Design and Implementation of Secure Decentralized Bitcoin Mixing

Roman Matzutt

Bitcoin was developed in order to enable anonymous electronic payments without the need for a central trusted entity. The design of Bitcoin is based on the utilization of a public ledger for fund transactions in order to prevent users from double-spending funds. However, Bitcoin cannot live up to its initial promise of providing financial privacy. It has been shown that an attacker is able to follow the payments of a user if he is able to link the user’s identity to one of his pseudonymous Bitcoin addresses. This threat gave rise to commercial services that randomly exchange funds of different users to create unlinkability between their old and new identities. Yet, the service provider can easily steal submitted funds. To mitigate this threat, decentralized mixing services emerged that prevent fund stealing by single parties. These services typically create transactions that are identifiable as mixing transactions. In this thesis, we extend CoinParty, a distributed bitcoin mixing protocol that combines the usability and achievable anonymity of centralized mixing services with the robustness of a decentralized mixing service. We also implement a proof-of-concept prototype for our protocol. We show that CoinParty is secure against a malicious attacker who controls up to t < n/3 of the n distributed peers. Furthermore, we show the applicability of our prototype to real-world scenarios as it can feasibly anonymize the funds of 30 users when using a robust network of 31 independent peers, which tolerates an attacker controlling up to ten of these peers.