Attestations & Privacy: Timing Your Claims & Data Deletion
Understanding how to maintain privacy when claiming attestations across multiple wallet addresses and managing your data deletion
Blockchain attestations are powerful tools for establishing trust and verification, but they also require careful consideration of privacy implications. This page explains how to strategically manage your attestations across multiple wallet addresses while maintaining your privacy and controlling your data.
The Nature of Attestations and Identity
Wallet Address as Pseudonymous ID
Your wallet address is a public, pseudonymous identifier on the blockchain. Unlike traditional identity systems, it doesn't inherently reveal your real-world identity—that privacy comes from keeping the link between your wallet address and your personal information secret.
Crucial Distinction: No Single Human ID
It is important to understand that Zipwire does not create a single, immutable ID for a unique human being.
Why this matters: In systems that rely on a single underlying identity, accidental disclosure or coercion could potentially link all of your private blockchain interactions. This creates a single point of failure for your privacy.
Zipwire's Approach: Instead, with Zipwire, you can claim any attestation you desire against multiple, distinct wallet addresses. Think of your wallets as separate identities.
User Behavior: Many individuals consciously operate numerous wallet addresses, each dedicated to different purposes, and meticulously work to prevent them from being inadvertently linked.
Attestations as Permanent Facts
Attestations are immutable, permanent facts issued against a wallet address on the blockchain. Once issued, they cannot be removed or altered. This permanence makes them valuable for trust and verification, but also means they become part of your wallet's permanent public record.
Types of Attestations & Privacy Impact
Human/Age Attestations
These attestations reveal "true identity" information such as:
IsAHuman: Confirms the wallet belongs to a real person
Age-based attestations: Prove specific age thresholds (e.g., IsOverEighteen, IsOverTwentyOne)
These attestations are more privacy-sensitive because they directly link to your real identity.
Private Data Attestations
These attestations contain random numbers that reveal nothing directly. They're designed for selective disclosure proofs—allowing you to prove possession of specific data without revealing the actual data.
Document attestations: Based on cryptographic hashes of identity documents
Selective disclosure: You can prove specific facts (like age) without revealing other information
The Privacy Risk: Linking Wallet Addresses
Problem Statement
The core privacy concern is that claiming attestations against multiple wallet addresses can inadvertently link them together, potentially revealing that they belong to the same person.
Mechanism of Linking
Similar actions occurring at similar times can act as a "fingerprint" or "on-chain heuristic" that allows observers to infer connections between seemingly separate wallet addresses.
Analogy: If two people are seen entering the same building at the same time, observers might infer they're connected, even if they're actually strangers. Similarly, if two wallet addresses claim the same type of attestation within a short timeframe, blockchain analytics tools might cluster them together.
Best Practice: Strategic Timing for Privacy Protection
Core Recommendation
If you are claiming attestations against more than one wallet address, we strongly recommend you wait as long as possible between claims.
Why Strategic Timing Matters
Mitigates association: Spacing out your claims helps prevent wallet addresses from becoming associated with each other.
Breaks correlation: Spreading out the claims makes it much harder for on-chain analysis tools to correlate the activity across different addresses.
Reduces clustering: Blockchain analytics often "cluster" addresses based on shared behaviors. Strategic timing helps avoid this clustering.
Practical Timing Advice
Significant gaps: Consider waiting hours, days, or even weeks/months between claims, depending on your privacy sensitivity
Avoid single sessions: Don't claim multiple attestations for different wallets in a single session
Vary patterns: Don't establish predictable patterns in your claiming behavior
Identity attestations: This strategy is particularly important for "human" or "identity-revealing" attestations, but it's good practice for all attestations
Privacy Tip: The more time you can wait between claims, the better. Even small delays of hours or days can significantly reduce the risk of address linking.
Controlling Your Data: Deletion & Retention
User Recommendation
We strongly recommend deleting your data once you have finished using Zipwire for your attestation and proof-making needs.
Automatic Deletion Policy
In accordance with GDPR, Zipwire automatically deletes data if a user stops actively using the service for a specified period. This ensures your data doesn't remain stored indefinitely.
How to Manually Delete Your Data
You have direct control over your stored data through multiple methods:
Delete Specific Document Data
To delete specific data associated with your attestations:
Navigate to 'My Docs' within the Zipwire interface
Locate the relevant Merkle trees
Delete the specific document data you no longer need
Remove Stored Wallet Addresses
You can also remove a stored wallet address by simply disconnecting it:
Go to your wallet connection settings
Look for wallet addresses marked with 'Stored' status
Disconnect the wallet to remove its stored data
Commitment to Full Deletion
Please note that Zipwire performs a full and permanent deletion of your data. This is not merely 'marking data as gone' or hiding it from view, as is the practice with many other services. When you delete, your data is truly removed.
This ensures that:
Your data cannot be recovered once deleted
No traces remain in our systems
Your privacy is fully protected
Privacy Best Practices Summary
For Multiple Wallet Addresses
Space out attestation claims - Wait as long as possible between claims
Vary your patterns - Don't establish predictable claiming behavior
Consider timing carefully - Think about when and how you claim attestations
Monitor for clustering - Be aware of how your actions might link addresses
For Data Management
Delete after use - Remove data once you're done with attestations
Regular cleanup - Periodically review and delete unnecessary data
Monitor stored status - Check which wallet addresses are marked as 'Stored'
Understand permanence - Remember that attestations are permanent on the blockchain
For Overall Privacy
Separate purposes - Use different wallets for different activities
Minimize linking - Avoid actions that could connect your wallets
Stay informed - Keep up with privacy best practices
Be proactive - Take control of your data and privacy
Conclusion: Balancing Utility and Privacy
Blockchain attestations provide powerful verification capabilities while maintaining the pseudonymous nature of blockchain interactions. By understanding the privacy implications and implementing thoughtful timing strategies, you can enjoy the benefits of attestations while preserving your privacy.
Key Takeaways:
Strategic timing of attestation claims helps maintain wallet separation
Proactive data management ensures you remain in control of your information
Conscious privacy practices are essential in the pseudonymous blockchain environment
Thoughtful timing of attestations and proactive data management are simple yet powerful techniques to maintain the separation and pseudonymity of multiple wallet identities and ensure control over personal information.
Wallet Address PrivacyAttestationsUnderstanding Merkle Trees and ProofsLast updated