Your privacy is important to us, so we are happy to announce an update to the Blockstream Green apps that not only protects your private data but will also enable cool new features in the future.
We’ve been meaning to make this privacy improvement for a while, and it’s finally landed in the latest releases of the Blockstream Green apps—v3.4.9 on Android and iOS, and v0.1.0 on desktop. Once you update, your personal transaction notes and account names will be end-to-end encrypted and only visible to you. Blockstream won’t have access to your metadata, while you still get it seamlessly backed up and synced across your wallet when installed across multiple devices.
The Encrypted Blob
Using changes added in GDK 0.0.39, we’ve added support for end-to-end encrypted client data—the “encrypted blob.” Your transaction notes and account names are stored in the blob, securely encrypted and protected from external changes. This “blob” of data is cached on your device and backed up and synchronized between your wallets using the Blockstream Green backend servers.
Since your data is encrypted with your recovery phrase, the Blockstream Green servers cannot know what’s inside it. Our implementation goes further, also preventing the service from maliciously modifying or presenting an old version of the blob without your wallet detecting it and warning you.
When you upgrade your Blockstream Green app to one of the versions listed above, your data will be migrated into the encrypted blob automatically, cached on your device, and backed up to the Blockstream servers. We will periodically delete the old, unencrypted data from the backend for wallets that have upgraded, leaving your personal data visible only to you.
New wallets created with the latest version of the apps will use the blob from the start.
Once you’ve upgraded your wallet to use the encrypted blob, if you log in with an old wallet version, you will not be able to see your account labels or transaction notes until you upgrade. We encourage you to upgrade regularly to take advantage of the improvements and fixes coming in each new release.
Watch-Only and Two-Factor Reset
After upgrading, Watch-Only wallets will no longer be able to see your private metadata since they do not have your secret keys to decrypt it. So your wallet view will be slightly different.
If you’ve activated your two-factor reset, your wallet will not start using the encrypted blob until after the waiting period expires. Once full wallet control is re-enabled, your wallet will be upgraded automatically.
Today’s Blockstream Green update is part of an ongoing effort to increase privacy and reduce trust requirements for our users. We want to communicate these changes to you since not all improvements like the encrypted blob are visible.
For example, over the last year, we have been improving protections against malicious server activity (for example, if the Blockstream servers were ever compromised) through a number of small fixes in each release. Since our apps are open source and reproducibly built, you can be sure these protections are present in the apps you download. These ongoing improvements are another great reason to keep your app up to date.
Stay tuned for more feature announcements!