Author: Chris Pacia 2014-08-11 06:30:16
Published on: 2014-08-11T06:30:16+00:00
A group of researchers in Germany have proposed a decentralized protocol for CoinJoin, called CoinShuffle. The protocol is essentially a clever way to create a CoinJoin transaction, a way to mix coins among users to improve anonymity. The advantage of CoinJoin over mixing with a server or trusted party is that nobody can steal coins. Each user can check if the single transaction sends enough coins to his fresh output address. If this is not the case, the user can just refuse to sign the transaction and nothing bad happens. The difficulty in CoinJoin is to let the participants announce their fresh output addresses without breaking anonymity. A naive approach is to send these two messages via a secure channel to a server that organizes the whole mixing. While the server cannot steal coins, the server still has to be trusted for anonymity, because it knows which input addresses belong to which output addresses. CoinShuffle is a decentralized protocol to perform mixing in a secure way without trusted third parties. It has many features including no (trusted or untrusted) third party in a run of the protocol, unlinkability of input and output addresses, security against thefts, robustness against denial-of-service, only public-key encryption and signatures, efficiency and compatibility. In addition, the protocol does not require changes to the Bitcoin protocol. The costs are almost completely caused by communication. The computation overhead is minimal. There is a proof-of-concept implementation available on their project page. It is really only a proof-of-concept and it implements only the announcement of the addresses, not the creation of the transaction. Moreover, the code is CERTAINLY INSECURE and not well-written; our only goal was to demonstrate feasibility and estimate the performance of our approach. The researchers plan to develop a full, open-source implementation of the protocol and would like to build on top of an existing wide-spread client. They also mentioned they did not decide which of the existing clients they would like to extend. They would appreciate any help in the process. Help in design and coding would be great but they also would like to hear your comments, criticism, and improvements for the protocol itself.
Updated on: 2023-06-09T01:54:52.972126+00:00