Hiding Transaction Amounts and Balances in Bitcoin

  • Elli Androulaki
  • Ghassan O. Karame
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8564)


Bitcoin is gaining increasing adoption and popularity nowadays. In spite of its reliance on pseudonyms, Bitcoin raises a number of privacy concerns due to the fact that all of the transactions that take place in the system are publicly announced.

The literature contains a number of proposals that aim at evaluating and enhancing user privacy in Bitcoin. To the best of our knowledge, ZeroCoin (ZC) is the first proposal which prevents the public tracing of coin expenditure in Bitcoin by leveraging zero-knowledge proofs of knowledge and one-way accumulators. While ZeroCoin hardens the traceability of coins, it does not hide the amount per transaction, nor does it prevent the leakage of the balances of Bitcoin addresses. In this paper, we propose, EZC, an extension of ZeroCoin which (i) enables the construction of multi-valued ZCs whose values are only known to the sender and recipient of the transaction and (ii) supports the expenditure of ZCs among users in the Bitcoin system, without the need to convert them back to Bitcoins. By doing so, EZC hides transaction values and address balances in Bitcoin, for those users who opt-out from exchanging their coins to BTCs. We performed a preliminary assessment of the performance of EZC; our findings suggest that EZC improves the communication overhead incurred in ZeroCoin.


Bitcoin ZeroCoin user-privacy hiding transaction amounts hiding Bitcoin balances 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Mt. Gox – WIkepedia,
  3. 3.
    Bitcoin Charts,
  4. 4.
    Evaluating User Privacy in Bitcoin, Financial Cryptography and Data Security Conference (FC) (2013),
  5. 5.
    Protocol Rules – Bitcoin,
  6. 6.
    Protocol Specifications – Bitcoin,
  7. 7.
    znort987 Bitcoin Blockchain parser,
  8. 8.
    Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin,
  9. 9.
    Bitcoin Gateway, A Peer-to-peer Bitcoin Vault and Payment Network (2011),
  10. 10.
    Bitcoin: Tempering the Digital Ring of Gyges or Implausible Pecuniary Privacy (2011),
  11. 11.
    Au, M.H., Susilo, W., Mu, Y.: Proof-of-Knowledge of Representation of Committed Value and Its Applications. In: Steinfeld, R., Hawkes, P. (eds.) ACISP 2010. LNCS, vol. 6168, pp. 352–369. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    Babaioff, M., Dobzinski, S., Oren, S., Zohar, A.: On Bitcoin and Red Balloons. In: CoRR (2011)Google Scholar
  13. 13.
    Bamert, T., Decker, C., Elsen, L., Wattenhofer, R., Welten, S.: Have a Snack, Pay with Bitcoins. In: 13th IEEE International Conference on Peer-to-Peer Computing (2013)Google Scholar
  14. 14.
    Belenkiy, M., Chase, M., Erway, C., Jannotti, J., Küpçü, A., Lysyanskaya, A., Rachlin, E.: Making P2P Accountable without Losing Privacy. In: Proceedings of WPES (2007)Google Scholar
  15. 15.
    Brands, S.: Electronic Cash on the Internet. In: Proceedings of the Symposium on the Network and Distributed System Security (1995)Google Scholar
  16. 16.
    Brands, S.: Rapid Demonstration of Linear Relations Connected by Boolean Operators. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 318–333. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  17. 17.
    Camenisch, J.L., Hohenberger, S., Lysyanskaya, A.: Compact E-Cash. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 302–321. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials, pp. 61–76 (2002)Google Scholar
  19. 19.
    Camenisch, J.: Group Signature Schemes and Payment Systems Based on the Discrete Logarithm Problem. PhD thesis, ETH Zurich. ETH Series in Information Security and Cryptography (1998)Google Scholar
  20. 20.
    Camenisch, J., Lyasyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials (2002)Google Scholar
  21. 21.
    Chase, M., Lysyanskaya, A.: On signatures of knowledge. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 78–96. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Chaum, D., Roijakkers, S.: Unconditionally secure digital signatures. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 206–214. Springer, Heidelberg (1991)Google Scholar
  23. 23.
    Clark, J., Essex, A.: (Short Paper) CommitCoin: Carbon Dating Commitments with Bitcoin. In: Proceedings of Financial Cryptography and Data Security (2012)Google Scholar
  24. 24.
    Cramer, R., Damgård, I.B., Schoenmakers, B.: Proof of partial knowledge and simplified design of witness hiding protocols. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 174–187. Springer, Heidelberg (1994)Google Scholar
  25. 25.
    Decker, C., Wattenhofer, R.: Information Propagation in the Bitcoin Network. In: 13th IEEE International Conference on Peer-to-Peer Computing (2013)Google Scholar
  26. 26.
    Díaz, C., Seys, S., Claessens, J., Preneel, B.: Towards measuring anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 54–68. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  27. 27.
    Dwork, C.: Differential privacy: A survey of results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
    Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  29. 29.
    Fiat, A., Shamir, A.: How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)CrossRefGoogle Scholar
  30. 30.
    Garman, C., Green, M., Meiers, I., Rubin, A.: Rational zero: Economic security for zerocoin with everlasting anonymity. In: Financial Cryptography and Data Security Conference (2014)Google Scholar
  31. 31.
    Karame, G., Francillon, A., Čapkun, S.: Pay as you Browse: Microcomputations as Micropayments in Web-based Services. In: Proceedings of WWW (2011)Google Scholar
  32. 32.
    Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: Anonymous Distributed E-Cash from Bitcoin (2013)Google Scholar
  33. 33.
    Moore, T., Christin, N.: Beware the middleman: Empirical analysis of bitcoin-exchange risk. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 25–33. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  34. 34.
    Ober, M., Katzenbeisser, S., Hamacher, K.: Structure and anonymity of the bitcoin transaction graph. Future Internet 5(2), 237–250 (2013)CrossRefGoogle Scholar
  35. 35.
    Pfitzmann, A., Hansen, M.: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management-A Consolidated Proposal for Terminology. Fachterminologie Datenschutz und Datensicherheit, 111–144 (2008)Google Scholar
  36. 36.
    Reid, F., Harrigan, M.: An Analysis of Anonymity in the Bitcoin System. In: CoRR (2011)Google Scholar
  37. 37.
    Ron, D., Shamir, A.: Quantitative analysis of the full bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  38. 38.
    Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2009)Google Scholar
  39. 39.
    Schnorr, C.-P.: Efficient signature generation for smart cards. Journal of Cryptology, 239–252 (1991)Google Scholar
  40. 40.
    Serjantov, A., Danezis, G.: Towards an information theoretic metric for anonymity. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 41–53. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  41. 41.
    Shokri, R., Theodorakopoulos, G., Le Boudec, J., Hubaux, J.P.: Quantifying location privacy. In: Proceedings of the IEEE Symposium on Security and Privacy (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Elli Androulaki
    • 1
  • Ghassan O. Karame
    • 2
  1. 1.IBM Research ZurichRüschlikonSwitzerland
  2. 2.NEC Laboratories EuropeHeidelbergGermany

Personalised recommendations