MoneroResearch.info |
Quesnelle, J. 2017. On the linkability of Zcash transactions. arXiv. Added by: Rucknium (08/08/2022, 03:26) Last edited by: Rucknium (25/08/2022, 00:25) |
Resource type: Miscellaneous DOI: 10.48550/ARXIV.1712.01210 BibTeX citation key: Quesnelle2017 View all bibliographic details |
Categories: Not Monero-focused Keywords: Cryptography and Security (cs.CR), FOS: Computer and information sciences Creators: Quesnelle Publisher: arXiv |
Views: 96/2856
|
Attachments 1712.01210.pdf [15/901] | URLs https://arxiv.org/abs/1712.01210 |
Abstract |
Zcash is a fork of Bitcoin with optional anonymity features. While transparent transactions are fully linkable, shielded transactions use zero-knowledge proofs to obscure the parties and amounts of the transactions. First, we observe various metrics regarding the usage of shielded addresses. Moreover, we show that most coins sent to shielded addresses are later sent back to transparent addresses. We then search for round-trip transactions, where the same, or nearly the same number of coins are sent from a transparent address, to a shielded address, and back again to a transparent address. We argue that such behavior exhibits high linkability, especially when they occur nearby temporally. Using this heuristic our analysis matched 31.5% of all coins sent to shielded addresses.
|
Notes |
This short paper analyzed the common technique of "churning" z-cash outputs. Since most, if not all, exchanges only accept t -> t transactions, users who desire anonymity will send their coins in a z -> z transaction before sending it to another t address. The authors conduct an empirical analysis of the blockchain under the assumption that transactions which use the same amounts on either transaparent end, within a 2-hour timeframe, are likely the same entity. This appears to be slightly similar to Monero's EABE (eve, alice, bob, eve) attack. Using this single heuristic, the authors are able to correlate a third of the private transactions made on z-cash with a high probability.
Added by: Jack Last edited by: Jack |