Abstract
The Bitcoin P2P network currently represents a reference benchmark for modern cryptocurrencies. Its underlying protocol defines how transactions and blocks are distributed through all participating nodes. To protect user privacy, the identity of the node originating a message is kept hidden. However, an adversary observing the whole network can analyze the spread pattern of a transaction to trace it back to its source. This is possible thanks to the so-called rumor centrality, which is caused by the symmetry in the spreading of gossip-like protocols. Recent works try to address this issue by breaking the symmetry of the Diffusion protocol, currently used in Bitcoin, and leveraging proxied broadcast. Nonetheless, the complexity of their design can be a barrier to their adoption in real life. In this work, we propose Clover, a novel transaction relay protocol that protects the source of transaction messages with a simple, yet effective, design. Compared to previous solutions, our protocol does not require building propagation graphs, and reduces the ability of the adversary to gain precision by opening multiple connections towards the same node. Experimental results show that the deanonymization accuracy of an eavesdropper adversary against Clover is up to 10 times smaller compared to Diffusion.
Highlights
Over the past few years, Bitcoin [1] has risen to an unprecedented level of popularity
To evaluate the effectiveness of our protocol against an eavesdropper adversary, we performed a series of experiments in a simulated environment
We set our experiments in a private Bitcoin network using the reference client (Bitcoin Core 0.20), which we modified to implement the Clover protocol
Summary
Over the past few years, Bitcoin [1] has risen to an unprecedented level of popularity. A less-known approach is to link transaction messages to their originating node in the underlying P2P network [8,9,10] This approach is based on the observation that the first device to broadcast a transaction in the network is likely the one that created it. To implement this approach, an adversary typically deploys one or more nodes connecting. This limit is not enforced, making nodes able to establish as many connections as needed This is useful for measuring tools that connect to all reachable nodes, as well as for the so-called supernodes, which are often used by mining pools to maximize their connectivity with the network. Malicious actors can exploit this feature to improve the effectiveness of their attacks
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
