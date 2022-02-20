AOPP (Proof of Address Ownership Protocol) is an algorithm that allows you to validate ownership of a Bitcoin or Ethereum address. The existence of this type of tool is due to the recommendations of the FATF (International Financial Action Task Force) in the fight against money laundering and financing of terrorism. This organization advises member countries to require that each cryptocurrency exchange validate which address belongs to each user.

The use of AOPP by some wallets has generated controversy about whether or not this protocol is a violation of the privacy of Bitcoin users. However, the violation stems not so much from the use of AOPPs, but from government regulations and the FATF recommendations. The protocol, according to its creators, is just an “improvement in the user experience.”

What is AOPP and how does it work?

AOPP is a Bitcoin and Ethereum address validation protocol. Its operation is based on signing an encrypted message from the wallet that does not entail any type of cost. The message is an identifier that the exchange uses to confirm the validation process and is signed with the private key of the address to be validated. Verification is only done once for each address the user needs to verify.

The AOPP development was led by the company 21 Analytics, in collaboration with Shift Crypto (The latter is the developer company of the BitBox2 wallet).

AOPP applies when you interact with a VASP (Virtual Asset Service Provider), whose definition encompasses bitcoin and cryptocurrency exchanges and platforms.

As to whether its use is mandatory, it is only applied under the strict requirement of the VASP. If a wallet includes it in its software, it does not mean that there is some kind of identification verification or tracking of all transactions.

The protocol seeks to “improve the user experience” —as explained on its web portal— within the VASPs that have begun to apply the FATF recommendations. At the moment, only Switzerland and the Netherlands require verification of ownership on a mandatory basis.

Before AOPP, this process was done through what is known as “Satoshi Proof” which is based on sending an exact amount of bitcoins to the address. Another alternative requires sending a screenshot from the wallet that integrates this Bitcoin address.

In the new protocol, it is worth clarifying that it is the cryptocurrency exchange (not AOPP) that is in charge of linking a user’s information with their wallet. The platform requests an identity verification (KYC-AML) from this user.

Regarding the verification process, as shown in the AOPP explanatory video, the VASP will generate a QR that can be scanned from any wallet compatible with the protocol. The message to be encrypted will be displayed in the wallet, which will consist of any type of information defined by the VASP. Subsequently, the user will only have to “sign” the message, and the verified address will immediately be reflected on the VASP web portal.

An explanatory video on the AOPP website shows how the AOPP verification process works. Source: 21 Analytics/ YouTube.

As expressed by the web portal itself, communication is only made between the exchange and the user’s wallet, with AOPP serving only as an intermediary.

AOPP and the violation of privacy

The AOPP website explains that it is a “simple, automated solution to provide proof of ownership.” If we stick with that definition alone, AOPP could be considered harmless because, by itself, it does not compromise the user’s privacy.

Despite being an optional tool, the privacy of Bitcoin wallets is at stake. The proof of participation or verification of possession of a Bitcoin address is carried out on a single address. Bitcoin wallets known as HD (“hierarchical-deterministic”) are generated from a recovery seed and offer the possibility of using multiple addresses in the same wallet.

However, it is enough that a single address has proof of ownership and that the information of a user is linked with an address in Bitcoin, so that all the addresses of the wallet may be compromised.

Transaction within a block on the Bitcoin blockchain. Source: mempool.space.

A Bitcoin transaction can contain multiple inputs and multiple outputs. In an HD wallet, the application or software is responsible for putting together a transaction, using the UTXOs of the different addresses within the wallet. In the image above, to send a total of 0.05 BTC, funds from 3 different addresses were used. Each direction is not related to the others, until that are merged into one transaction. Meanwhile, they can exist without knowing —at the network level— that they belong to the same wallet.

Because of this operation of the Bitcoin protocol, if one of the inputs used has gone through an AOPP process, the rest are compromised. Blockchain analytics companies like Chainalysis, who have developed tools for VASP platforms, can easily track the number of addresses a user owns. They achieve this by simply verifying the tenure of a single transaction.

For some users, the use of AOPP, leaving the privacy of Bitcoin behind, is “subservience to the system”. Source: @Lunaticoin/Twitter.

On all this, the AOPP web portal argues, although it says it with sweetened words, that the massive adoption of bitcoin requires leaving privacy behind, in favor of going hand in hand with the demands of international regulations.

To support or not to support AOPP? That is the question for the wallets

After the release of this tool, several wallets included the AOPP protocol in their software, which, as already described, is “optional” to use. Its use is limited to any user who needs to interact with an exchange that complies with the aforementioned regulations.

Despite being an optional use tool, after knowing the inclusion of AOPP in several wallets, an important part of the bitcoiner community stated that the decision went against the precepts of Bitcoin. They even commented that they would seek to change walletswhich was seen in several tweets in response to Trezor’s ad.

In addition to Trezor, wallets like BlueWallet also included AOPP in their software. Days after announcing it, they retracted and reported that they would remove the protocol from their wallets, not before to declare that the use of AOPP is to comply with FATF regulations: “if you don’t like the FATF, you have to complain to your politicians.”

The AOPP web page picks up the comment of Limp Brains, one of the main developers of AOPP. Source: AOPP group.

BitBox02, another of the wallets that was involved in the controversy, has not yet made any statements regarding whether or not it would withdraw the protocol from its software. However, it should be remembered that Shift Crypto, the company behind BitBox02, collaborated with 21 Analytics for the development of AOPP.

BitBox02 great device. I still use and recommend it. AOPP is only important if you buy from Relai, Pocket etc. If you have funds without KYC no problem. Thanks for the words — Lunaticoin ⚡ (@lunaticoin) February 10, 2022

For AOPP, the withdrawal of its protocol from the different wallets was due to “social pressure” and also due to “fear of cancellation culture”, considering its use does not entail any type of privacy failure.

AOPP at the service of regulations

AOPP is not a regulation, but a tool that facilitates compliance with regulations. The use of the protocol is optional, but it becomes mandatory for exchange users in jurisdictions that require them to verify the holding of cryptocurrency addresses.

The use of AOPP is not directly required by VASPs. If this protocol did not exist, manual verifications would be carried out, such as the Satoshi test.

For Chainlysis, the use of self-custody wallets can be a problem, since cryptocurrency exchanges and platforms must verify the identity behind each address. That is why the recommendation of the use of AOPP is made. However, if this verification task is impossible, the analysis firm proposes a possible scenario in which VASPs could even prohibit the use of addresses from this type of wallet.

In which countries is AOPP used?

For now, only two countries have applied the so-called “travel rule” that requires the use of AOPP: Switzerland and the Netherlands. Although for now they are the only ones that are demanding the use of this protocol, the 21 Analytics website highlights a list of 13 countries that are in the process of or have already implemented this regulation. This list also includes the European Union area, so it could affect users residing in Spain.

Verification of possession varies according to each country corresponding to the amount of

funds to withdraw. In the case of Switzerland, it is for any amount greater than 0. Source: 21 Analytics.

With or without AOPP, regulators track transactions

AOPP is not the one who subtracts privacy from users, it is only the means used for that purpose. According to its own web portal, the identity verification that is carried out through AOPP is with information that the exchange already has. The privacy flaw starts the moment the user verifies her identity on the platform, not by using AOPP.

Companies like Elliptic or Chainalysis track user information without the need for them to go through these address verification processes. By simply linking a user’s identity from an exchange to a withdrawal address, funds can be tracked.

However, Bitcoin mixers can present themselves as a “stone in the shoe” for these types of companies, since they limit their field of transaction tracking. That is why scenarios have been proposed in which the use of self-custody purses is prohibited.

The future of AOPP for now is uncertain. However, regulations continue to advance and more and more countries require verifying ownership of an address. This, perhaps, can be translated into a massive adoption of the AOPP protocol with an optional use, for different wallets.