I need an anonymous Ethereum wallet to trade and hold ERC20 tokens. Here is my current config on Whonix workstation:
- Installed the Metamask extension on Tor
- Bought ETH on Bisq with clean Bitcoin (previously exchanged for Monero on Bisq)
- Bought ERC20 tokens on decentralized exchanges using the Metamask wallet
- If I loose the Tor browser data (during an upgrade), I can recover the wallet from the seed phrase. Metamask keeps the encrypted private key in the browser’s localStorage.
I chose Metamask for usability reasons, but anonymity is paramount. By default, it connects to a remote node hosted by Infura. Should I be worried about DNS leaks? Regardless, I’m relatively worried about Infura censoring Tor exit nodes but it’s not currently a problem.
I do not know any onion services for remote Ethereum nodes. However, such service is conceivable because Metamask uses an HTTP provider. Conversely, running a local client (Parity or Geth), even as a light client, would require UDP so I understand that it is not an option.
I could run a full node on the host and trust Whisper for anonymity. I do have a hardened host (free Debian, encrypted partition, core booted, me_cleaner applied and inbound ports closed). I don’t understand the Whisper threat models well enough to believe that it would be any safer.
I’m looking for general feedback on this config, specifically around any obvious attack vector, and hopefully start a useful discussion about Ethereum. @Patrick I could help author the Ethereum wiki if anything worthwhile comes out of this thread.