Anonymous Bitcoin transaction: A solution using secure multiparty computation

Abstract

Bitcoin is a popular form of cryptocurrencies. Bitcoin provides users' anonymity through cryptographic pseudonyms. Bitcoin operates on a peer-to-peer network that maintains a public ledger, called blockchain, to log all transactions from one pseudonym to other, thereby hides the identity of the users. A transaction graph from the blockchain may unveil certain users' identities. To sustain with users' anonymity, mixing is often applied. CoinJoin, MixCoin, CoinShuffle, CoinParty and SecureCoin are some of the Bitcoin protocols that apply mixnet. Mixnet has certain limitations. Firstly, protocols assume “escrow addressee” that collects the coins, and performs mixing. The “escrow addressee” must be trustworthy. Secondly, protocols which do not assume “escrow addressee,” often use mixnet. Mixnet requires every participant must sign all others transactions. This incurs large volume of multi-signature. Presently, Bitcoin protocol can include at most 15 multi-signatures. Therefore, the protocols are not scalable. Finally, mixnet is “all-or-nothing.” That is, if all mixnodes are active then only the output is guaranteed. We present a multiparty shuffling protocol to anonymize the Bitcoin transactions. Our protocol is free from “escrow addressee” and multi-signature. The protocol executes in multiple rounds. The protocol is not “all-or-nothing.” That means, every round guarantees some degree of anonymity.