As we all know, Bitcoin has one feature that pleases a lot of users: it assures privacy. But, on the contrary, cryptocurrency might be opening a Pandora box for some companies that accept digital coin , like Foodler or the new Bitfash. Since all Bitcoin transactions are publicly recorded on the Bitcoin peer-to-peer network, you just need to know the Bitcoin address of the company to track all other payments made to that address.
If there are no special security measures, “it’s very easy for merchants to inadvertently expose the details of their supply chain, their finances, and their spending habits”, says Christian Dumontet, one of Foodler’s founders.
To fight this possibility, merchants have a way out: they can create a unique Bitcoin deposit address for each sale. However, this is more a temporary solution and ends up posing a similar problem. When the merchant needs to pay for supplies or convert the Bitcoins into a fiat currency, the company usually bundles all of those deposits together and, like this, they could still be giving someone (like a mean competitor) the chance of tracking all their Bitcoin transactions.
It’s no easy to pull an attack like this, but it’s also hard to keep all your data private. According to Gaven Andresen, chief scientist at the Bitcoin Foundation. “Bitcoin transaction privacy is really complicated. If you want to be sure that your transactions are going to be private, then you probably need to hire a cryptography PhD to analyze your system. It’s definitely a concern, and it’s definitely part of the reason I say that Bitcoin is an experiment”, says the expert.
For instance, Foodler has figured out a way of making their trail of Bitcoin crumbs less easy to find. The company has written its own software, which subdivides their daily balance into a random number of components. These components are then mixed in order to obscure the trail of transactions. Christian Dumontet assures that, “by randomizing both the amounts and the length of the chain, it becomes very difficult to know whether it’s still under our domain or not”.