How to pay with Bitcoin without disclosing your holdings

The UTXO mechanism turns every payment into an involuntary disclosure of the sender's financial status.

Together with the team from the Bitcoin mixer Mixer.Money, we explore what data leaks occur with each outgoing transfer and how to avoid them.

What the Recipient Sees

Bitcoin does not store balances like a bank; instead, it uses the UTXO model — each unit exists as a separate "bar" of value or a bill, but without a fixed denomination. The wallet's balance is the sum of all controlled UTXOs.

For example, Alice has one UTXO worth 5 BTC. She wants to pay Bob 0.01 BTC. UTXOs cannot be spent partially — the entire 5 BTC "bill" goes into the transaction. The wallet creates two outputs:

  1. Payment — 0.01 BTC to Bob's address.
  2. Change — approximately 4.99 BTC to a new address of Alice's (minus a fee, say ~0.0001 BTC).

The entire transaction is visible on the blockchain. Bob — or anyone with access to a blockchain explorer — sees an input of 5 BTC, a payment of 0.01 BTC, and change of ~4.99 BTC. It's easy to distinguish the payment (the round number 0.01 BTC) from the change (the long decimal 4.98990000 BTC). Now Bob knows that Alice controls at least 5 BTC.

This disclosure creates risks in everyday situations:

  • P2P transaction with a stranger. You buy currency for Bitcoin from a private individual. When you pay, the seller sees the change address and the size of your UTXO. If the amount is large, they know you are a wealthy cryptocurrency holder. This information is enough to become a target for a robber;
  • Payment to a freelancer. The contractor completes work for 0.005 BTC. After the transfer, they see that the funds were sent from a UTXO of 3 BTC. Your approximate balance is revealed — and the contractor may adjust their pricing for the next order or simply share this information;
  • Online purchase. The store accepts Bitcoin and collects a database: buyer's address, UTXO size, spending patterns. Over time, the platform accumulates a detailed financial profile of the customer — without their knowledge or consent.

Physical attacks are extreme but real cases. In 2025, there were 72 wrench attacks on cryptocurrency holders, resulting in losses of $40.9 million.

Each of these scenarios begins with one fact — the recipient sees more than they should. Below, we will discuss how to prevent this.

Coin Control — Manually Selecting Coins for Payment

Coin control is the ability to manually specify which UTXO to spend in a particular transaction. Without this, the wallet automatically selects coins based on algorithms optimized for fees: it combines UTXOs from different sources and creates large change outputs that reveal the balance.

With coin control, you pay for an item using a specific UTXO of the appropriate size. If the purchase price is 0.005 BTC, you select an output of 0.006 BTC instead of 1 BTC. The change is minimal — the recipient learns very little about you.

For instance, Sparrow Wallet offers a desktop implementation: a UTXO tab with a spreadsheet interface, tagging, and multiple selection with a Send Selected function. It works in conjunction with most hardware wallets.

This feature is also available in native applications for Ledger and Trezor devices — Ledger Wallet and Trezor Suite, respectively.

Source: Trezor.

The practical discipline is simple but requires consistency:

  • Label each incoming UTXO immediately after receipt: "KYC (exchange name)"‎, "P2P purchase";
  • Select UTXOs close in size to the payment amount;
  • Never combine UTXOs from different sources in one transaction — this links them through common input ownership heuristics.

Coin control helps minimize information leakage, but the method has limitations. It does not sever the connection between addresses within the wallet. Coin control is a basic tool for ensuring privacy, but it is not sufficient on its own.

Payment Wallet Strategy

The next level of protection is wallet separation: the main wallet contains savings (cold storage), while the payment wallet holds small UTXOs of appropriate size for everyday expenses. The recipient only sees the spending wallet and cannot link it to the main one.

The challenge is to fund it without creating an on-chain link to the cold storage. A direct transfer from one wallet to another nullifies the protection: an analyst will see that both addresses are controlled by the same owner.

Breaking this link can be achieved using Bitcoin mixers like Mixer.Money. In "Full Anonymity" mode, the user receives coins with a completely different history to the payment wallet addresses.

Mixer.Money employs the bitcoin.mixer 2.0 algorithm. In this mode, the service operates as follows:

  1. Bitcoins are sent to a premixer and broken into random parts.
  2. Funds are directed to investors — independent traders on major international exchanges. The service engages over 100 such counterparties from various platforms.
  3. The user receives an equivalent amount (minus a fee) from withdrawals of other exchanges to two new addresses.

For analytical systems, such a transaction appears as a standard withdrawal from an exchange to a personal wallet. The fact of using a mixer is hidden, and the risk score remains minimal. Processing time is up to 10 hours.

This distinguishes Mixer.Money from traditional CoinJoin protocols, where a transaction with multiple identical outputs itself attracts the attention of analysts, and exchange AML services often flag them as suspicious.

For everyday transactions, the "Exact Payment" mode is useful. It combines anonymization with real payment: you send bitcoins through the mixer, and the seller receives funds directly from the trading platform within six hours. The recipient sees neither your address, nor the size of the UTXO, nor the transaction history — from their perspective, the transfer looks like a regular exchange withdrawal.

Returning to the scenarios from the beginning of the article:

  • P2P transaction. Through "Exact Payment," the seller receives funds from the exchange, not directly from the wallet. They do not know the size of your holdings or the sender's address;
  • Payment to a freelancer. The contractor sees an incoming transfer from the exchange and cannot link it to your main wallet or determine your financial profile;
  • Online purchase. The store sees payment without linking it to a wallet address — its database does not accumulate information about the balance.

The "Full Anonymity" mode is suitable for another task — preparing "clean" small denomination UTXOs for funding the spending wallet. You send a large amount from cold storage, and receive coins with exchange history on two new addresses, suitable for further spending through coin control.

The basic "Mixer" mode provides anonymity for a 1% fee and up to two hours of waiting — the service mixes coins with funds from other clients. According to Mixer.Money, deep analysis may reveal the fact of use, but this is sufficient to protect against manual tracking.

No registration is required on Mixer.Money. The service issues a guarantee letter with a PGP signature. You can test the mixer for free: when sending 0.001 BTC, it will return them without a fee.