Advertisement

A Quantitative Analysis of the Impact of Arbitrary Blockchain Content on Bitcoin

  • Roman MatzuttEmail author
  • Jens Hiller
  • Martin Henze
  • Jan Henrik Ziegeldorf
  • Dirk Müllmann
  • Oliver Hohlfeld
  • Klaus Wehrle
Conference paper
Part of the Lecture Notes in Computer Science book series

Abstract

Blockchains primarily enable credible accounting of digital events, e.g., money transfers in cryptocurrencies. However, beyond this original purpose, blockchains also irrevocably record arbitrary data, ranging from short messages to pictures. This does not come without risk for users as each participant has to locally replicate the complete blockchain, particularly including potentially harmful content. We provide the first systematic analysis of the benefits and threats of arbitrary blockchain content. Our analysis shows that certain content, e.g., illegal pornography, can render the mere possession of a blockchain illegal. Based on these insights, we conduct a thorough quantitative and qualitative analysis of unintended content on Bitcoin’s blockchain. Although most data originates from benign extensions to Bitcoin’s protocol, our analysis reveals more than 1600 files on the blockchain, over 99% of which are texts or images. Among these files there is clearly objectionable content such as links to child pornography, which is distributed to all Bitcoin participants. With our analysis, we thus highlight the importance for future blockchain designs to address the possibility of unintended data insertion and protect blockchain users accordingly.

Notes

Acknowledgements

This work has been funded by the German Federal Ministry of Education and Research (BMBF) under funding reference number 16KIS0443. The responsibility for the content of this publication lies with the authors.

References

  1. 1.
    German Criminal Code, Section 11 (2013)Google Scholar
  2. 2.
    German Criminal Code, Sections 184b and 184c (2013)Google Scholar
  3. 3.
    Protection of Children Act, Chapter 37, Section 7 (2015)Google Scholar
  4. 4.
    Bitcoin transaction fees (2016). https://bitcoinfees.info. Accessed 23 Sept 2017
  5. 5.
    General Data Protection Regulation, Section 24 (2016)Google Scholar
  6. 6.
    Aberer, K., Despotovic, Z.: Managing trust in a peer-2-peer information system. In: ACM CIKM, pp. 310–317 (2001)Google Scholar
  7. 7.
    Adya, A., et al.: FARSITE: federated, available, and reliable storage for an incompletely trusted environment. SIGOPS Oper. Syst. Rev. 36(SI), 1–14 (2002)CrossRefGoogle Scholar
  8. 8.
    Ali, M., Shea, R., Nelson, J., Freedman, M.J.: Blockstack: a new decentralized internet (2017). Accessed 23 Sept 2017Google Scholar
  9. 9.
    Andresen, G.: Block v2 (Height in Coinbase) (2012). https://github.com/bitcoin/bips/blob/master/bip-0034.mediawiki. Accessed 23 Sept 2017
  10. 10.
    Andresen, G.: Pay to script hash (2012). https://github.com/bitcoin/bips/blob/master/bip-0016.mediawiki. Accessed 23 Sept 2017
  11. 11.
    Ateniese, G., Magri, B., Venturi, D., Andrade, E.: Redactable blockchain - or - rewriting history in bitcoin and friends. In: IEEE EuroS&P, pp. 111–126 (2017)Google Scholar
  12. 12.
    Bartoletti, M., Pompianu, L.: An analysis of bitcoin OP\(\_\)RETURN metadata. In: FC Bitcoin Workshop (2017)Google Scholar
  13. 13.
    Bellinger, J., Hussain, M.: Freedom of speech: the great divide and the common ground between the united states and the rest of the world. In: Islamic Law and International Human Rights Law: Searching for Common Ground? pp. 168–180 (2012)Google Scholar
  14. 14.
    Blockchain.info: Bitcoin charts (2011). https://blockchain.info/charts. Accessed 23 Sept 2017
  15. 15.
    Camenisch, J., Derler, D., Krenn, S., Pöhls, H.C., Samelin, K., Slamanig, D.: Chameleon-hashes with ephemeral trapdoors. In: Fehr, S. (ed.) PKC 2017. LNCS, vol. 10175, pp. 152–182. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54388-7_6CrossRefGoogle Scholar
  16. 16.
    Clark, J., Essex, A.: CommitCoin: carbon dating commitments with bitcoin. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 390–398. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32946-3_28CrossRefGoogle Scholar
  17. 17.
    Clarke, I., Sandberg, O., Wiley, B., Hong, T.W.: Freenet: a distributed anonymous information storage and retrieval system. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 46–66. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44702-4_4CrossRefGoogle Scholar
  18. 18.
    Committee to Protect Journalists: Chinese journalist accused of illegally acquiring state secrets (2015). https://cpj.org/x/660d. Accessed 23 Sept 2017
  19. 19.
    Damiani, E., di Vimercati, D.C., Paraboschi, S., Samarati, P., Violante, F.: A reputation-based approach for choosing reliable resources in peer-to-peer networks. In: ACM CCS, pp. 207–216 (2002)Google Scholar
  20. 20.
    Dell Security: Annual threat report (2016). Accessed 23 Sept 2017Google Scholar
  21. 21.
    Douglas, D.M.: Doxing: a conceptual analysis. Eth. Inf. Technol. 18(3), 199–210 (2016)CrossRefGoogle Scholar
  22. 22.
    Eyal, I., Sirer, E.G.: Majority is not enough: bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45472-5_28CrossRefGoogle Scholar
  23. 23.
    Fleder, M., Kester, M., Sudeep, P.: Bitcoin transaction graph analysis (2015)Google Scholar
  24. 24.
    Freedom House: Turkey freedom of the press report (2016). https://freedomhouse.org/report/freedom-press/2016/turkey. Accessed 23 Sept 2017
  25. 25.
    Gracie, C.: Hong Kong stages huge National Day democracy protests (2014). http://www.bbc.com/news/world-asia-china-29430229. Accessed 23 Sept 2017
  26. 26.
    Gupta, M., Judge, P., Ammar, M.: A reputation system for peer-to-peer networks. In: ACM NOSSDAV, pp. 144–152 (2003)Google Scholar
  27. 27.
    Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on bitcoin’s peer-to-peer network. In: USENIX Security, pp. 129–144 (2015)Google Scholar
  28. 28.
    Herald Union: Copyright infringement by illegal file sharing in Germany (2015). http://www.herald-union.com/copyright-infringement-by-illegal-file-sharing-in-germany. Accessed 23 Sept 2017
  29. 29.
    HugPuddle: Apertus - Archive data on your favorite blockchains (2013). http://apertus.io. Accessed 23 Sept 2017
  30. 30.
    Hyena: Cryptograffiti.info. http://cryptograffiti.info. Accessed 23 Sept 2017
  31. 31.
    Interpol: INTERPOL cyber research identifies malware threat to virtual currencies (2015). https://www.interpol.int/News-and-media/News/2015/N2015-033. Accessed 23 Sept 2017
  32. 32.
    Irish Office of the Attorney General: Child Trafficking and Pornography Act, Section 2. Irish Statue Book, pp. 44–61 (1998)Google Scholar
  33. 33.
    Kondor, D., Pósfai, M., Csabai, I., Vattay, G.: Do the rich get richer? An empirical analysis of the Bitcoin transaction network. PLOS ONE 9(2), 1–10 (2014)CrossRefGoogle Scholar
  34. 34.
    F-Secure Labs: Ransomware: how to predict, prevent, detect & resond. Threat Response (2016). Accessed 23 Sept 2017Google Scholar
  35. 35.
    Le Calvez, A.: Non-standard P2SH scripts (2015). https://medium.com/@alcio/non-standard-p2sh-scripts-508fa6292df5. Accessed 23 Sept 2017
  36. 36.
    Lee, D.: France ends three-strikes internet piracy ban policy (2013). http://www.bbc.com/news/technology-23252515. Accessed 12 Dec 2017
  37. 37.
    Lynch, L.: The Leak heard round the world? Cablegate in the evolving global mediascape. In: Brevini, B., Hintz, A., McCurdy, P. (eds.) Beyond WikiLeaks: Implications for the Future of Communications, Journalism and Society, pp. 56–77. Palgrave Macmillan, London (2013).  https://doi.org/10.1057/9781137275745_4CrossRefGoogle Scholar
  38. 38.
    Lyons, K., Blight, G.: Where in the world is the worst place to be a Christian? (2015). Accessed 23 Sept 2017Google Scholar
  39. 39.
    Maesa, D.D.F., Marino, A., Ricci, L.: Uncovering the Bitcoin blockchain: an analysis of the full users graph. In: IEEE DSAA, pp. 537–546 (2016)Google Scholar
  40. 40.
    Matzutt, R., Hohlfeld, O., Henze, M., Rawiel, R., Ziegeldorf, J.H., Wehrle, K.: POSTER: I don’t want that content! On the risks of exploiting Bitcoin’s blockchain as a content store. In: ACM CCS (2016)Google Scholar
  41. 41.
    Matzutt, R., et al.: myneData: towards a trusted and user-controlled ecosystem for sharing personal data. In: Eibl, M., Gaedke, M. (eds.) INFORMATIK, pp. 1073–1084. Gesellschaft für Informatik, Bonn (2017)Google Scholar
  42. 42.
    McAfee Labs: Threats report (December 2016). (2016) Accessed 23 Sept 2017Google Scholar
  43. 43.
    McReynolds, E., Lerner, A., Scott, W., Roesner, F., Kohno, T.: Cryptographic currencies from a tech-policy perspective: policy issues and technical directions. In: Brenner, M., Christin, N., Johnson, B., Rohloff, K. (eds.) FC 2015. LNCS, vol. 8976, pp. 94–111. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-48051-9_8CrossRefGoogle Scholar
  44. 44.
    Meiklejohn, S., et al.: A fistful of Bitcoins: characterizing payments among men with no names. In: IMC, pp. 127–140 (2013)Google Scholar
  45. 45.
    Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf
  46. 46.
    Ober, M., Katzenbeisser, S., Hamacher, K.: Structure and anonymity of the Bitcoin transaction graph. Future Internet 5(2), 237–250 (2013)CrossRefGoogle Scholar
  47. 47.
    Office of the Law Revision Counsel of the United States House of Representatives: U.S. Code, Title 18, Chapter 110, §2256 (2017)Google Scholar
  48. 48.
    Okupski, K.: Bitcoin developer reference. Technical report (2014)Google Scholar
  49. 49.
    Peerenboom, R.P.: Assessing human rights in China: why the double standard (2005). Accessed 23 Sept 2017Google Scholar
  50. 50.
    PoEx Co., Ltd: Proof of existence (2015). https://proofofexistence.com. Accessed 23 Sept 2017
  51. 51.
    Puddu, I., Dmitrienko, A., Capkun, S.: \(\mu \)chain: how to forget without hard forks. IACR Cryptology ePrint Archive 2017/106 (2017). Accessed 23 Sept 2017Google Scholar
  52. 52.
    Reid, F., Harrigan, M.: An analysis of anonymity in the Bitcoin system. In: Altshuler, Y., Elovici, Y., Cremers, A., Aharony, N., Pentland, A. (eds.) Security and Privacy in Social Networks, pp. 197–223. Springer, New York (2013)CrossRefGoogle Scholar
  53. 53.
    Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39884-1_2CrossRefGoogle Scholar
  54. 54.
    Scheller, S.H.: A picture is worth a thousand words: the legal implications of revenge porn. North Carolina Law Rev. 93(2), 551–595 (2015)Google Scholar
  55. 55.
    Selcuk, A.A., Uzun, E., Pariente, M.R.: A reputation-based trust management system for P2P networks. In: IEEE CCGrid, pp. 251–258 (2004)Google Scholar
  56. 56.
    Shirriff, K.: Hidden surprises in the Bitcoin blockchain and how they are stored: Nelson Mandela, Wikileaks, photos, and Python software (2014). http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html. Accessed 23 Sept 2017
  57. 57.
    Sleiman, M.D., Lauf, A.P., Yampolskiy, R.: Bitcoin message: data insertion on a proof-of-work cryptocurrency system. In: ACM CW, pp. 332–336 (2015)Google Scholar
  58. 58.
    Snow, P., Deery, B., Lu, J., Johnston, D., Kirby, P.: Factom: business processes secured by immutable audit trails on the blockchain (2014). https://www.factom.com/devs/docs/guide/factom-white-paper-1-0. Accessed 23 Sept 2017
  59. 59.
    Spagnuolo, M., Maggi, F., Zanero, S.: BitIodine: extracting intelligence from the Bitcoin network. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 457–468. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-662-45472-5_29CrossRefGoogle Scholar
  60. 60.
    Standing Committee of the National People’s Congress: Law of the People’s Republic of China on guarding state secrets (1989). Accessed 23 Sept 2017Google Scholar
  61. 61.
    Taylor, G.: Concepts of intention in german criminal law. Oxf. J. Legal Stud. 24(1), 99–127 (2004)CrossRefGoogle Scholar
  62. 62.
    Tomescu, A., Devadas, S.: Catena: efficient non-equivocation via Bitcoin. In: IEEE S&P, pp. 393–409 (2017)Google Scholar
  63. 63.
    Tucker, E.: A look at federal cases on handling classified information (2016). http://www.military.com/daily-news/2016/01/30/a-look-at-federal-cases-on-handling-classified-information.html. Accessed 23 Sept 2017
  64. 64.
    United Nations: Appendix to the optional protocols to the convention on the rights of the child on the involvement of children in armed conflict and on the sale of children, child prostitution and child pornography (2000)Google Scholar
  65. 65.
    United Nations: Optional protocols to the convention on the Rights of the Child on the involvement of children in armed conflict and on the sale of children, child prostitution and child pornography, vol. 2171, pp. 247–254 (2000)Google Scholar
  66. 66.
    Waldman, M., Rubin, A.D., Cranor, L.: Publius: A robust, tamper-evident, censorship-resistant and source-anonymous web publishing system. In: USENIX Security, pp. 59–72 (2000)Google Scholar
  67. 67.
    Walsh, K., Sirer, E.G.: Experience with an object reputation system for peer-to-peer filesharing. In: NSDI (2006)Google Scholar
  68. 68.
    Wei, W.: Ancient ‘STONED’ virus signatures found in Bitcoin blockchain (2014). https://thehackernews.com/2014/05/microsoft-security-essential-found.html. Accessed 23 Sept 2017
  69. 69.
    Wood, G.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper (2016). Accessed 23 Sept 2017Google Scholar
  70. 70.
    Zeilinger, M.: Digital art as ‘monetised graphics’: enforcing intellectual property on the blockchain. Philosop. Technol. 31, 15–41 (2016)MathSciNetCrossRefGoogle Scholar
  71. 71.
    Ziegeldorf, J.H., Grossmann, F., Henze, M., Inden, N., Wehrle, K.: CoinParty: secure multi-party mixing of Bitcoins. In: ACM CODASPY, pp. 75–86 (2015)Google Scholar
  72. 72.
    Ziegeldorf, J.H., Matzutt, R., Henze, M., Grossmann, F., Wehrle, K.: Secure and anonymous decentralized Bitcoin mixing. FGCS 80, 448–466 (2018)CrossRefGoogle Scholar
  73. 73.
    Zimmermann, T., Rüth, J., Wirtz, H., Wehrle, K.: Maintaining integrity and reputation in content offloading. In: IEEE/IFIP WONS, pp. 1–8 (2016)Google Scholar

Copyright information

© International Financial Cryptography Association 2018

Authors and Affiliations

  • Roman Matzutt
    • 1
    Email author
  • Jens Hiller
    • 1
  • Martin Henze
    • 1
  • Jan Henrik Ziegeldorf
    • 1
  • Dirk Müllmann
    • 2
  • Oliver Hohlfeld
    • 1
  • Klaus Wehrle
    • 1
  1. 1.Communication and Distributed SystemsRWTH Aachen UniversityAachenGermany
  2. 2.Data Protection Research InstituteGoethe University FrankfurtFrankfurtGermany

Personalised recommendations