A week after the AOPP (Address Ownership Proof Protocol) was introduced, a hardware wallet company, Trezor, withdrew from its order due to customers' concerns about their privacy. crypto revolution hardware wallet companies follow suit.
Since 2019, evidence of possession of an external wallet's address of withdrawals and deposits of Bitcoin to their customers' non-custodial wallet have been required by the intermediaries of Swiss Financial crypto. The automated tool used for this is the Address Ownership Proof Protocol or AOPP. It is designed to simplify the user experience of non-expert users who are having trouble withdrawing their funds from exchanges to their wallets. So, it makes wallet message signing much easier.
AOPP signing was introduced by The Trezor hardware wallet as part of its most recent updates in January. This enables users to generate signatures that meet the AOPP standard that is utilized in certain jurisdictions. As a result of the feedback they got from their users and after thorough consideration, Trezor announced on the 28th of January that the protocol will be removed.
The feedback came from Reddit and Twitter users who expressed their concerns about the protocol. They affirmed that the use of Address Ownership Proof Protocol or AOPP shows Trezor’s lack of interest in a probable loss of privacy but support for higher regulations.
Trezor accepted that it underestimated how the public would accept the feature but that the company welcomes the scrutiny of the public. The fact that the company heeded to its users and responded promptly reveals the strength of social media opinion.
The company explained that the risks related to the use of a strict identification procedure such as KYC (Know Your Customer ) to purchase Bitcoin are against the regulations that concern AOPP. The company further clarified its aim which is to make a withdrawal to self custody easier for users whose country has stringent regulations. Nonetheless, the company acknowledges that if the procedure were viewed as proactive adherence with regulations they do not comply with, it could cause more harm than good.
After Trezor removed the automated protocol, other hardware wallets such as Samourai Wallet, Sparrow Wallet, and BlueWallet have also decided to follow suit and remove the automated protocol. Sparrow Wallet version 1.5.6 was released with the feature AOPP removed. BlueWallet version 6.2.17 was also released with the feature “AOPP support” removed. Samourai Wallet further indicated that they hope other developers' noncustodial bitcoin software will put normalizing such regulatory overreach into consideration by removing the AOPP support from their software.
Samourai wallet explained on Twitter why they would not include the AOPP support as well. They claimed;
- It undermines self custody. Instead of the protocol to promote self custody by regulatory pathways, it is legitimizing that the idea of self custody needs permission and compliance.
- It reveals a weak immune system. As many software developers have bought into the system, it will serve to further support further attacks by regulators in the future because compliance to these regulatory protocols was high before.
- It undermines the pseudonymity of bitcoin. To try to know what is meant to be pseudonymous UTXO is a crucial privacy concern on its own. Providing regulators with some cryptographic proof of identity to a certain output is over the line.
Even though the AOPP protocol may not literally or negatively influence users of non-custodial wallets, freedom and decentralization are fundamental tenets to the crypto community that values privacy. The major concern is that the implementation of AOPP may set a precedent for increased government authorities' influence and surveillance.
Nevertheless, the AOPP support group claimed that there is no reduction in the user’s privacy and there is no information leakage. All information about the user’s wallet is well protected. They further mentioned that the users of those wallets that removed AOPP will not be able to withdraw to their own wallet easily and will most likely keep their coins custodial.
Samourai Wallet mentioned in its tweet that although no form of rancor is yet attributed to the people behind AOPP nor the developers who decided to implement the API into the software of their company. But the attempt is undoubtedly some misguided pursuit to improve users' experience. “The road to hell is paved with good intentions”.