How to keep your Ethereum address from privacy cavities
Three simple steps to preserve privacy on your online Ethereum wallet address
Speaking of privacy…grab a Ledger hardware wallet this week for 20% off…use “BANKLESS”
Dear Bankless Nation,
You know what happens when you don’t brush your teeth Ryan? My mom used to say.
They’ll rot right out of your head!
Ethereum address hygiene is like this. You put the time in upfront to keep your address private, or you pay for it later…and privacy cavities hurt!
Taking the right precautions takes just a few minutes but can save you a fortune.
And there’s a balance to be found. You don’t have to setup ETH wallets using freshly mined ETH from airgapped machines connected through tor every time. For some addresses, mostly private is enough privacy.
James teaches you how to protect your Ethereum wallet address in 3 simple steps. (And he doxxed me in the process…but if it saves your privacy…worth it! 😉)
Don’t wait to do this later—do it now. Do it regularly.
You don’t wait to brush your teeth til you have a cavity…you do it every day to prevent cavities.
P.S. We’ve launched the Bankless Merch Store — rep the Bankless Nation with the essentials!
We just released episode 12 of SOTN—POSITIONING
📺 Watch State of the Nation #12: — POSITIONING w/ Mariano Conti
YEARN DEEP DIVE (yETH is HUGE), THE ETHEREUM GOLDEN AGE, SUSHI VS UNISWAP & ETH’S P/E IS HILARIOUS
We’re now live streaming State of the Nation—join us at 10am EST every Tuesday!
Tactic #53: How to protect your financial privacy and secure your ETH address in 3 steps
If you have a sizable crypto portfolio, it makes you a target for nefarious thievery via social engineering, hacking, or plain old $5 wrench attacks. It’s important to never let anyone know your full portfolio, denominations, or anything else you can help keep private.
In other words, stack stas and get gwei…but keep it close to your chest.
Today let’s dive into how to avoid doxxing yourself by maintaining pseudo-anonymity when transacting on Ethereum.
Goal: Create specific public and pseudo-private accounts for using DeFi
Effort: 30m of planning and moving funds
ROI: Potentially protecting 100% of your assets
Say hello to Ryan’s money
I want to show you something.
It’s how much money is currently associated with Ryan Sean Adams’s address via his public ENS name, rsa.eth (sorry Ryan!). We can easily trace what addresses the money came from, where he sent it, and what DeFi platforms he’s using (none?!).
Now, I’m no sleuth. Anyone can see this information with ease by plugging in any ENS or Ethereum address into practically any Web3 tool like Zapper.fi. This is because Ethereum transactions are permanently public; hopefully this isn’t a surprise to you.
Whenever you use your account to send, receive, or otherwise participate in DeFi & Web3, you’re leaving your digital fingerprints behind—forever.
Anyone can connect those dots and find out that you have at least $56,000 of crypto.
This can make you a target for hackers, thieves, and nosy mother-in-laws.
Don’t make yourself a target. Protect yourself and mitigate your risk by practicing good bankless hygiene.
If you take nothing else away from this post, take this: train yourself to use a public account for public things and private account for private things.
Your public account owns your named ENS. It’s the one associated with your God’s Unchained account. It’s the one you use to send 20 dai to your roommates' friend for bringing beers. It’s like a physical wallet that you keep $50 in when you go out in case you want eight burritos from the food truck.
You wouldn’t bring your entire savings account with you to the club, right?
You’d keep your savings in your private account. It’s the one with your private collection of NFTs. It’s the one that you keep your heavy Dentacoin bags in so no one will ever know your shame. You don’t tell people how much money you have in your private account.
Separate your public and private use—and never connect those accounts publicly.
How to create (and keep) your public and private accounts
1. Create new accounts
Whether you use Ledger or MetaMask, it should be easy to create multiple new accounts to manage funds with. While you’ll at least want one public and one private, consider spreading your risk among multiple public and private accounts. Separate private accounts for DeFi and holding will probably be a good way to keep your funds safe from yourself, too!
If you’ve only ever had one account, it might be safe to assume it’s the public one. Alternatively, make sure to sift through your history of transactions to double-check before assuming it can be the private account.
You could also choose to burn it all down and create brand new accounts to transfer all your assets to (NFTs included) - and make sure to keep your keys, just in case.
Ultimately, you might end up with:
1 public account for ENS & Crypto Twitter
2+ public accounts for playing God’s Unchained and other email-connected NFT games
1 private account for straight up holding
2+ private accounts for DeFi degeneracy
1 secret public pseudonymous account for subtweeting maxis
2. Reset your allocations
Now that you have designated public and private accounts, move your funds.
Just don’t transact directly between them. This puts a permanent connection between your two accounts on-chain and a clever investigator might deduce the truth.
Instead, always route your funds through a centralized exchange or a mixer.
CEXs act as mixer due to the nature of how they shuffle transactions - if you do it right, the money you withdraw will not come from the same address that you deposit. Split your withdraws into two or three separate transactions over a day or two to maximize this shuffle.
Of course, transacting through a CEX leaves you open to their KYC & analytics. If you want to maximize your privacy, send your money through a mixer like Tornado Cash (over a few weeks) and no one will know what address you send it to.
(Above) Ethereum native privacy mixer - Tornado Cash
3. Don’t cross streams
As mentioned above, do not transact between your public & private accounts.
It would be pointless to do all the work for creating these separate accounts, redistributing your funds through a mixer, and paying all those transaction fees only to dox yourself with a payment from the wrong account or “just moving some money around”.
You might even want to use Brave, a VPN, and even Tor to ensure that session data is undeniably separate.
(Above) Brave’s Tor window for hiding your IP
Go forth and profit - privately
Now that you have your accounts separate, you can make as much money as humanly possible. You’ll never have to worry about your friend from school ever asking for some crypto “because you already have so much, I just want $100 man, c’mon”.
But all of this sounds kinda annoying...
Privacy & security are annoying if you’re doing it right!
But realistically it will only take you a few hours, maybe a few days, to set up the proper system. After that, it’s just working that privacy muscle to ensure you never dox yourself. And if you do it right, it can save you a fortune - literally.
Stay safe and be annoyed sometimes. It’s worth it.
James Montgomery is a Web3 proselytizer and frontend engineer building at Gemini, a U.S. regulated crypto exchange founded by the Winklevoss Twins (listen to the Bankless podcast with them!). We found James from his awesome writing on financial privacy — make sure to check it out!
Set up public & private addresses to ensure you don’t dox yourself like Ryan
Use a crypto exchange or Tornado Cash to keep your transactions private
(Note: if you use a crypto exchange…it has a full record of your transactions)
Level up on privacy with these other tactics:
🙏Thanks to our sponsor
Aave is an open source and non-custodial protocol for money market creation. Originally launched with the Aave Market, it now supports Uniswap and TokenSet markets and enables users and developers to earn interest and leverage their assets. Aave also pioneered Flash Loans, an innovative DeFi building block for developers to build self-liquidations, collateral swaps, and more. Check it out here.
Not financial or tax advice. This newsletter is strictly educational and is not investment advice or a solicitation to buy or sell any assets or to make any financial decisions. This newsletter is not tax advice. Talk to your accountant. Do your own research.
Disclosure. From time-to-time I may add links in this newsletter to products I use. I may receive commission if you make a purchase through one of these links. I’ll always disclose when this is the case.