Number Protector: Dedicated phone numbers for receiving SMS messages via encrypted memo

Today I am launching Number Protector, a service that provides dedicated phone numbers for anonymously receiving SMS messages directly to you shielded wallet via encrypted memo.

Important note: Per the discussion below, I am no longer using the term “anonymous” to describe this service. This service does not provide anonymity. How the customer uses the phone number may allow someone to connect the customer’s true identity with the phone number. Thank you to @sarahjamielewis for the helpful feedback on this issue.

One of the targeted use cases is anonymously signing up for services like Telegram. Telegram requires you to provide a phone number during the sign up process, which it uses to send you a verification code via SMS. To preserve your anonymity, you can provide Telegram your Number Protector phone number and receive the verification code directly to your shielded wallet via encrypted memo.

(Note that I haven’t used the word “privacy”. My understanding is that SMS messages are not encrypted, so you should not use SMS for communications that require privacy.)

Number Protector supports both Ycash and Zcash. To respect the norms of this forum, this post will be focused on Number Protector’s support for Zcash. (If you have a question about Number Protector’s support for Ycash, post it on the dedicated Ycash thread.)

Pricing

The price is denominated in crypto, not fiat, and expires at a given block height. At the time of this post, the price for one year of service is 1 ZEC, and this price is good until block height 875,000 (approximately June 21, 2020). After block height 875,000, visit numberprotector.com for the current price.

Obtaining a Number Protector phone number

  1. Go to Number Protector and look up the current annual price for service.

  2. Let’s say the current annual price for service is X ZEC. Send at least X ZEC to:

zs17zfdqrph49z92rp7a3cmxvwvw3h3nlqzhmf2dehttgt3ru72mul557xhr3cyr66faaac54hgc9f

and in the memo field of the transaction put the shielded Sapling address that you want your SMS messages delivered to. Don’t forget to put your address in the memo field!

You can purchase more than one year of service by sending any amount of ZEC greater than X ZEC. For example, if you send 2.25X ZEC, you are purchasing 2.25 years of service.

  1. In a few minutes, you’ll receive your dedicated Number Protector phone number (via an encrypted memo). You will also receive a unique customer service shielded address that you can use to anonymously communicate with me about your number. It is very important that you keep this address secret because whoever knows it can make changes to your Number Protector service.

  2. Whenever you need to receive an SMS message but want to keep your real cell phone number private, provide your Number Protector phone number instead.

  3. Receive your SMS messages directly to your shielded Zcash wallet

Let me know if you have any feedback or questions.

15 Likes

I have several security-related questions, mostly based around the stated use case of account verification, since many services still allow a reset option through the number used for initial verification. To be clean SMS-based verification of any kind is super flawed from any security perspective, but adding this service in the middle seems to be asking for trouble.

  1. Do numbers get recycled? i.e. If someone signs up to this service then lets it expire is there a potential for someone else to get access to that number and potentially gain access to an account?

  2. Given that anonymity requires privacy, I’m not sure any claim to anonymity can be justified here; Several services happily abuse the verification number to send tagged-spam, and many just sell it off to marketing companies with other attached information - literally any kind of Identity Disclosure or Attribute Disclosure dataset attacks will render this number deanonymized. What exactly is the threat model here?

  3. What controls are in place to prevent interception of verification codes etc. as they pass through the service and exploit them? (let’s assume that all the people running this are super trustworthy, even so, what if the infrastructure is compromised?).

3 Likes

I appreciate you taking the time to provide feedback.

If someone lets their number expire, then we release the number back to our phone number provider. Our provider then subjects the number to a “cool-off” period before later returning it to the pool of available numbers. If the number still receives a lot of messages, it won’t be made available. My understanding is that this is consistent with what many (if not all) mobile carriers do: recycle numbers after a waiting period.

So, yes the number will eventually get recycled. If a user plans on letting their Number Protector phone number expire, the user needs to update all their related accounts with a new phone number.

This is consistent with my expectations regarding my real cell phone number. If I give it up, I expect that it will eventually be assigned to someone else.

All I’m saying is that we, Number Protector, only need a Sapling address to provision you a phone number. You don’t need to provide any other information and you don’t even need to ever visit our website to receive your messages. Contrast that with the analog to this service in the Bitcoin realm, SMS Privacy:

https://smsprivacy.org/pricing

https://smsprivacy.org/anonymity

We’ll put aside the fact that SMS Privacy is charging 0.0015 BTC a day (approximately $14 a day at current exchange rates), since that is a whole other discussion.

SMS privacy uses Bitcoin and requires you to log into their website to retrieve your SMS messages. Number Protector improves upon that by using shielded Ycash/Zcash instead of Bitcoin (so users get “blockchain” privacy) and delivering SMS via the memo field (so users don’t have to log into any website to get their messages). (To be fair to SMS Privacy, they do run a Tor hidden service, so users can retrieve their messages over Tor.)

I’m not making any claim that the number can’t be deanonymized as a result of how the number is used. Perhaps I should add language to the FAQ making that clear. And perhaps I should change the phrase “Anonymous Phone Numbers” to “Anonymous Provisioning of Phone Numbers”, although that doesn’t roll off the tongue.

The message is very likely being sent in cleartext between the sender and our phone number provider, so there’s that vulnerability that we can’t remedy. The relay of the message between our phone number provider and Number Protector is encrypted. These are some of the basic safeguards we’ve put in place to protect the message once it is in our possession:

  1. The message content is not logged or recorded anywhere, except on the blockchain as part of the transaction used to deliver the message via memo to the recipient.
  2. While the message sits in a queue waiting to be delivered (which in most cases should be well under a second, but could be up to 5 or 6 seconds), the message is in encrypted state.

Perhaps we can periodically burn the private key of the sending address used to send the encrypted memos, since that key would enable an attacker to view on the blockchain all the outgoing memos containing all the SMS messages. I am open to suggestions.

2 Likes

Thanks for the detailed reply.

I’m not making any claim that the number can’t be deanonymized as a result of how the number is used. Perhaps I should add language to the FAQ making that clear. And perhaps I should change the phrase “Anonymous Phone Numbers” to “Anonymous Provisioning of Phone Numbers”, although that doesn’t roll off the tongue.

I would strongly support making this change. Anonymity is a very specific risk model that many groups require and carries with it a responsibility to justify the exact protection your system provides. It is, at the end of the day, a safety rating - If the manufacturer of my boots advertising Electrical Hazard protection put out an advisory that they actually only provide such protection when buying the boots at the store I would quite rightly be extremely angry (at best, the worst case scenarios involve making life critical decisions based on incorrect information.)

Better to be extremely specific about where the anonymity applies and where is does not (and cannot) - to allow potential customers to make informed decisions about the risks they might be taking.

3 Likes

@sarahjamielewis, I appreciate you sharing your expertise with me. I have made some changes to address your extremely helpful feedback:

  1. I’ve scrubbed the word “anonymous” from the website. “Anonymous” was referenced 6 times on the website, and I eliminated 5 references completely and for 6th reference I now use the term “incognito”. (If “incognito” also implies a specific risk model, let me know and I’ll figure out a different word.)

  2. I’ve added language to the website’s FAQ to make it clear that how the number is used may allow someone to connect the customer’s true identity with the number.

  3. I’ve eliminated the word “anonymous” from the title of this thread, but I kept it in the body of the initial post so as to not confuse someone reading through our back-and-forth. I will also add a warning to the initial post shortly to make clear that the service doesn’t provide anonymity.

3 Likes

Thank you @hloo for taking this responsibility so seriously.

1 Like