“CoinJoin in the Wild: An Empirical Analysis in Dash” Accepted to ESORICS 2021

Symbolic picture for the article. The link opens the image in a large view.

The paper “CoinJoin in the Wild: An Empirical Analysis in Dash” has been accepted to the 26th European Symposium on Research in Computer Security. This is a joint work of Dominic Deuber and Dominique Schröder.

Below you will find the abstract of the paper.

CoinJoin is the predominant means to enhance privacy in non-private cryptocurrencies, such as Bitcoin. The basic idea of CoinJoin is to create transactions that combine equal-valued coins of multiple users. This mixing of coins aims to prevent linkage of the users’ transactions in- and outputs. The cryptocurrency Dash employs a built-in CoinJoin service and, therefore, is ideal for empirically studying CoinJoin. This paper presents the first empirical analysis of Dash, which reveals that over 40% of all private transactions can be de-anonymized depending on underlying assumptions. The main issue of these attacks is the coin- aggregation problem, i.e. the need to combine outputs of several CoinJoin transactions. The coin-aggregation problem is not specific to Dash and affects other cryptocurrencies as empirical evidence in Bitcoin suggests. It is shown that the obvious solution to the problem, namely CoinJoin transactions with non-fixed arbitrary values, suffers from other privacy weaknesses. We propose a novel mixing algorithm to mitigate the need for coin aggregation without introducing additional privacy vulnerabilities. In contrast to prior mixing algorithms, our approach removes the need for fixed values by dynamically creating equal-valued CoinJoin transactions. The mixing algorithm is not specific to Dash, and integration into other cryptocurrencies, especially into Bitcoin, is possible.