The data in Cyber–Physical Systems (CPSs) is currently undergoing an explosive surge. Blockchain-based CPS exhibit enhancements in security, fault tolerance, and trust for its data sharing. However, it is very challenging to achieve the privacy preserving and efficient data sharing in CPS considering the privacy concerns introduced by blockchain while the cost associated with privacy protection cannot be neglected. To release these potential challenges, we propose a blockchain-assisted data-sharing scheme that ensures security, privacy-preserving and efficiency. We introduce deniability into data-sharing based on an identity-based deniable authentication protocol. This protocol enables data owners to deny their data-sharing actions, thereby protecting their privacy, while simultaneously providing recipients with the assurance of data verifiability. Furthermore, by incorporating multi-recipient encryption techniques, the proposed scheme significantly simplifies interactions with multiple recipients, reducing associated costs. Additionally, we propose a source traceability mechanism with the assistance of blockchain, establishing a distributed, transparent and trustworthy framework for data sharing, while ensuring honest cooperation between the individual participants. Security analysis and performance comparisons demonstrate the effectiveness and security of this scheme.