Understanding CoinJoin

CoinJoin is the most powerful onchain privacy tool available to Bitcoin users. It breaks the transaction graph by creating ambiguity about which input funded which output.

What Is CoinJoin?

A CoinJoin is a collaborative transaction where multiple users combine their inputs and outputs into a single transaction. When done correctly, an outside observer cannot determine which input funded which output.

The Restaurant Analogy

Imagine a group of friends goes to a restaurant. Instead of each person paying separately, they put all their orders on one bill and split the cost equally.

The waiter sees the total bill but cannot tell who ordered what. CoinJoin works the same way - the blockchain sees the total transaction but cannot tell which input funded which output.

How CoinJoin Works

Step 1: RegistrationStep 2: CoordinationStep 3: SigningStep 4: Broadcasting

Multiple users register to participate in a CoinJoin. Each user contributes one or more inputs of equal value.

A coordinator (which can be a server or a peer-to-peer protocol) collects all the inputs and outputs.

Each participant signs the transaction, but only for their own inputs. No participant can see which inputs belong to which other participants.

Once all signatures are collected, the transaction is broadcast to the Bitcoin network.

Why CoinJoin Is So Powerful

Breaking the Common Input Ownership HeuristicCreating Exponential AmbiguityThe Only Positive Privacy Signal

The Common Input Ownership Heuristic (CIOH) assumes that all inputs in a transaction belong to the same person. CoinJoin deliberately violates this assumption.

In a 5-party CoinJoin, 5 different people each contribute inputs. The CIOH would incorrectly assume all inputs belong to one entity.

For a 5-party CoinJoin with equal outputs, there are 1,496 valid interpretations of which input funded which output. This is 10.55 bits of entropy.

For a 7-party CoinJoin, there are 426,833 interpretations (18.70 bits).

For an 8-party CoinJoin, there are 9,934,563 interpretations (23.24 bits).

This exponential growth in ambiguity makes CoinJoin the most effective privacy tool available.

CoinJoin is the ONLY technique that actively improves your privacy by creating ambiguity. Every other privacy technique can only prevent you from losing privacy - CoinJoin actually adds to it.

Types of CoinJoin

WhirlpoolWasabi Wallet (WabiSabi)JoinMarket

Developed by Samourai Wallet. Uses a 5-party model with fixed denominations (50k, 100k, 1M, 5M, 50M sats).

Pros: - Simple to use - Fixed denominations make it easy to identify - Good anonymity set

Cons: - Limited to 5 parties - Fixed denominations can be limiting - Requires Samourai Wallet or compatible

Learn more about Whirlpool →

Uses a larger anonymity set (50-150 parties) with flexible denominations. Uses the WabiSabi protocol.

Pros: - Large anonymity set - Flexible denominations - Desktop wallet

Cons: - Higher fees for large rounds - Wasabi has faced regulatory pressure

Learn more about Wasabi Wallet →

A peer-to-peer marketplace for CoinJoin. Makers provide liquidity and earn fees, Takers initiate CoinJoins.

Pros: - No central coordinator - Flexible party sizes - Makers earn fees

Cons: - More complex to use - Requires more technical knowledge - Slower to find counterparties

Learn more about JoinMarket →

CoinJoin Best Practices

Do Multiple Rounds

One round of CoinJoin is not enough. Do multiple rounds to increase your anonymity set.
Never Spend Post-Mix UTXOs Together

Spending 2+ outputs from different CoinJoin rounds in a single transaction completely destroys the mixing.
Wait Between Rounds

Do not do all your CoinJoins in quick succession. Wait between rounds to avoid timing analysis.
Label Your Post-Mix UTXOs

Keep track of which UTXOs are post-mix and which are pre-mix. Never mix them.
Use a Fresh Wallet for CoinJoin

Do not use your main wallet for CoinJoin. Use a dedicated wallet to avoid accidental linking.
Use Tor for CoinJoin

Always route your CoinJoin traffic through Tor to hide your IP address.

Common CoinJoin Mistakes

Post-Mix ConsolidationSpending Post-Mix to KYC AddressesDoing Only One RoundNot Using Tor

Spending 2+ outputs from different CoinJoin rounds in a single non-CoinJoin transaction. This re-links UTXOs via CIOH, completely destroying the anonymity set gained from mixing.

Sending post-mix bitcoin to a KYC exchange or other known entity. This links your mixed bitcoin to your identity.

A single round of CoinJoin provides limited privacy. Multiple rounds exponentially increase your anonymity set.

Doing CoinJoin without Tor exposes your IP address to the coordinator and other participants.

When to Use CoinJoin

Situation	Recommendation
You have KYC bitcoin	CoinJoin it before spending to get forward-looking privacy
You want to send bitcoin privately	CoinJoin first, then spend post-mix outputs independently
You received bitcoin from a known source	CoinJoin it to break the link
You want to store bitcoin long-term	CoinJoin before moving to cold storage
You have small UTXOs	Do not CoinJoin dust - freeze it instead