gpestana / p2psec Goto Github PK

Buffer of paper on {privacy, security, P2P, decentralised systems} to read next.

Summaries , notes and bibliography at https://github.com/gpestana/p2psec/tree/master/research

Blockchain is Watching You: Profiling and Deanonymizing Ethereum Users

• Account-based model is inferior than UTXO model from a privacy perspective;
  “quasi-identifiers” to tag users based on account addresses (user profiling based on quasi-identifiers);
• Study of the Tornado Cash coin mixer privacy based on strong heuristics that decrease the privacy guarantees of non-custodial mixers on Ethereum;
• Variant of Danaan-gift fingerprint attack for Ethereum;
• Authors use node embedding methods to cluster Eth addresses for user profiling in Ethereum
• Authors collected Ethereum addresses and respective links to users based on data from twitter accounts, tornado cash, humanity-dao; From the 4259 addresses collected, they identified 1,155,188 transactions (sent or received) during 5y.
• Exact identification of accounts pairs/users is not a goal of the paper; instead, the goal is to rank plausible deanonymization candidates and with that reduce the k-anonymity of Ethereum accounts.

Problem 1: In Ethereum, native transactions can only move funds from a single sender and a single receiver, with the change being stored in the sender account. Subsequent transactions will re-use the account that received the unspent amount. Account-based model relies on address-reuse on the protocol level.

Proposed solutions:

• Coin Mixers:

  • M ̈obius: Trustless tumbling for transaction privacy
  • Mixeth: efficient, trustless coin mixing service for ethereum
  • Sharelock: Mixing for cryptocurrencies from multiparty ecdsa
  • Tornado Cash

• Confidential transactions

  • AZTEC
  • Pgc: Pretty good decentralized confidential payment system with auditability
  • Zether: Towards privacy in a smart contract world

Deanonymization vectors:

• Pairing Ethereum accounts from the same user (Section 6)
• Tornado Cash deposit and withdrawals pairs (Section 7)
  F- ingerprint accounts through Danaan-gift variant (Section 8)

Section 6: Pairing Ethereum accounts from the same user

3 quasi-identifiers user to link accounts from the same user:
Active time of the day
Gas price selection
Location in the Ethereum transaction graph

Evaluation:
Given an Ethereum address, order remaining addresses by their Euclidean distance;

Section 7: Tornado Cash deposit and withdrawals pairs

Section 8: Fingerprint accounts through Danaan-gift variant

Conclusions

Actionable insights / open questions

• “... users should avoid sensitive activities on addresses easily linkable to their public identities, such as ENS name or their Twitter handle.” → due to the possibility to link ENS names to which services/service categories have been used over time (e.g. adult/gambling/DeFi, etc..)
• Different wallet softwares use different methods to compute suggested gas prices. Can we fingerprint a wallet software? How to avoid wallet fingerprinting?
• Network-level privacy -- there are several studies showing how wallet privacy is lost when users interact with full nodes or wallet providers. How can the user protect against broadcast and network-level privacy attacks?
• How may browser and mobile wallets affect privacy? (see paper 3. below) What can be done to prevent that?
• Anonymous transaction relayers?

A Fistful of Bitcoins: Characterizing Payments Among Men with No Names

When the cookie meets the blockchain: Privacy risks of web payments via cryptocurrencies

VerSum: Verifiable Computations over Large Public Logs may have interesting ideas regarding decentralised computation verification.

Measuring privacy in P2P networks is hard but important to study and design privacy preserving P2P systems.

to read list

• Towards measuring anonymity (C Dıaz, et. al)
  https://github.com/gpestana/p2psec/blob/master/research/measuring_anonymity.md

• Towards an Information Theoretic Metric for Anonymity (A. Serjantov, G. Danezis)