Glossary

A security practice that keeps a device physically isolated from the internet and other networks so malware or remote attackers cannot reach it directly.

Anti-Money Laundering rules require financial institutions and crypto platforms to monitor customers, flag transactions, and report activity to regulators.

The group of possible users or transactions that could plausibly match an observed action. Larger anonymity sets generally mean stronger privacy.

A cryptographic swap that lets two parties exchange coins across different blockchains without trusting a centralized exchange or custodian.

A profile built from browser attributes like fonts, screen size, plugins, language, and GPU details that can identify a user even without cookies.

A central bank digital currency is state-issued digital money that can be designed for full traceability, policy enforcement, and programmable restrictions.

A centralized exchange is a custodial trading platform that typically controls user funds, enforces compliance rules, and often requires KYC.

The practice of tracing blockchain transactions, clustering addresses, and linking on-chain activity to real identities using heuristics and external data.

A Bitcoin privacy technique where multiple users combine inputs and outputs into one transaction to make ownership links harder to analyze.

Keeping private keys offline on a hardware wallet, air-gapped device, or other disconnected medium to reduce remote theft risk.

A mechanism that automatically releases information, messages, or access credentials if the operator stops checking in within a set period.

A company that collects, buys, packages, and sells personal information such as names, addresses, location history, and behavioral data.

A decentralized exchange is a non-custodial trading system, often peer-to-peer or smart-contract based, that reduces reliance on a central operator.

A DNS leak happens when your domain lookup requests bypass your privacy tool and reach your ISP or another resolver that can log the sites you visit.

End-to-end encryption means only the communicating endpoints can read message content, not the server, provider, or network intermediary.

An enclosure made of conductive material that blocks electromagnetic signals, helping isolate devices from radio communication and some tracking methods.

The Financial Action Task Force is an intergovernmental body that sets global AML and counter-terror finance standards, heavily influencing crypto regulation.

The US Financial Crimes Enforcement Network is the Treasury bureau that receives SARs, issues AML guidance, and pressures crypto businesses into surveillance compliance.

A tracking method that identifies a user or device through a distinctive combination of technical attributes rather than traditional cookies or login data.

A wallet connected to the internet for day-to-day spending or trading. It is convenient but generally less secure than offline storage.

The Invisible Internet Project is an anonymity network focused on internal services and peer-to-peer communication routed through encrypted tunnels.

A VPN feature that blocks internet traffic if the VPN connection drops, preventing accidental exposure of your real IP address.

Know Your Customer rules require users to submit identity information such as passports, selfies, addresses, or phone numbers before accessing a service.

Data about data, such as who contacted whom, when, from what device, and from which location. Metadata often remains exposed even when content is encrypted.

A broad term for techniques or services that attempt to break visible links between cryptocurrency inputs and outputs by pooling or rerouting funds.

A wallet setup that requires multiple private keys or approvals to move funds, reducing single-key failure and helping distribute operational risk.

A claim by a VPN or service that it does not retain activity, connection, or identifying records that could later be handed to third parties.

The US Office of Foreign Assets Control administers sanctions lists and restrictions that many banks, exchanges, and crypto services enforce worldwide.

A routing method that wraps traffic in layers of encryption and passes it through multiple relays so no single node sees both sender and destination.

Operational security is the practice of minimizing information leaks across behavior, devices, accounts, payments, and routines that can expose identity or intent.

PGP and its open implementation GPG use public-key cryptography to encrypt messages and verify signatures without relying on a centralized provider.

A cryptocurrency designed to reduce transaction traceability through built-in privacy features such as shielded pools, ring signatures, or stealth addresses.

Operating under a persistent alias instead of a legal identity. It offers some separation, but repeated use can still create a trackable profile.

A structured assessment of what you need to protect, who you are protecting it from, their capabilities, and what tradeoffs you are willing to accept.

A cryptographic signature that proves one member of a group authorized a transaction without revealing which specific member signed it.

Automated or manual checks against sanctions lists, wallet blacklists, and compliance databases to block or flag users, transactions, or counterparties.

A Suspicious Activity Report is a confidential filing sent by banks or financial intermediaries to regulators when they believe a transaction may be suspicious.

A set of wallet recovery words that can recreate a private key set. Anyone with the phrase can usually control the funds.

A transaction whose sender, receiver, amount, or other details are hidden using privacy-preserving cryptography instead of being fully visible on-chain.

A VPN feature that sends only selected apps or traffic through the VPN while letting other traffic use the normal internet connection.

A one-time destination address derived from a public address so outside observers cannot easily link multiple payments to the same recipient.

The Tor network uses onion routing to obscure IP addresses and browsing paths by relaying traffic through multiple volunteer-run nodes.

A compliance rule that requires financial institutions and many crypto platforms to transmit identifying information about senders and recipients.

An unspent transaction output is a discrete chunk of cryptocurrency in Bitcoin-like systems. Wallet privacy depends heavily on how these outputs are spent and merged.

A Virtual Asset Service Provider is a regulated intermediary such as an exchange, broker, or custodial wallet operator covered by AML rules.

A virtual private network encrypts traffic between your device and a provider-run server, hiding activity from local networks while shifting trust to the VPN operator.

A regularly updated statement indicating a service has not received certain secret legal demands. If it disappears, users may infer something changed.

A privacy failure where browser WebRTC features expose your real IP address to websites or apps even when you are using a VPN.

A domain registration feature that masks or proxies the registrant’s contact details in public WHOIS records to reduce direct exposure.

A cryptographic method that proves a statement is true without revealing the underlying data, identity, or secret used to make the proof.