Guest post by Reuben Yap from Zcoin
Reuben is the Chief Operations Officer of Zcoin.
One of Bitcoin’s core principles outlined in its famous whitepaper is privacy. Yet not many people are aware that the promise of anonymity on the blockchain isn’t actually a sure thing in practice.
As more and more users adopt cryptocurrencies, the need for basic financial privacy is vital. Just like how today we can’t look into anyone’s financial records, the same rights should apply when using cryptocurrencies. Privacy is a civil right. Not everyone needs to know what medicine you purchase or what charitable or religious donations you decide to make.
While all these are good reasons for protecting privacy, the privacy function of the Bitcoin blockchain initially turned into an effective tool for a distributed and decentralized economy for the darknet. The infamous Silk Road marketplace for dealing with illegal drugs and weapons became one of the first notable use cases of Bitcoin as a digital currency. But it also revealed one critical flaw within the digital currency–that Bitcoin transactions are in fact fully traceable and are only pseudo-anonymous.
Even though Silk Road was shut down in 2013, evidence of drug deals made using Bitcoin may still haunt users today. A group of researchers from Qatar University and the Hamad Bin Khalifa University who investigated transactions on the Bitcoin Blockchain and the Tor anonymity network were able to link unique users to transactions and show how easy it is to dig up evidence of years-old bitcoin transactions. They concluded that:
“Bitcoin addresses should always be considered exploitable, as they can be used to deanonymize users retroactively.”
The Dandelion protocol has presented a much needed and up-to-date added layer of privacy protection on the bitcoin blockchain in addition to Tor, a widely used free software and an open network that protects confidential activity online. But before I delve into what Dandelion is and how it works, it’s necessary to consider the two factors of cryptocurrency privacy.
Two factors to Cryptocurrency Privacy
It’s important to note that privacy in cryptocurrency relies on two factors:
- The first factor is privacy for transactions as traditional blockchains keep a record of every transaction including its amount and timestamp – forever.
- The second factor is network privacy. While the blockchain does not record IP addresses, as the earlier mentioned researchers have shown, it is possible to trace a transaction back to its source even before it becomes part of the blockchain.
Having an IP address connected to a transaction is equivalent to broadcasting your physical location, name and account balance–the exposure of this can have very far-reaching ramifications.
Privacy for financial transactions on the blockchain can be addressed by the Zerocoin protocol which is adopted by Zcoin. The Zerocoin Protocol uses Zero-Knowledge cryptographic proofs and enables users to burn their coins and mint new ‘clean’ coins with no transaction history tied to them.
Network privacy is much harder to maintain because the network needs to know if coins are being sent to anyone. Cryptocurrency networks are decentralized, meaning you do not send your transaction directly to the receiver or an intermediary, but to everyone on the network. When you first create your wallet, it is automatically connected to other nodes on the network. These can be other people running wallets, Znodes, or even miners. When you perform a transaction, your client sends it to all nodes to which you are directly connected.
Once a connected node has received your transaction, this node itself forwards it to all its direct neighbors on the network. This is why the default behavior of how transactions are spread is called the ‘gossip’ protocol. Spreading like a chain reaction, your transaction reaches all nodes around the globe in less than 10 seconds.
While this is an excellent way of broadcasting transactions through decentralized networks quickly, it also makes it possible to make a good guess about who the person behind the original transaction is. The Dandelion protocol further hinders the possibility of this happening by obfuscating where the network ‘gossip’ comes from.
So what is Dandelion?
Dandelions a network privacy solution that is both simple and ingenious. It essentially conceals IP addresses, making network analysis much harder by obscuring the way transactions flow through the network with a simple change. It’s the work of researchers from Carnegie Mellon, MIT and the University of Illinois, who come from varied backgrounds, ranging from wireless networking to privacy to cryptocurrencies.
Andrew Miller, Assistant Professor at the University of Illinois said:
“Dandelion is implemented within the existing cryptocurrency peer-to-peer network, so it doesn’t rely on (or impose costs on) an external service”
How Dandelion conceals IP addresses
With Dandelion in practice, when your transaction first gets send out, it is not sent to everyone but to only one of the connected nodes. This phase is called the “stem phase” because when you draw a network graph, it looks like the stem of a dandelion.
The trick with Dandelion is that the stem phase does not have a fixed length. The next node to receive your transaction will roll a dice and either decide to forward it to just one, or to all of the connected nodes. Each time it forwards, there is a one in ten chance that the node decides to change the mode of transport and start broadcasting it to all of its neighbors, switching back to the normal broadcasting gossip model. In Dandelion this is called the “fluff phase” because it looks like the head of a dandelion.
Tor and “Dandelion” work together
You may be thinking, well doesn’t Tor, the free browser network used by many to protect their online identity from traffic analysis, suffice? While Tor provides good everyday protection of IP addresses for most users, it can be slow since bandwidth is limited. Furthermore, a study has found that an attack can be mounted to make nodes reject or blacklist Tor connections and deanonymize transactions. This is why Dandelion is needed for that extra layer of protection. Tor and Dandelion can work together to provide an even stronger anonymous network. Even without Tor, Dandelion on its own provides a good degree of protection for those who do not wish to use Tor.
Giulia Fanti, assistant professor of Electrical and Computer Engineering at Carnegie Mellon University and one of the researchers behind Dandelion said:
“It’s lightweight and fairly easy to implement on top of existing cryptocurrency gossip networks because it does not use encryption.”
Protecting your IP address is critical for your safety
Financial privacy on the blockchain is necessary not just because it will protect sensitive information but is also vital for the safety of users in the cryptocurrency sphere. It’s clear that no one should know where or what you spend your money on. There have been several high profile cases where people have become targets because others are aware that they hold a lot of cryptocurrencies and have tied their transactions to their location.
Some noteworthy cases include the managing director of Ukranian cryptocurrency exchange EXMO who was kidnapped in Ukraine and released after paying a ransom of $1 million in Bitcoin. In another case, the Russian creator of cryptocurrency PRIZM was also robbed of 300 Bitcoins in Moscow. To safeguard cryptocurrency users from being exposed, Dandelion is the next best tool out there to protect users from having their personal information exposed.
Cover Photo by Aaron Burden on Unsplash