Abstract
During the Coincheck incident, which recorded the largest damages in cryptocurrency history in 2018, it was demonstrated that using Mosaic token can have a certain effect. Although it seems attractive to employ tokens as countermeasures for cryptocurrency leakage, Mosaic is a specific token for the New Economy Movement (NEM) cryptocurrency and is not employed for other blockchain systems or cryptocurrencies. Moreover, although some volunteers tracked leaked NEM using Mosaic in the CoinCheck incident, it would be better to verify that the volunteers can be trusted. Simultaneously, if someone (e.g., who stole cryptocurrencies) can identify the volunteers, then that person or organization may be targets of them. In this paper, we propose an anonymous trust-marking scheme on blockchain systems that is universally applicable to any cryptocurrency. In our scheme, entities called token admitters are allowed to generate tokens adding trustworthiness or untrustworthiness to addresses. Anyone can anonymously verify whether these tokens were issued by a token admitter. Simultaneously, only the designated auditor and no one else, including nondesignated auditors, can identify the token admitters. Our scheme is based on accountable ring signatures and commitment, and is implemented on an elliptic curve called Curve25519, and we confirm that both cryptographic tools are efficient. Moreover, we also confirm that our scheme is applicable to Bitcoin, Ethereum, and NEM.
Highlights
Cryptocurrencies such as Bitcoin, Ethereum, and New Economy Movement (NEM) have attracted attention in various aspects, such as the large market capitalization and the use of smart contracts
During the Coincheck incident, which recorded the largest damages in cryptocurrency history in 2018, some volunteers tracked leaked New Economy Movement (NEM)
ACCOUNTABLE RING SIGNATURES In blockchain systems, a transaction is signed by a secret key connected with an address
Summary
Cryptocurrencies (cryptoassets) such as Bitcoin, Ethereum, and NEM have attracted attention in various aspects, such as the large market capitalization and the use of smart contracts. Anyone can anonymously check whether a token admitter generates a signature. It seems effective to consider auditors, who can identify token admitters from signatures Another naive solution is to employ group signatures [20]. Token admitters can anonymously issue tokens for either trustworthiness or untrustworthiness to addresses by generating accountable ring signatures [15], [26], [28], [50]. By checking accountable ring signatures, anyone could anonymously check whether a token admitter generated a signature. ACCOUNTABLE RING SIGNATURES In blockchain systems, a transaction is signed by a secret key connected with an address. A user made a ring (a set of verification keys), designated an opener public key, and generated a signature using his or her own signing key. Anyone can check whether (M , σ ) is generated by the token admitter i by running Judge(opkj, M , R, σ, pki, π )
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
