Possible privacy leakage due to ordered transaction inputs #383
Description
This is a security vulnerability.
The wallet uses ordered inputs of transactions (src/wallet/wallet.cpp, line 2766 - 2772), which may incur privacy risks like fingerprinting the wallet to observers.
A possible solution is to clear the original order, shuffle it, and push back the new order before signing the transaction.
Similar fix from Bitcoin: bitcoin/bitcoin@2fb9c1e.
Reported by 6004ed5feaa31ae9df36b5dbc60f0fa53255a5fb734334082c6d202405fc738c.