Abstract
Decentralized ledger-based currencies such as Bitcoin provide a means to construct payment systems without requiring a trusted bank. Removing this trust assumption comes at the significant cost of transaction privacy. A number of academic works have sought to improve the privacy offered by ledger-based currencies using anonymous electronic cash (e-cash) techniques. Unfortunately, this strong degree of privacy creates new regulatory concerns, since the new private transactions cannot be subject to the same controls used to prevent individuals from conducting illegal transactions such as money laundering. We propose an initial approach to addressing this issue by adding privacy preserving policy-enforcement mechanisms that guarantee regulatory compliance, allow selective user tracing, and admit tracing of tainted coins (e.g., ransom payments). To accomplish this new functionality we also provide improved definitions for Zerocash and, of independent interest, an efficient construction for simulation sound zk-SNARKs.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We note that this tax policy is ill defined if users collude to generate a transaction using MPC where the input identities are different. This can be fixed by ensuring that there is only one identity used for all input coins. However, the same MPC mechanism could be used to share one identity and never pay taxes.
- 2.
It may be possible to reduce the cost of these proofs by introducing zero-knowledge proofs that are only partially extractable, although this technique is not described by the Hawk authors. For example, the exact Merkle tree path need not be extracted from the zkSNARK proof.
References
Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to better — how to make bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32946-3_29
Ben-Sasson, E., Chiesa, A., Garman, C., Green, M., Miers, I., Tromer, E., Virza, M.: Zerocash: decentralized anonymous payments from Bitcoin. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 459–474. IEEE (2014)
Ben-Sasson, E., Chiesa, A., Genkin, D., Tromer, E., Virza, M.: SNARKs for C: verifying program executions succinctly and in zero knowledge. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 90–108. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40084-1_6
Ben-Sasson, E., Chiesa, A., Tromer, E., Virza, M.: Succinct non-interactive zero knowledge for a von Neumann architecture. In: Proceedings of the 23rd USENIX Security Symposium, Security 2014 (2014). http://eprint.iacr.org/2013/879
Biryukov, A., Khovratovich, D., Pustogarov, I.: Deanonymisation of clients in Bitcoin P2P network. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 15–29. ACM (2014)
Bitansky, N., Chiesa, A., Ishai, Y., Paneth, O., Ostrovsky, R.: Succinct non-interactive arguments via linear interactive proofs. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 315–33. Springer, Heidelberg (2013). doi:10.1007/978-3-642-36594-2_18
Camenisch, J., Hohenberger, S., Lysyanskaya, A.: Balancing accountability and privacy using e-cash (extended abstract). In: Prisco, R., Yung, M. (eds.) SCN 2006. LNCS, vol. 4116, pp. 141–55. Springer, Heidelberg (2006). doi:10.1007/11832072_10
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: FOCS 2001, p. 136. IEEE Computer Society (2001). http://eprint.iacr.org/2000/067
Danezis, G., Fournet, C., Kohlweiss, M., Parno, B.: Pinocchio coin: building Zerocoin from a succinct pairing-based proof system. In: Proceedings of the First ACM Workshop on Language Support for Privacy-enhancing Technologies, pp. 27–30. ACM (2013)
Garman, C., Green, M., Miers, I.: Accountable privacy for decentralized anonymous payments. Cryptology ePrint Archive, Report 2016/061 (2016). http://eprint.iacr.org
Gennaro, R., Gentry, C., Parno, B., Raykova, M.: Quadratic span programs and succinct NIZKs without PCPs. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 626–45. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38348-9_37
Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications. Cambridge University Press, Cambridge (2004)
Groth, J.: Short pairing-based non-interactive zero-knowledge arguments. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 321–40. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17373-8_19
Kohlweiss, M., Miers, I.: Accountable tracing signatures. Cryptology ePrint Archive, Report 2014/824 (2014). http://eprint.iacr.org/
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: the blockchain model of cryptography and privacy-preserving smart contracts (2015)
Kügler, D., Vogt, H.: Auditable tracing with unconditional anonymity. In: International Workshop on Information Security Application - WISA 2001, pp. 151–163 (2001)
Kügler, D., Vogt, H.: Offline payments with auditable tracing. In: Blaze, M. (ed.) FC 2002. LNCS, vol. 2357, pp. 269–81. Springer, Heidelberg (2003). doi:10.1007/3-540-36504-4_19
Lipmaa, H.: Progression-free sets and sublinear pairing-based non-interactive zero-knowledge arguments. In: Cramer, R. (ed.) TCC 2012. LNCS, vol. 7194, pp. 169–189. Springer, Heidelberg (2012). doi:10.1007/978-3-642-28914-9_10
Lipmaa, H.: Succinct non-interactive zero knowledge arguments from span programs and linear error-correcting codes. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 41–60. Springer, Heidelberg (2013). doi:10.1007/978-3-642-42033-7_3
Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: anonymous distributed e-cash from Bitcoin. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 397–411. IEEE (2013)
Parno, B., Gentry, C., Howell, J., Raykova, M.: Pinocchio: nearly practical verifiable computation. In: Proceedings of the 34th IEEE Symposium on Security and Privacy, Oakland, pp. 238–252 (2013)
Reid, F., Martin, H.: An analysis of anonymity in the Bitcoin system. In: Proceedings of the 3rd IEEE International Conference on Privacy, Security, Risk and Trust and on Social Computing, SocialCom/PASSAT 2011, pp. 1318–1326 (2011)
Acknowledgements
This work was supported by: The National Science Foundation under awards EFRI-1441209 and CNS-1414023; Google ATAP; The Mozilla Foundation; and the Office of Naval Research under contract N00014-14-1-0333.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 International Financial Cryptography Association
About this paper
Cite this paper
Garman, C., Green, M., Miers, I. (2017). Accountable Privacy for Decentralized Anonymous Payments. In: Grossklags, J., Preneel, B. (eds) Financial Cryptography and Data Security. FC 2016. Lecture Notes in Computer Science(), vol 9603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-54970-4_5
Download citation
DOI: https://doi.org/10.1007/978-3-662-54970-4_5
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-54969-8
Online ISBN: 978-3-662-54970-4
eBook Packages: Computer ScienceComputer Science (R0)