“With Wasabi if you are mixing 10 BTC [Bitcoin], I can trivially track that 10 BTC as it is peeled down into smaller UTXOS (unspent funds). […] Additionally Wasabi outputs are in the order in which they are registered, allowing you to make educated guesses that cluster outputs that you can later cross reference when inputs are inevitably merged to make a spend.”
In the same message, Samourai explained that the mixing leftover change is part of the mixing transaction, and this links the funds. The company notes, “You literally leave crumbs along the trail.”
A company executive, who goes by the nickname of SW, claimed that in “Wasabi’s implementation of ZeroLink there is routinely 30–60% of inputs issued from the same previous transaction” which decreases anonymity.
He admits the issues described in the Telegram post only become a problem when combined with user behavior:
“The peeling chain and unmixed change can be mitigated against by the user staying around until their entire amount has been mixed for example, but when viewed holistically and crucially with lack of a PostMix spending strategy these architectural differences have serious consequences when common user behavior intervenes.”
According to SW, such behavior has also been demonstrated by the Wasabi team in the transaction of its donation to the Tor anonymous network. Analyzing the transaction, he claims to have linked a Wirex account address and 38 fully mixed inputs to the donation. SW said:
“My point is not to kick a competitor when they are down, my point is, if this can happen to the experts who run Wasabi then this is absolutely happening on a broader scale with less sophisticated users, and they likely have no idea it is happening, let alone what steps they need to make to prevent it.”
SW explained that, while many believe that users should learn complex coin control techniques to prevent anonymity loss, he believes that placing such a burden on users is dangerous.