On How Zero-Knowledge Proof Blockchain Mixers Improve, and Worsen User Privacy

One of the most prominent and widely-used blockchain privacy solutions are zero-knowledge proof (ZKP) mixers operating on top of smart contract-enabled blockchains. ZKP mixers typically advertise their level of privacy through a so-called anonymity set size, similar to k-anonymity, where a user hides among a set of k other users. In reality, however, these anonymity set claims are mostly inaccurate, as we find through empirical measurements of the currently most active ZKP mixers. We propose five heuristics that, in combination, can increase the probability that an adversary links a withdrawer to the correct depositor on average by 51.94% (108.63%) on the most popular Ethereum (ETH) and Binance Smart Chain (BSC) mixer, respectively. Our empirical evidence is hence also the first to suggest a differing privacypredilection of users on ETH and BSC. We further identify 105 Decentralized Finance (DeFi) attackers leveraging ZKP mixers as the initial funds and to deposit attack revenue (e.g., from phishing scams, hacking centralized exchanges, and blockchain project attacks). State-of-the-art mixers are moreover tightly intertwined with the growing DeFi ecosystem by offering “anonymity mining” (AM) incentives, i.e., mixer users receive monetary rewards for mixing coins. However, contrary to the claims of related work, we find that AM does not always contribute to improving the quality of an anonymity set size of a mixer, because AM tends to attract privacy-ignorant users naively reusing addresses.

[1]  Pedro Moreno-Sanchez,et al.  CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin , 2014, ESORICS.

[2]  Guoai Xu,et al.  Ethereum Name Service: the Good, the Bad, and the Ugly , 2021, ArXiv.

[3]  Mikerah Quintyne-Collins,et al.  Blockchain is Watching You: Profiling and Deanonymizing Ethereum Users , 2020, 2021 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS).

[4]  Jeremy Clark,et al.  SoK: Research Perspectives and Challenges for Bitcoin and Cryptocurrencies , 2015, 2015 IEEE Symposium on Security and Privacy.

[5]  S. Nakamoto,et al.  Bitcoin: A Peer-to-Peer Electronic Cash System , 2008 .

[6]  Friedhelm Victor,et al.  Address Clustering Heuristics for Ethereum , 2020, Financial Cryptography.

[7]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[8]  Ghassan O. Karame,et al.  Misbehavior in Bitcoin: A Study of Double-Spending and Accountability , 2015, TSEC.

[9]  Matthew Green,et al.  Zerocoin: Anonymous Distributed E-Cash from Bitcoin , 2013, 2013 IEEE Symposium on Security and Privacy.

[10]  Arthur Gervais,et al.  AMR: autonomous coin mixer with privacy preserving reward distribution , 2020, AFT.

[11]  Zhi Wang,et al.  Towards Understanding and Demystifying Bitcoin Mixing Services , 2020, WWW.

[12]  Ghassan O. Karame,et al.  On the privacy provisions of Bloom filters in lightweight bitcoin clients , 2014, IACR Cryptol. ePrint Arch..

[13]  K. M. Alonso Zero to Monero : First Edition a , 2018 .

[14]  Alex Biryukov,et al.  Privacy Aspects and Subliminal Channels in Zcash , 2019, CCS.

[15]  Luke Valenta,et al.  Blindcoin: Blinded, Accountable Mixes for Bitcoin , 2015, Financial Cryptography Workshops.

[16]  Ethan Heilman,et al.  An Empirical Analysis of Traceability in the Monero Blockchain , 2017, Proc. Priv. Enhancing Technol..

[17]  Dan Boneh,et al.  Zether: Towards Privacy in a Smart Contract World , 2020, IACR Cryptol. ePrint Arch..

[18]  Jeremy Clark,et al.  Mixcoin: Anonymity for Bitcoin with Accountable Mixes , 2014, Financial Cryptography.

[19]  Sarah Meiklejohn,et al.  Tracing Transactions Across Cryptocurrency Ledgers , 2018, USENIX Security Symposium.

[20]  Ghassan O. Karame,et al.  Evaluating User Privacy in Bitcoin , 2013, Financial Cryptography.

[21]  Sarah Meiklejohn,et al.  An Empirical Analysis of Anonymity in Zcash , 2018, USENIX Security Symposium.

[22]  Brian Neil Levine,et al.  Sybil-Resistant Mixing for Bitcoin , 2014, WPES.

[23]  Kevin Lee,et al.  An Empirical Analysis of Linkability in the Monero Blockchain , 2017, ArXiv.

[24]  Bernhard Haslhofer,et al.  An Empirical Analysis of Monero Cross-Chain Traceability , 2018, ArXiv.

[25]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[26]  Eli Ben-Sasson,et al.  Zerocash: Decentralized Anonymous Payments from Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[27]  Pedro Moreno-Sanchez,et al.  P2P Mixing and Unlinkable Bitcoin Transactions , 2017, NDSS.

[28]  Cross-Layer Deanonymization Methods in the Lightning Protocol , 2020, ArXiv.

[29]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[30]  Ethan Heilman,et al.  TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub , 2017, NDSS.

[31]  Adam Doupé,et al.  Everything You Ever Wanted to Know About Bitcoin Mixers (But Were Afraid to Ask) , 2021, Financial Cryptography.

[32]  Pedro Moreno-Sanchez,et al.  A2L: Anonymous Atomic Locks for Scalability and Interoperability in Payment Channel Hubs , 2019, IACR Cryptol. ePrint Arch..

[33]  Sarah Meiklejohn,et al.  Möbius: Trustless Tumbling for Transaction Privacy , 2018, IACR Cryptol. ePrint Arch..