Every Bitcoin transaction is on a public ledger, forever. Chain analysis firms make a business of linking addresses to real identities and selling the results to governments and banks. Privacy on Bitcoin is not paranoia. It is basic operational hygiene for anyone who wants to stay in control of who knows what about their stack.
READING TIME: 8 MIN
Not legal advice. Privacy tools are legal to use in most jurisdictions but rules vary. Some exchanges treat CoinJoin outputs as suspicious on deposit. Figures and software availability marked [VERIFY] should be checked before you act.
Never reuse a Bitcoin address. Run your own node so your wallet is not leaking balances to third parties. Label every UTXO by source and never mix KYC coins with non-KYC coins in a single transaction. Use Tor where your wallet supports it. Consider CoinJoin if you genuinely need to break the link between KYC-linked coins and future spending. Payjoin helps on normal sends when both wallets support it. Privacy compounds: each habit by itself is small, but stacked together they are the difference between "trivially traceable" and "requires real work to deanonymize."
Every transaction is on a public ledger, forever. If one counterparty links a single address to your real identity, they can trace your entire transaction history backward and forward. This is not a hypothetical. Chain analysis firms (Chainalysis, Elliptic, TRM Labs) do this professionally and sell their findings to governments, banks, and exchanges.
The goal is not perfect anonymity. The goal is making deanonymization expensive enough that casual observers do not bother and serious observers need a warrant and time.
Never send to the same address twice. Never receive to the same address twice. Every new transaction should get its own new address, generated automatically by your wallet. Sparrow and most modern wallets do this by default.
Some exchanges have historically reused deposit addresses, which linked all your withdrawals to each other. Coinbase was a notable offender here for years [VERIFY current behavior]. Modern best practice is a fresh address for every deposit.
If you reuse an address, anyone can sum up its entire balance and history by querying the chain. A single reused address becomes a public ledger of everything you have received on it. This is the easiest privacy win available, and the hardest to undo once you have leaked it.
A BIP47 payment code is a static identifier, like an email address, that you can publish publicly. Senders use it to derive a unique one-time Bitcoin address for each payment they make to you. From the outside, every payment to you lands on a different address and nothing links them.
Samourai Wallet and Sparrow both support BIP47 (under the name "PayNyms" in Samourai). It solves the "I want a static tip address I can publish on my website" problem without actually reusing addresses on-chain.
A CoinJoin is a single large transaction with many inputs and many outputs, built collaboratively by multiple users. Outside observers cannot easily tell which output belongs to which input. The chain analysis heuristic of "all inputs must belong to the same entity" breaks.
Wasabi Wallet (using the WabiSabi protocol from 2022 onward) has been the leading CoinJoin implementation for Bitcoin [VERIFY 2026 status of Wasabi and JoinMarket]. The ecosystem has shifted several times and specific tools come and go. Check current recommendations before committing.
CoinJoin outputs are sometimes flagged as suspicious by KYC exchanges on deposit, even though the activity is entirely legal. If you plan to sell back to a KYC exchange, CoinJoin your coins and then wait, or route through an intermediate wallet to reduce the heuristic hit.
Payjoin is a lightweight "CoinJoin-lite" between just the sender and the recipient. Both contribute inputs to the transaction, which breaks the common chain-analysis assumption that all inputs in a transaction belong to the sender. To an outside observer, a Payjoin looks like a normal transaction, which is part of the point.
BTCPayServer supports Payjoin natively. Adoption is growing but not universal. When both sender and receiver wallets support it, use it. It is pure upside.
A Tor-capable wallet hides your IP address from the servers you connect to. Sparrow has Tor built in and can route all its connections through it with a single toggle.
Tor is essential if you are using public Electrum servers, because otherwise the server operator sees your IP alongside your addresses. It is less critical once you run your own node (since you are no longer talking to third-party servers), but still a sensible default.
Coins bought on KYC exchanges (Coinbase, Kraken, River, Strike, Swan, Gemini) are permanently linked to your real identity on the exchange's records. Chain analysis firms can trace those coins forward indefinitely. Once "tainted" by KYC, the coins are known to belong to you unless you actively break the chain.
Conservative approach: do not mix at all. Keep KYC coins in one wallet, non-KYC in another. When you spend, spend from the wallet that matches what you need that coin to be known as.
Aggressive approach: CoinJoin KYC coins to break the identity linkage, but accept that the resulting outputs may be flagged by some downstream counterparties. Most useful for coins you plan to hold long-term, not coins you plan to deposit back on a KYC exchange next week.
From easiest and cheapest to hardest and most ongoing. Each layer compounds on top of the layers below it.
If you are holding for 30 years and plan to pay capital gains on eventual withdrawal, maximum privacy is not the top priority. The IRS has your exchange records anyway, and the transparency of your stack to the taxing authority is the price of clean compliance.
Privacy matters most for active users: people spending Bitcoin regularly, receiving payments publicly, or moving coins between wallets frequently. For the cold-storage HODLer, simply never reusing an address and running a node covers the meaningful surface area.
Last updated 2026-04-14. Not financial or legal advice.