On How Zero-Knowledge Proof Blockchain Mixers Improve, and Worsen User Privacy

by   Zhipeng Wang, et al.

One of the most prominent and widely-used blockchain privacy solutions are zero-knowledge proof (ZKP) mixers operating on top of smart contract-enabled blockchains. ZKP mixers typically advertise their level of privacy through a so-called anonymity set size, similar to k-anonymity, where a user hides among a set of k other users. In reality, however, these anonymity set claims are mostly inaccurate, as we find through empirical measurements of the currently most active ZKP mixers. We propose five heuristics that, in combination, can increase the probability that an adversary links a withdrawer to the correct depositor on average by 51.94 (108.63 mixer, respectively. Our empirical evidence is hence also the first to suggest a differing privacy-predilection of users on ETH and BSC. We further identify 105 Decentralized Finance (DeFi) attackers leveraging ZKP mixers as the initial funds and to deposit attack revenue (e.g., from phishing scams, hacking centralized exchanges, and blockchain project attacks). State-of-the-art mixers are moreover tightly intertwined with the growing DeFi ecosystem by offering “anonymity mining” (AM) incentives, i.e., mixer users receive monetary rewards for mixing coins. However, contrary to the claims of related work, we find that AM does not always contribute to improving the quality of an anonymity set size of a mixer, because AM tends to attract privacy-ignorant users naively reusing addresses.


page 1

page 6


BMS: Secure Decentralized Reconfiguration for Blockchain and BFT Systems

Reconfiguration of long-lived blockchain and Byzantine fault-tolerant (B...

Blockchain Privacy Through Merge Avoidance and Mixing Services: a Hardness and an Impossibility Result

Cryptocurrencies typically aim at preserving the privacy of their users....

Incentives Don't Solve Blockchain's Problems

A blockchain faces two fundamental challenges. It must motivate users to...

Privacy-preserving Blockchain-enabled Parametric Insurance via Remote Sensing and IoT

Traditional Insurance, a popular approach of financial risk management, ...

Trustless, privacy-preserving blockchain bridges

In this paper, we present a protocol for facilitating trust-less cross-c...

Please sign up or login with your details

Forgot password? Click here to reset