Taproot: Building a mixer
This article was first published on Dr. Craig Wright’s blog, and we republished with permission from the author.
BTC (Core) developers have recently instigated another major change, moving the BTC network further away from Bitcoin. Some reported of an “upgrade” (Tiwari, 2021). The reality, though, is that it presents a major change away from the original concept of Bitcoin; the use of a mixer built into the system degrades the operation of the system entirely. Taproot is said to be something that is designed to incorporate privacy (Maxwell, 2018). The reality is anything but a change designed for privacy; it is designed to facilitate the integration of money laundering into the system.
The false belief that some people in the BTC community hold lies in thinking that if you mix the inputs, the now “untraceable outputs” will no longer be seized, or be outside the area law enforcement can cover. The idea is that by mixing many inputs into a common pot, the outputs could no longer be traced. Meagher (2018) builds upon the work of Birks (1992) in detailing the common law and equitable foundations of tracing and following value. Yet, people make the mistake to think that creating a mixing pot removes the ability to trace or recover funds. It doesn’t. Rather, the law of tracing can follow through the pot, and the funds can be taken even from individuals who are not part of the fraud or crime associated with the recovery.
Identification of ownership rights in Bitcoin and in relation to assets on the Bitcoin blockchain through payments and mixtures would be an exercise in tracing. Lord Millett in Foskett v McKeown gave the justification for using tracing rather than following rules in such a scenario when he said:
Following is the process of following the same asset as it moves from hand to hand. Tracing is a process of identifying a new asset as a substitute for the old.
 1 AC 102, 127 (Lord Millett)
Bitcoin is an electronic property right in the nature of other digital assets such as carbon credits (Armstrong DLW GmbH v. Winnington Networks Ltd.  EWHC 10). Each transfer effectively presents the creation of a new asset. Bitcoin creates a ledger of input and output conditions. The currently unspent transaction is replaced with a new template when it is transferred to another user. Generally, a user with an unspent transaction that they control signs digitally (or otherwise authorises a transaction exchange based on the input transaction conditions) for the transfer to a new output script. The script transfer can be as simple as the exchange between one public key and another or much more complex, including programmatic exchanges based on input conditions. In effect, a ledger is updated to say that one entry has been moved to the control of another party. Only the final unspent transactions remain as assets. The spent transaction remains in the ledger as evidence of the transfer, and is no longer property as such.
A tracing exercise references the coin (bitcoin) value associated with the movement from one unspent transaction output (UTXO) to a new output string that remains of interest. It could be argued that such a transfer process is analogous to the tracing of payments through incorporeal bank balances.
Traceability on Blockchains
Bitcoin is an immutable evidence system. All transactional history is recorded within the blockchain. Consequently, inputs and outputs can never be mixed absolutely. Even where multiple inputs and outputs from multiple parties are processed through systems known as mixers (Gordon, 1994), the total inputs and outputs will always be represented on the blockchain. The original coin, with any that it is mixed with, and any fractional outputs are verifiable on the system.
Consequently, it is not possible to completely lose the distinguishing features of an individual bitcoin. As such, bitcoin differs markedly from ordinary coins and banknotes. Ordinary coins and banknotes fail to maintain a record of the transactional history as they move from individual to individual. The lack of such records has proven to add a level of difficulty to the tracing of banknotes and coins, requiring the claimant to prove the transactional history through extrinsic evidence and artificial rules of identification. On the blockchain, even though output addressing does not point to identities, and parties involved may be pseudonymous, the path taken by a coin to be traced may always be followed.
As a result, any coin may be traced at any level of mixing or movement through the system. The difficulty lies in unscrambling a complex mixture of multiple inputs and outputs. The identification processes used by courts when analysing mixtures will apply, but could be complicated by the sophistication of systems used to mix proceeds.
The process of following the transactional history of a coin is complicated by the pseudonymous nature of the system. The transactional history of Bitcoin itself is traceable, but extrinsic evidence linking the blockchain to people’s identities in the physical world is required. Bitcoin thus differs from traditional currencies and bank accounts, under the traditional law of tracing, in the sense that the plotting of the passage of money from the source to the destination has been simplified. Still, the identification of the parties involved may increase in complexity.
In cases where an individual has had a private key (or other means to control the movement of a particular Bitcoin token) stolen, it may not be necessary to identify the real person involved to sue for the recovery of goods and property.
Commingling: The Taproot Mixer
In monetary terms, when a set of different input values is commingled, it is effectively co-mingled or mixed until blended. Such mixing is the impact of the changes to the BTC protocol. Yet, the reality is far different, despite the rhetoric about keeping funds from being traced. The principle goes back to Roman times, with the laws of confusio and commixtio (Long, n.d.). In the first instance, the mixing of liquids into a single whole is referenced. The example would be analogous to the mixing of account-based systems such as Ethereum. Alternatively, as with Bitcoin and derivative systems, including the BTC network, we can have individualised and separable tokens (such as satoshis), whereby the correct term would be commixtio, referencing the mixing of solid things such as grain.
Commixtio is most apt as a set of separable tokens is commingled or mixed into a virtualised pot. They can, of course, be separated. Then, through the separation, the items can be followed, because the Bitcoin blockchain necessitates that a traceable ledger is always maintained. Such mixing is not a problem for the law. Suppose ten individuals each put ten tokens into a pot, and it turns out that one of the individuals has incorporated tokens that are not legally theirs. In such a case, the stolen tokens are simply taken out of all of the proceeds.
In any instance where a mixer has been used, there are no innocent individuals. Any party that decides, of their own volition, to use a mixer has foregone any rights to argue when the proceeds of what they receive are seized. So, if each of the individuals mixing to the virtual pot now takes out ten mixed coins, on average, the tainted ten coins will taint each of the recipients equally. What ends up happening is that each of the recipients loses 10% of their coins, even though they had nothing to do with the tainting activity that would lead to the seizure of coins. Nobody forced people to use a mixer. Consequently, anybody using the mixer would be deemed not to be innocent.
Such use of Taproot creates a form of ownership in common. Yet, the more traditional way of transferring bitcoin relies on the rules of accession. Waghorn (2021) documents the common law methodology used for sorting out mixtures of property. The author provides the remedies by analogy with sheep. Any group of fungible items, including Bitcoin tokens as individual satoshis, can fall under the same rules. The BTC (Core) developers seek to create a system that results in confusio or the creation of a new thing. But, despite the mixing, each individual token within Bitcoin remains separate. Here lies the reason why Bitcoin was created as a token system where individual tokens are indivisible.
Despite the rhetoric, Taproot does nothing to protect privacy. On the contrary, the mere use of Taproot invalidates many transactions. Specifically, it is required that all the individuals inputting and outputting transactions in the Taproot mixer maintain a complete set of identities and records that can be used to validate all of the transaction sources. Under existing legislation and the new US infrastructure bill, any failure to do so could be considered a felony. So, before you start believing the hype surrounding mixers being incorporated into Bitcoin as a good thing, think it through, and notice that all the people are doing is building a system designed to make all the users of the system criminals. Facilitating money laundering is in itself a crime.
Birks, P. (1992). Mixing and Tracing: Property and Restitution. Current Legal Problems, 45(2), 69–98. https://doi.org/10.1093/clp/45.Part_2.69
Gordon, J. E. (1994). Prosecutors Who Seize Too Much and the Theories They Love: Money Laundering, Facilitation, and Forefeiture. Duke LJ, 44, 744.
Long, G. (n.d.). Confusio. penelope.uchicago.edu.
Maxwell, G. (2018, Jan 23). [bitcoin-dev] Taproot: Privacy preserving switchable scripting. Linuxfoundation.org. https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-January/015614.html
Meagher, J. J. (2018). Claims to Traceable Proceeds: Law, Equity and The Control of Assets. Trusts & Trustees, 24(7), 722–724.
Tiwari, A. (2021, Nov 13). Bitcoin Taproot upgrade improves the network as BTC price impact may be limited. Cointelegraph. https://cointelegraph.com/news/bitcoin-taproot-upgrade-improves-the-network-as-btc-price-impact-may-be-limited
Waghorn, A. (2021). Sorting out mixtures of property at common law. The Modern Law Review, 84(1), 61–88. https://doi.org/10.1111/1468-2230.12572
Source: Read Full Article