Author: Chris Pacia 2014-08-11 06:25:27
Published on: 2014-08-11T06:25:27+00:00
A group of researchers in Germany have proposed a decentralized protocol for CoinJoin, called CoinShuffle, which allows for mixing coins among users to improve anonymity. The protocol is designed to implement CoinJoin in the original spirit of Bitcoin, without trusted third parties, and provides a clever way to create a CoinJoin transaction. By mixing multiple input addresses and multiple fresh output addresses per user, CoinShuffle ensures that nobody can steal coins and each user can check if the single transaction sends enough coins to his fresh output address. However, the difficulty with CoinJoin is to let participants announce their fresh output addresses without breaking anonymity. A naive approach would be to send two messages via a secure channel to a server that organizes the whole mixing. While the server cannot steal coins, it still has to be trusted for anonymity because it knows which input addresses belong to which output addresses. CoinShuffle addresses this problem by having no (trusted or untrusted) third party in a run of the protocol. In addition, no server can link input and output addresses of a mixing transaction, as long as there are at least two honest participants in run of the protocol. This is not a weakness since meaningful mixing is just impossible if there is only one honest participant. CoinShuffle is also secure against thefts and robust against denial-of-service attacks. Moreover, it requires only well-established cryptographic primitives, besides signatures and hash functions that are already used by Bitcoin, and it is fully compatible with the current Bitcoin system without requiring any changes to the Bitcoin protocol. The researchers have provided an overview of the technical details of CoinShuffle on their project page, along with a research paper that has been accepted at a major European academic conference on security (ESORICS). They have also created a proof-of-concept implementation available on their project page, which is certainly insecure and not well-written, but demonstrates feasibility and estimates the performance of their approach. The researchers are now planning a full, open-source implementation of the protocol and would like to build on top of an existing widespread client. They would appreciate any help in the process, particularly with the design and coding of the protocol itself. CoinShuffle has several features that make it an attractive solution for those looking to improve anonymity in Bitcoin without requiring changes to the Bitcoin protocol.
Updated on: 2023-06-09T01:54:23.420445+00:00