- Published on
OpenSats is funding thirteen more open-source projects advancing the Bitcoin ecosystem.
Dust attack
dust attacks, output linking, address reuse, reuse avoidance
A privacy attack where someone sends tiny amounts of bitcoin to a known address so later spending can help link outputs and cluster a wallet.
A dust attack is a privacy attack that uses tiny bitcoin outputs to create or exploit address reuse. An attacker sends a small amount of bitcoin, called dust, to an address that has already appeared on-chain. If the wallet later spends that dust together with other coins, chain analysts can use the shared spend to learn more about which UTXOs belong to the same person or service.
The broader problem is often called output linking or address reuse. When the same address receives multiple payments, outside observers can already make a reasonable guess that those outputs belong to the same recipient. Dust attacks make that problem worse because the target did not choose the reuse. The attacker manufactures one more linkable output and waits for the wallet to merge it with other funds.
Wallets reduce the damage in a few ways. Fresh addresses prevent ordinary reuse, and coin control can keep suspicious dust out of privacy-sensitive spends. Some wallets also track reused addresses and warn before spending from them. Protocols such as Silent Payments go one step further by letting a recipient publish reusable payment information without putting the same on-chain address on the blockchain again.