associate of Wasabi Lead Dev in order to provide a list of fake data in an attempt to make a security disclosure against a competitor.
- Security researcher 6102Bitcoin questions Wasabi Lead Dev on Wasabi’s ability to link user inputs registered in a same round. His request for comment is ignored and he is then Twitter-blocked.
- Security researcher 6102Bitcoin releases data on Wasabi symmetric address reuse. Symmetric address reuse occurs when a same address is used as both an input and an output in a same mix transaction. This is a huge flaw which degrades the anonymity set. After contacting Wasabi Lead Dev in order to disclose findings, he is banned from Wasabi chat rooms.
- After repeated reports on Dread submitted by many different users, Wasabi’s coinjoin implementation is classified as a scam by Hades Onion Directory.
- KuCoin hackers use Wasabi, mixes unwound.
- User ‘DominicG’ in Wasabi Telegram group reports that Voyager exchange is telling users not to deposit outputs from Wasabi or to use Wasabi after withdrawal.
