Have a question? Want to advertise? Something else? Contact us: [email protected]

From the Front Page

Categories: General, Guest Blog

The First 3 Generations of Bitcoin Mixing

Published on February 21st, 2014 by Submissions
By Kristov Atlas The public ledger of transactions that permits the decentralization of Bitcoin also leaks tremendous amounts of financial information to the world. In this regard, the Bitcoin Blockchain is both a blessing and a curse. The data on the Blockchain can easily be analyzed to reveal the identity of some users, and the common ownership of many Bitcoin addresses. It's the perfect tool for any organization tasked with financial surveillance for nefarious or commercial purposes. In response to this design flaw, Bitcoin mixing emerged early on in Bitcoin's short history. Also known as Bitcoin "tumbling" or "laundry," mixing obscures the flow of bitcoins from one address to the next. Bitcoin users can use mixers to obscure ownership by cooperating with other users to mix each other's coins together, by performing accounting that takes place off the Blockchain, or some combination of the two. Maintainers of the Bitcoin code have been reluctant to incorporate mixing technologies into the core Bitcoin protocol. Not only would incorporation of mixing into Bitcoin be politically unpalatable for some, but it would potentially complicate an extremely delicate system. This multi-billion dollar currency requires software-based consensus never before seen by the world; even software bugs that emerged early in Bitcoin's history must be carried forward in perpetuity, lest their correction prompt an unforeseen consequence that causes the network to come crashing to a halt. Incorporating mixing technologies into Bitcoin would be the most thorough and accessible way to bring financial privacy to the greatest number of Bitcoin users, so it's unfortunate that the Bitcoin developers are not moving in this direction. Nonetheless, we still have the option of implementing mixing technologies outside of the core protocol, providing services that users can opt-in to.

The First Generation of Mixers: Centralized Mixing Services

If you wanted to create a Bitcoin service, the fastest way to accomplish this would be to set up a new wallet for that service, and receive bitcoins from customers. Not only is this approach simple for your programmers, but it's also a centralized financial model that is familiar to all of us emerging from the legacy banking system, in which customers deposit funds directly into bank accounts, and banks transfer that money to other institutions on the customers' behalf. It's no surprise, then, that the first generation of Bitcoin mixers have operated in this fashion. The steps for using a first-generation mixing service are as follows:
  1. The customer sends bitcoins to the mixing service's wallet, and informs the service where the bitcoins should end up after mixing.
  2. The mixing service does some form of "mixing." Usually this involves performing some internal accounting that will not be reflected on the Blockchain. For example, if the mixing service receives 1 BTC from from customer A going to address X after mixing, and 1 BTC from customer B going to address Y after mixing, it might forward customer A's 1 BTC to address Y and customer B's 1 BTC to address X. In other words:
1 BTC (customer A) ? Y 1 BTC (customer B) ? X If you perform these kinds of mixing operations enough times, it can be difficult to reconstruct the path of bitcoins based only on the information found on the Blockchain. There are two fundamental problems with this model of mixing. We must trust the mixing service to do two very important things, when in reality, we should not trust them to do either.
  1. We trust the service not to steal our bitcoins, or let them get stolen by some thief. The fact that our bitcoins are in their wallet for some period of time means that this is a substantial risk.
  2. We must trust the service not to maintain records linking our addresses before and after mixing. If someone can hack into the service and obtain these records, the mixing was useless. The real problem is that, even if we can trust the mixing service not to intentionally sell or give away these records, there's no way for them to prove to us that they are deleting all of the records securely.

The Second Generation of Mixers: Peer-Based Mixers

The next generation of mixers attempt to address these two problems with the centralized model. Peer-based mixers rely on a "team" of Bitcoin users who all want to mix their coins together, gathering at the same place and time on the Internet. Rather than a mixing service receiving bitcoins from a customer and performing the mixing itself, second generation mixers simply act as a meeting place for users, and help them orchestrate mixing amongst each other. This model affords the following advantages:
  1. It solves the theft problem. Since we no longer need to send our bitcoins to any third party, they can't be stolen during the mixing. A mixing service implementing a protocol such as CoinJoin or CoinSwap allows a bunch of Bitcoin users to get together and craft a single Bitcoin transaction in multiple stages, ultimately sending their bitcoins to each other's destination addresses. None of the participants, other than the mixing server, need to know the relationship between their starting and destination addresses. This can be performed multiple times with multiple parties to further complicate analysis of the Blockchain. This approach is often referred to as trust-less mixing.
  2. It solves the record-keeping problem. New cryptographic primitives such as cryptographic blinding, zero-knowledge proofs (ZKPs), and Succinct Non-interactive Arguments of Knowledge (SNARKs) can improve on peer-based mixing protocols so that, not only do the peers not need to know about each other's destination address, but the mixing server helping to orchestrate the mixing doesn't know it, either. I refer to this approach as blind mixing.

The Third Generation of Mixers: Anonymous Altcoins

Altcoins are crypto-currencies, made in Bitcoin's image, but with some modifications made and features added. One of the things we can change about Bitcoin is its openness about transactions, and we can incorporate some of the technologies from the second generation of mixers to create new anonymous altcoins. Since any altcoin market is much smaller than Bitcoin's, there's more room for experimentation and error. The team leading the charge of anonymous altcoins is the Zerocoin team. Watch this presentation below by cryptographer Matthew Green; he and his team plan to launch a Zerocoin altcoin in the coming months, based on their recent improvements to the original Zerocoin proposal. https://www.youtube.com/watch?v=Uh6erfE9HYE Getting fiat currencies into Bitcoin is challenging, because the services that help us do this are subject to government regulation and must interface with the clunky and indiscreet legacy banking system. Crypto-currency exchanges, on the other hand, can operate under the radar, beyond the reach of regulations, and can be incorporated into Blockchain-based technologies to form peer-to-peer exchanges. I believe that, once anonymous altcoins and decentralized exchanges are deployed, we will see these altcoins being used as off-ramps from and on-ramps to Bitcoin, essentially acting as mixers. This model of mixing will make two improvements to the second generation of mixers: Anonymous altcoins will further decentralize the mixing process so that a mixing server will no longer be required, and the work will instead be outsourced to the altcoin's distributed network. Anonymous altcoins will increase the size of the "anonymity set" of users. The anonymity set is the group of people who you could possibly be mistaken for when anonymizing your coins. Whereas the second generation of mixers will limit the anonymity set to those users who can meet at the same place and time on the Internet, anonymous altcoins will potentially include every person who owns that crypto-currency, which can be a much larger group of people to hide within.

Views: 7,401


Make sure to make use of the "downvote" button for any spammy posts, and the "upvote" feature for interesting conversation. Be excellent.

comments powered by Disqus