Bisq nodes leak TXID of every offer in P2P offer messages

[wiz]

Background

When a Bisq trade offer is created, the maker's Bisq node broadcasts a P2P message to the network to announce his offer.

Issue

The offer data object contains excessive metadata about the trade, specifically the on-chain TXID of the maker's deposit TX. Unfortunately, because the offerId of every Bisq trade is mapped to the on-chain Bitcoin depositTxID, this allows malicious blockchain analysis of all Bisq trades.

Example data object:

  {
    "currency": "JPY", 
    "direction": "SELL",
    "tradePrice": 8791986900,
    "tradeAmount": 10000, 
    "tradeDate": 1578784489149,
    "paymentMethod": "F2F", 
    "offerDate": 1578784398352,
    "useMarketBasedPrice": true,
    "marketPriceMargin": 0.0,
    "offerAmount": 10000, 
    "offerMinAmount": 10000, 
    "offerId": "12635-224f7143-3366-46e7-9e14-7fa6f39fcb2b-125",
    "depositTxId": "9c67453e57cfc80e2c121caf54f8f739cef6c5d7e9afdceec7843436a920f9d8",
    "currencyPair": "BTC/JPY",
    "primaryMarketDirection": "SELL",
    "primaryMarketTradePrice": 87919869000000,
    "primaryMarketTradeAmount": 10000, 
    "primaryMarketTradeVolume": 8791980000
  },

Example blockchain analysis of this trade:
https://blockstream.info/tx/9c67453e57cfc80e2c121caf54f8f739cef6c5d7e9afdceec7843436a920f9d8?expand

How to Reproduce

1. Start Bisq with --dumpStatistics=true option enabled
2. After a few minutes, a offers_statistics.db file will be generated in your $HOME/.bisq/btc_mainnet/db/ datadir.
3. Extract the mapping of offer ID and deposit TXID by grep -i id offers_statistics.json
4. Paste any Bitcoin TXID into any Bitcoin Block Explorer

Expected Result

Bisq should not reveal the on-chain Bitcoin TXID for each offer.

Actual Result

A full mapping of offer IDs to Bitcoin TXIDs for the current offers on Bisq is generated. Snippet:

    "id": "PVQSMV-90593c20-9984-440f-8f83-dc98c9decdfd-124",
    "offerFeeTxID": "875b94ce60bc4540cbf8a2c238d08eff54d1ee96b216fa2b3369ad4dd8665013",
    "id": "aAPLmh98-2d03accc-ba6b-4efa-ba6d-c53ed02a2173-111",
    "offerFeeTxID": "44b00de808d0145f9a948fe1b020c5d4173402ba0b5a5ba69124c67e371bca18",
    "id": "CX9zlV6g-a4231013-692a-4c58-a4df-e352aeaa5a52-124",
    "offerFeeTxID": "779fca348fcb28de906ad75a4c0f752b52abba9a9274935a2c14b3ec375658fa",
    "id": "qoodj-9026c051-c175-4c09-8eae-d5b7ebae13d1-125",
    "offerFeeTxID": "c068b933c7d3192e3799e77c0c0ec6abee28497a80dcef0b30caafbaa63b9e0f",
    "id": "7266425-98a588a2-bcdd-4437-acf2-2fb444f6a617-124",
    "offerFeeTxID": "9e4c35cc558e84151f151877aff07f509c847833a9665d2d58bd0a1ae3d2b3f8",
    "id": "5630195-4d8caa6e-2376-4db2-9c7a-bb30a36c0dde-124",
    "offerFeeTxID": "78ac815121acc90107317621928308e54d39d806c46557603a3d36cf68ce3544",
    "id": "tubtgpda-143cc765-ef4b-4e0e-99bd-a3d409a14e51-116",
    "offerFeeTxID": "cee365b8d9b09a69f55c5b59e96494742e0ee8815a57c8b34958d842a4145f56",

[ripcurlx]

This one is actually high risk area, as it is used within our code not only for validation purpose on the maker side, but also during the trade process on the taker side as well. Also in disputes, which can be opened from both sides and the taker would lack this information when the dispute is opened from their side. So to handle this properly there will be lots of critical code changes involved and I'm not sure if we want to do this atm, besides the fact that I'm touching this part of the codebase for the first time. What I can do as a first small step is to remove this information from the offer stats dump.