|
As the first-ever technical workshop
devoted to bitcoin research convened on the island of Barbados on 7th
March, it was clear from the outset that several academic papers would
be exploring various methods to compensate for bitcoin’s inherent lack
of anonymity.
For now, it’s an academic endeavour, but it underlies the fundamental principle known as ‘freedom of transaction’.
The International Financial Cryptography Association (IFCA),
which organised the conference, has been at the center of this research
work for 18 years. The burgeoning field of applied cryptography drives
the mathematical science that makes digital anonymous value, and its
transfer, possible.
At IFCA, CRYPTO, and other global conferences, cryptographers routinely assemble to present various theories and protocols that will allow a digital currency unit to emulate the privacy features of paper cash.
As
applied to bitcoin specifically, these privacy-enhancing protocols can
be organized into a taxonomy of mixing services for policymakers.
Tools against surveillance
Last year, Mercatus duo Jerry Brito and Andrea Castillo published “Bitcoin: A Primer for Policymakers” which touched only lightly on the advanced research into the privacy layers above bitcoin.
However, the privacy around bitcoin address data is no different than the privacy provided by Tor
for anonymous web browsing and ultimately just as important for liberty
and human dignity. Also similar to Tor, the network becomes more useful
and robust as the level adoption increases.
“Before
various governments decide to ban bitcoin outright, they need to be
aware of the potential limitations to such regulation.”
Just
as Tor prevents people from learning your location or browsing habits,
bitcoin privacy extensions prevent people from learning your bitcoin
amounts and spending habits.
Tor assists in defending yourself
against network surveillance and traffic analysis, while bitcoin assists
in defending yourself against financial surveillance.
Adopted from “The First 3 Generations of Bitcoin Mixing”
by Kristov Atlas, the following taxonomy provides a fundamental guide
for practitioners as bitcoin spreads itself into each and every monetary
regime existing within artificially-delineated boundaries.
Before various governments like Jordan, Singapore, Iran, and Russia decide to ban bitcoin outright, or significantly restrict its usage, they need to be aware of the potential limitations to such regulation and attempted surveillance.
Centralized mixing services
The
first generation of bitcoin mixers operated as a standalone service
where you could send your bitcoin, pay a small fee, and then receive
different bitcoin than the ones that were sent. These were some of the
earliest and most rudimentary bitcoin mixing services.
The
successful bitcoin anonymization of these services depended on the total
number of users and coins available for mixing, which is why larger
exchange sites and bitcoin shopping platforms were used more frequently.
If an exchange was large enough, bitcoin could be deposited and
withdrawn without being traded – effectively mixing the customer’s
original coins.
Additional considerations of centralized mixing
services are that you must trust the service not to steal your bitcoin
and you must trust the service to protect your bitcoin from external
theft.
Similar to VPNs, you must also trust the service not to
maintain logs of the bitcoin address mixing and not to sell or turn over
such records, both of which are difficult to verify.
Peer-based mixers
In
an attempt to address the problems of a centralized model, the next
generation of mixers relied on a ‘team’ of bitcoin users who all want to
mix their coins together, gathering at the same place and time on the
Internet.
Rather than a mixing service receiving bitcoin from a
customer and performing the mixing itself, these peer-based mixers
simply act as a meeting place for users to orchestrate mixing amongst
themselves.
This model solves the problem of theft, because without a third party, the service is trustless. Protocols such as CoinJoin, SharedCoin, and CoinSwap
allow multiple bitcoin users to get together, crafting a single bitcoin
transaction in multiple stages, and sending their bitcoin to each
others’ destination addresses.
Other than the mixing server, none
of the participants need to know the relationship between their starting
address and destination address. This can be performed multiple times
with multiple parties to further complicate traffic analysis of the
block chain.
Also, according to Atlas, peer-based mixing solves the problem of record-keeping, because:
“Cryptographic
primitives such as cryptographic blinding, zero-knowledge proofs
(ZKPs), and Succinct Non-interactive Arguments of Knowledge (SNARKs) can
improve on peer-based mixing protocols so that, not only do the peers
not need to know about each other’s destination address, but the mixing
server helping to orchestrate the mixing doesn’t know it, either.”
Atlas refers to this approach as ‘blind mixing’.
Anonymous altcoins
Altcoins are cryptocurrencies derived from the Bitcoin protocol with some slightly modified properties.
Atlas
believes that cryptocurrency exchanges featuring various altcoins can
be incorporated into block chain-based technologies to form peer-to-peer
exchanges. He states that “once anonymous altcoins and decentralized
exchanges are deployed, we will see these altcoins being used as
off-ramps from and on-ramps to bitcoin, essentially acting as mixers.”
Improvements
to the second generation of mixers include further decentralization of
the mixing process by outsourcing the processing load to the altcoin’s
distributed network, rather than relying only on the mixing server and
vastly increasing the total size of the user ‘anonymity set’.
Leading the charge of anonymous altcoins is the Zerocoin team, which includes cryptographers Matthew Green and Ian Miers. After deciding
to avoid the engineering complications of implementing Zerocoin on top
of bitcoin, Green and his team began working on a standalone altcoin
implementation dubbed ‘Zerocash‘.
Miers presented the Zerocash paper,
“Rational Zero: Economic Security for Zerocoin with Everlasting
Anonymity”, at the IFCA Bitcoin Workshop. Another privacy-enhancing paper, “Increasing Anonymity in Bitcoin”, was presented by Amitabh Saxena.
Atlas
correctly states that bitcoin core developers have so far been
reluctant to incorporate mixing technologies directly into the core
protocol. Aside from being politically unpalatable,
it would also add computational overhead and potential complication,
leaving the option of services outside of the core protocol as the
primary method for maintaining fungibility and user-defined privacy.
Notably, bitcoin core developer Mike Hearn says that an upcoming version of bitcoinj will route all connections to the bitcoin network over Tor’s anonymity network.
| |