Hungary Researchers – Ethereum Considerably Less Private Than Bitcoin May 29, 2020 May 29, 2020
Hungary based academics, including Ferenc Béres, carried out extensive research on the Ethereum blockchain to discover the manner in which transactions conducted on it can be easily de-anonymized.
The study, which is yet to be reviewed by peers, concentrated on multiple Ethereum-centric features that totally make the network simpler to monitor than competitors such as Bitcoin (BTC).
The academics pointed out that Ethereum’s ledger framework is in stark contrast with Bitcoin’s Unspend Transaction Output (UTXO) approach, making it less discreet due to the process of wallet reuse:
“The account-based model reinforces address-reuse on the protocol level. This behavior practically makes the account-based cryptocurrencies inferior to UTXO-based currencies from a privacy point of view.”
Ethereum’s distinctive aspect is its name service, which links identifiers to “.eth” domains that are understandable by humans. The research team managed to crawl over 890 domains on public Twitter accounts.
It was more than sufficient to identify potential infringing action, as around 10% of those wallets communicated with betting platforms, while 5% had been using adult entertainment.
The researchers then utilized the ENS addresses as a reference point to figure out whether they could connect other addresses to the public identifier of the individual.
They suggested numerous approaches to classify individual account owners throughout multiple addresses, which also include time zone stamp, gas cost and mutual actions across numerous addresses.
The strategy was implemented on a popular trustless mixer, Tornado Cash, which allows users “clean” their cryptos by remitting them to a new address.
Nevertheless, academics identified that 7.5% of them pulled out cash to the same address from where the deposit was made, turning their mixing attempts totally useless.
Utilizing personalized gas fee for every transaction and conducting straight forward remittances between the withdrawal and deposit wallets also renders recognition simpler.
As a whole, a maximum of 17% of transactions can be de-anonymized using these basic concepts.
In addition, a major portion of these connected users retain their funds only for few days in the contract, enabling the reduction of total confidentiality set.
Many of them will utilize the same wallets used for withdrawing ETH multiple times in denominations of 0.1. That makes the job of comparing with pay-in transactions quite easy.
Even though the academics concentrated on Ethereum blockchain weakness, they warned that similar methods could be applied on UTXO-based currencies, even though not in an effortless manner.
They finished with the following statement:
“We believe that in practice […] also Bitcoin non-custodial mixers provide drastically less privacy and fungibility than what currently the community expects.”