[bisq-network/bisq] Big privacy issue (Issue #6159)
Ersuin
notifications at github.com
Sun Apr 24 23:37:16 CEST 2022
<!--
SUPPORT REQUESTS: This is for reporting bugs in the Bisq app.
If you have a support request, please join #support on Bisq's
Matrix Space over at https://bisq.chat
-->
### Description
Visible onion addresses are a big privacy issue: as long as onion address-based tags can be set or simply viewed, different offers taken or made by users can be interconnected. For example, if a user wants to exchange F2F without giving any personal data, an attacker could take that offer and then analyze all the new offers that this user could create (this is very easy if he only has to put a label). In this way, if the user creates a SEPA order, the attacker could have the face, first name, last name, the bank and the meeting city. The same happens if a bizum offer is created.
This destroys all the privacy of a regular Bisq user, because over time, a malicious attacker could interrelate the different offers that a user takes and thus create a profile with all his information.
My idea is to keep the possibility of tagging a payment account, but nothing further than that. This label will not be maintained in any case between new payment accounts, nor will the onion address be displayed. Ideally, no one could relate that 2 payment accounts belong to the same user.
#### Version
1.8.4
### Steps to reproduce
<!--if you can reliably reproduce the bug, list the steps here -->
### Expected behaviour
<!--description of the expected behavior -->
### Actual behaviour
<!-- explain what happened instead of the expected behaviour -->
### Screenshots
<!--Screenshots if gui related, drag and drop to add to the issue -->
#### Device or machine
<!-- device/machine used, operating system -->
#### Additional info
<!-- Additional information useful for debugging (e.g. logs) -->
--
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/issues/6159
You are receiving this because you are subscribed to this thread.
Message ID: <bisq-network/bisq/issues/6159 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20220424/fedcf65d/attachment.htm>
More information about the bisq-github
mailing list