The Address Ownership Proof Protocol, or AOPP, may have been the most complex Bitcoin attack to date. The powers that be infected some of the most recognized wallets in the sector using a relatively innocent protocol that only affected people in Switzerland. Only people who purchased Bitcoin from Swiss centralized exchanges and were already fully KYC’d had to prove ownership of their wallet’s address, so it didn’t appear to be a big deal. But it was true.
According to the AOPP website, their product is:
“In Switzerland, a Virtual Asset Service Provider (VASP)—any financial intermediary dealing with crypto assets such as Bitcoin—is legally required to request proof of ownership of a customer’s wallet address before making withdrawals or deposits.” AOPP is a straightforward and automatic technique for proving ownership of an external wallet’s address.”
Despite the fact that several wallets implemented the protocol, Trezor received the majority of the criticism.
What Did Trezor Have to Say About AOPP?
On January 27th, early in the morning, Trezor’s adoption of AOPP casually appeared on the timeline. The corporation even attempted to advertise with it:
“We’re delighted to see more people taking control of their crypto assets,” said Marek Palatinus, CEO of SatoshiLabs, the maker of the Trezor hardware wallet. “AOPP makes it easier and faster for users to withdraw their coins to the safest place for them: their Trezor.”
The Bitcoin community was not pleased. Why? Because hardware wallets are designed to be self-contained. And they’ll take a mile if you give them an inch. Trezor had to clarify its position on Twitter by the afternoon. They stated:
It didn’t help that the demo provided by the company that created AOPP seemed to reveal an absurd amount of information on each transaction. Begin with the names and addresses of the people involved in the transaction:
“Not supporting AOPP means assisting the government in fencing people out of exchanges, and our motivation for adding direct support was precisely to prevent the government from doing so.”
The signing message is made up of information that is already available to the exchange. To receive the coins, the address must be given to the exchange.”
Swan Bitcoin’s Guy Swann responded immediately, “That makes no sense, how does it do that exactly?” This sounds as stupid to me as stating, “You will regain your freedom back if you only comply with all the dictates that destroy your freedom.”
Samourai Wallet Has No Remorse
Other wallets expressed their displeasure. “We’d rather nuke our app than support something harmful to Bitcoin like AOPP,” the people behind Zeus, for example, said. Samourai, on the other hand, they went all-in.
Their denial stated three reasons why their product would not support AOPP:
“1) Undermines self custody. Ironically proponents of this say this will promote self custody by providing a regulated pathway. That is nonsense and by buying into this system you are legitimizing the concept that self custody requires permission & compliance.
2) Reveals a weak ‘immune system’. The fact that so many developers of non custodial wallet software have seemingly bought into this system will only serve to bolster further incursions by regulators in the future as compliance among developers was high previously.
3) Further undermining of the pseudonymity of Bitcoin. Tying identifying information to what is supposed to be a pseudonymous UTXO is a serious privacy concern by itself. Providing regulators with a cryptographic proof of your identity to a certain output is over the line.”
Samourai requested that other wallets reconsider their AOPP support. That is exactly what they did, one by one. “Users who choose to use exchanges in hostile jurisdictions (like Switzerland) can of course manually sign a message with their private key, but we will NOT be facilitating this communication in any way using any API,” they concluded.
Trezor eventually surrendered when all of the wallets stated that they were discontinuing AOPP support. The corporation explained their decision in detail in a blog post. Trezor told the public that the adoption was not the result of “any external pressure, regulatory or otherwise.” And finally:
“Our sole goal was to make withdrawal to self-custody easier for users in countries with strict regulation, but we acknowledge that if this is viewed as proactive compliance with regulations we disagree with, we may end up doing more harm than good.”
Isn’t it true that all’s well that ends well?