The Basics of Blockchain Privacy: How to Remain Anonymous on the Blockchain | by Everything Blockchain | Coinmonks | Aug, 2022 - Rvpg media

The Basics of Blockchain Privacy: How to Remain Anonymous on the Blockchain | by Everything Blockchain | Coinmonks | Aug, 2022

Source: FreeImages

Primer — Blockchain is a public ledger that stores transaction data in encrypted blocks. Any transaction made on the blockchain is open for anyone to see. Anyone can see the transaction’s sender, receiver, and other details. While one of the major benefits of blockchain is its transparent and accessible nature, these same characteristics have also become tools to track people, risking privacy.

Is there a way to keep the user information private while using the technology?

A blockchain is a public digital ledger that records transactions between two parties in a verifiable and secure way. The ledger is decentralized and distributed, meaning that it doesn’t exist on a single server; instead, it is copied and synchronized across thousands of computers around the world. In addition, the blockchain ledger is encrypted to ensure privacy and security. The use of “block” refers to the grouping of information in a data block that is added to the end of the “chain”.

The blockchain is made up of a series of blocks that store information about transactions. New blocks are created every few seconds and added to the end of the chain to record new transactions. The block also includes a reference to the previous block in the chain, along with a unique “hash” that serves as proof of the block’s authenticity. The first block confirmation refers to the inclusion of the transaction in a block. The other parties/miners then “confirm” the transaction through confirmations to verify the accuracy and completion of the new block, for it to be added to the blockchain. And because the blockchain is decentralized, everyone on the network has access to the same information.

Anyone can send/receive assets on the blockchain without revealing their identities. The details of the transactions are open, including the addresses of the sender and the receiver. If, however, a relationship is established between any of the sender/receiver addresses and the user identities, it will compromise user privacy. Blockchains use cryptography and decentralization to safeguard user privacy. Yet, there are critical challenges concerning privacy that still need to be resolved. This article introduces the fundamentals of blockchain privacy, user behavior, and mixing services that can help safeguard privacy and also brings out heuristics that can deanonymize users.

UTXO is the unspent transaction output model used by Bitcoin and many of its derivatives. The total amount of bitcoins that a user has received (and not spent yet) is stored as a list of “unspent” instances of bitcoins. Unspent transaction output (UTXO) is an important concept developed by Satoshi Nakamoto, although the Bitcoin white paper

has no direct mention of it.

Bitcoin transactions are made of inputs and outputs. UTXO refers to a transaction output that can be used as an input for a new transaction. This means that the entire history of bitcoin transactions in the system is recorded in a time series of unspent outputs where each of those transactions has an owner and a value. Let’s compare this to a banking account, where all deposits into your account reflect the consolidated balance of your account, and any spending comes directly from the account balance. In UTXO, each transaction/deposit works as a separate unspent transaction output which could be used as an input for a new transaction.

The name UTXO is confusing but understanding the concept isn’t that hard, especially when it is explained through an example. Suppose you have a total balance of 50 bitcoins comprising several UTXOs valuing 2, 5, 10, 12, and 18. You want to transfer 14 bitcoins but don’t have an exact UTXO valuing 14 bitcoins. In this case, you spend UTXO worth 18 bitcoins. The network mints two UTXOs, one valued at 14 bitcoins and the other worth 4 bitcoins. 14 bitcoins are transferred, and you receive 4 bitcoins as your change as a new UTXO. Alternatively, you may also spend 5 and 10 bitcoin UTXOs and receive 1 bitcoin as a change. A transaction may use any combination of UTXOs, and the user has no control over it. This is analogous to treating every UTXO as a single FIAT bill.

UTXO model has several benefits, including high scalability, security, and privacy. It defines a data structure where users can hold multiple instances without combining them into one total amount, unlike bank accounts. By holding many such instances, the account holder need only disclose the instances used to pay the payee. This makes it difficult to link the accounts.

All the past work with respect to the cryptocurrency privacy provisions has focused on UTXO-based cryptocurrencies like Bitcoin, Monero, Zcash, etc., without any empirical studies on account-based cryptocurrencies like Ethereum.

Compared to the UTXO model, many cryptocurrencies that provide smart contract functionalities operate with accounts where users store their assets in accounts rather than in UTXOs.

As per Bitcoin’s whitepaper, Nakamoto suggested that “a new key pair should be used for each transaction to keep them from being linked to a common owner”. However, despite this suggestion, account-based cryptocurrency users tend to use only a handful of addresses for their activities.

The native transactions can only move funds between a single sender and receiver, and the change remains in the sender account in a payment transaction. The subsequent transactions use the same address again to spend the remaining change amount. Thus, the model relies on address-reuse on the protocol level, rendering them inferior to the UTXO model.

Assessing and understanding the privacy guarantees of cryptocurrencies is vital as the lack of financial privacy is detrimental to most cryptocurrency use cases. Therefore, users must understand and adopt ways to help maintain anonymity, especially while using account-based cryptocurrencies.

Blockchain is transparent and does not need the participants’ identities for the transactions. Yet, the transactions recorded on a blockchain could be linked to the identities of the individuals. This could happen off-chain at the network level, and therefore users need to safeguard their privacy. There are various ways through which users can maintain anonymity.

Masking IP address — IP address is public information known to the ISP and any other router on the way to the target server. Using a VPN (virtual private network) or Tor, especially during a withdrawal, can hide the IP address and safeguard the user identity. Tor is an open-source software that allows internet browsing while staying anonymous. Utilization of VPNs/Tor can obscure your IP address and prevent malicious actors from drawing a correlation of withdrawal transaction timestamps. Alternatively, separate browsers can be used for financial transactions.

Deleting Cookies — Cookies represent bits of data that store information about the websites you visit. Access to website logins, personalization settings, advertising information, and other details enables them to provide a relevant and more personalized user experience. Unfortunately, the experience is the only upside, as cookies are the most common tools for tracking. Cookies allow websites to store a unique ID in the browser. This permits all cookie-enabled sites to track and monitor users. Thus, to protect your real identity –

  • You must delete the cookies on your computer.
  • Switch to more privacy-focused browsers that block third-party cookies and practice responsible browsing, e.g., do not grant access when a cookie consent asks your permission to use a third-party cookie.
  • Enable the do not track function to opt-out from tracking.
  • Use of tracker-blocking tools such as Privacy Badger, an anti-tracking browser extension.

Users could mitigate risk by separating their web3 activity from their regular browsing activity. The separation will enable users to streamline their browsing experience by accepting cookies on one browser and declining them on the other.

Using public RPC — Using a public RPC like the same IP or API token for different identities can link all the used wallets. For example, Metamask uses the same API token for all your requests from different wallets.

Using the said techniques can help conceal identity and preserve privacy. However, while the above defenses may prove effective, they’re far from perfect.

Mixing services can help users stay anonymous on the blockchain. As the name suggests, these services take your coins and mix them with other coins before sending them to destination addresses, thus obfuscating the transaction’s sender and receiver. For each transaction, a new address is created. This process makes it difficult to link transactions and identify who made them.

Mixing services are offered through a wide range of centralized, peer-to-peer, and decentralized solutions. Centralized mixing services receive the assets and then send these back to different addresses at a fee. Decentralized mixers use a completely coordinated or peer-to-peer approach to obfuscate transactions. These can be either obfuscation-based (concealing a user’s transaction graph) or zero-knowledge-based (erasing the transaction graph using zero-knowledge proofs).

While mixing services offer anonymity, these also require user participation to obviate the chances of linking the addresses through different correlations. Careless usage from the users can easily connect deposits and withdrawals and impact the anonymity of other users. If a deposit can be linked to a withdrawal, it will no longer belong to the anonymity set.

Careless usage can be reverse-engineered to draw links between deposits and withdrawals, exposing user identity and violating privacy. Let’s understand some usage patterns and transaction correlations that can link deposits and withdrawals.

Using the same address for deposit and withdraw

This is the most straightforward careless usage. Not only should a user use a different address for deposits and withdraws, but rather a new address for each withdrawal.

Deposit & withdraw pair with manually set gas prices

If the gas prices are manually set by the user, the likelihood of getting caught increases. The customized gas price can link the deposit with the withdrawal address. Wallet software such as Metamask sets gas prices as multiples of Gwei, and any deviation from the same is likely to draw attention and reveal the link.

Interaction between the deposit and withdrawal address

Any interaction between the deposit address and withdrawal address will reduce the complexity of linking the two. These addresses should never interact in order to protect privacy. This also applies to other interacted wallets so as not to have any interaction correlation.

Short time intervals between deposits and withdrawals

It’s always better to have longer time intervals between the deposits and withdrawals. Proper usage entails waiting for multiple deposits on top of your deposit. Most individuals withdraw their assets within 1–2 days from the mixer contract. However, if users wait longer than 2 days, the ability to link their withdrawals to the deposit is reduced. Moreover, as a general rule of thumb, users should always withdraw to a new address.

A similar size of deposit and withdrawal

This heuristic can be easily defeated if users ensure the size of their deposit and withdrawal is not identical/similar. If users need to make multiple withdrawals, they should spread them out across multiple days and use new addresses with no interaction or link.

Factoring in Timezone

If users make deposits and withdrawals during business hours of their timezone, they’re likely to get caught. Users should stagger their withdrawals over time at random intervals of the day.

The usability of mixers is reduced by the immature user behavior that prevents these from reaching their highest attainable privacy guarantees. Users must ensure that their on-chain and off-chain behaviors are unlinkable, including random on-chain activity. Quasi-identifiers of Ethereum accounts (gas price profile, time-of-day activity, etc.) should not lead to deanonymization through any consistent on-chain pattern.

Source link

Leave a Comment