Boggles

Ever wonder how they caught the Silk Road guy? Bitcoin isn't as private as you think. Boggles scores your transaction privacy, spots weaknesses and teaches ou how to stay safe on-chain.

Comment

Inspiration

In 2013, the FBI traced every transaction Ross Ulbricht ever made on the Bitcoin blockchain. It was all just sitting there on a public ledger. That case showed the world something most people still don't realize: Bitcoin isn't private. It's one of the most transparent financial systems ever built.

But that same transparency is a double edged sword. The same tools governments use to catch criminals are also used by authoritarian regimes to track journalists, activists, and dissidents. A reporter receiving tips in Bitcoin from a source in a hostile country has no margin for error. I built Boggles because I believe everyone deserves to understand how exposed their financial activity really is, especially the people whose safety depends on it.

What it does

Boggles is a suite of Bitcoin privacy and analysis tools designed to educate and protect. The core is a Privacy Analyzer that scores transactions and addresses across different threat models, from a curious employer all the way to a state level adversary, detecting CoinJoin, Payjoin, and Taproot usage along the way. It also includes a Transaction Analyzer for fee and script forensics, a UTXO Advisor that flags dust and uneconomical outputs, a Fee Optimizer with live mempool data, a Whale Alert feed, a Sentiment Tracker, and a Watchlist for monitoring addresses over time. Interactive Privacy Education modules walk users through concepts step by step, because tools are only useful if people understand how to use them. There's also a public Privacy Score API via Supabase edge function.

How we built it

React 18 and TypeScript with Vite as the build tool. Tailwind CSS and shadcn/ui for the interface. TanStack React Query handles all data fetching and caching. Recharts powers the visualizations. On the backend, a Supabase edge function serves the Privacy Score API. For live blockchain data we use mempool.space as the primary source with BlockCypher as a fallback, and pull market data from CoinGecko, CoinCap, and alternative.me. News comes from the CoinDesk Data API. The whole thing deploys on Vercel.

Challenges we ran into

The threat model system is something we haven't seen in other tools. Instead of a single privacy score, Boggles lets you evaluate your transactions from the perspective of different adversaries: a nosy coworker, a chain analysis firm, or a nation state. A journalist protecting a source has very different needs than someone just trying to keep their salary private, and Boggles reflects that. We're also proud of the education layer. Most privacy tools assume expertise. Ours meets people where they are and tracks their progress as they learn.

Accomplishments that we're proud of

The threat model system is something we haven't seen in other tools. Instead of a single privacy score, Boggles lets you evaluate your transactions from the perspective of different adversaries: a nosy coworker, a chain analysis firm, or a nation state. A journalist protecting a source has very different needs than someone just trying to keep their salary private, and Boggles reflects that. We're also proud of the education layer. Most privacy tools assume expertise. Ours meets people where they are and tracks their progress as they learn.

What we learned

A lot about how chain analysis actually works in practice: clustering heuristics, common input ownership, change detection. We learned that privacy techniques like CoinJoin and Payjoin only help if you understand the tradeoffs. One careless UTXO merge can undo hours of careful coin management. We also learned more than expected about how transaction structure alone can leak metadata about the sender. On the engineering side, working with live blockchain APIs taught us about caching strategies, rate limiting, and building resilience when a data source drops mid demo.

What's next for Boggles

We want to add wallet file import so users can analyze their full transaction history at once. We're also exploring Lightning Network privacy analysis, since Layer 2 has its own tradeoffs that are poorly understood, and also more cool vizzies, would love to delve into amore hands on experience for users Longer term, we'd like to open the API up so that wallets and newsroom tools can integrate privacy scoring natively, giving journalists and at risk users protection built right into their workflow.

And thank you to the kind volunteers for the chocolates at the event, they definitely helped. :)

Built With

Share this project:

Updates