Zcash Privacy Weakened by Certain Behaviors, Researchers Say
Patterns in usage have allowed four researchers to link many supposedly private zcash transactions to mining pools and founders. Zcash has responded.
Researchers have identified patterns in certain kinds of zcash transactions that weaken their anonymity, according to a paper published Tuesday.
George Kappos, Haaroon Yousaf, Mary Maller and Sarah Meiklejohn found that when coins move from "unshielded" to "shielded" and back to "unshielded" addresses, they lose much of the anonymity that zcash users expect. The University College London team wrote that their "relatively simple heuristics … reduce the size of the overall anonymity set by 69.1 percent."
Zcash, one of the most prominent and well-regarded privacy coins, offers two kinds of addresses: "t-addresses" are transparent or unshielded, meaning that their balances and transactions are publicly visible on the blockchain; "z-addresses" are shielded, meaning that their balances and transactions are invisible.
Transactions from one unshielded address to another are completely public, if pseudonymous, as in bitcoin. Transactions from one shielded address to another are almost completely invisible, showing only the timestamps and fees associated with mining.
Transactions between different types of addresses introduce complications, however, making it possible to glean some information about the z-addresses involved, according to the paper.
Part of the reason is behavioral, the authors explain. "Our heuristics would have been significantly less effective if the founders interacting with the pool behaved in a less regular fashion," they write. "In particular, by always withdrawing the same amount in the same time intervals, it became possible to distinguish founders withdrawing funds from other users."
The reason for these transactions – and similar ones performed by miners – is that zcash coins are required to pass through the "shielded pool" of z-addresses before they can be used for another transaction.
The researchers wrote that they alerted the founders to this problem before publishing their research, which they add has already led to a change in behavior.
In a response, Zcash founder Zooko Wilcox and marketing director Josh Swihart congratulated the research team, saying they "invite other scientists to join with us in investigating these questions that are important to the future of human society."
Regarding the actual privacy concern, the post said:
Further, Wilcox and Swihart said that planned upgrades to the zcash protocol - specifically the Sapling hard fork - would lessen the risks to anonymity identified in the paper.
Currently, only a minority of transactions are shielded, and far fewer are fully shielded, with z-addresses on both sides. According to the Zchain block explorer, 85 percent of transactions over the past month are fully public, and just 0.6 percent are fully shielded.
Fence image via Shutterstock
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.