Nguyen Truong

Nguyen Truong

Assistant Professor @School of Computing Science, University of Glasgow focusing on emerging technologies for Data Privacy & Security, and Decentralisation systems.

Bitcoin Transactions and Anonymity

4 minute read

Published:

Content

[TOC]

Unspent Transaction output (UTXO)

  • Ledger state where balance are not directly associated with addresses but with the output of transactions
  • Amount of digital currency that remains after a cryptocurrency transaction. (Output of a transaction)
  • Can be used as an input
  • Not a lower denomination of the currency
  • Only choose TXOs that is unspent
  • After an input, the unspent TXOs will be mark spends

Process of a transaction

  • Process of a transaction
    1. Inputs: One or more UTXOs
    2. Payer provide their digital signature to confirm ownership over the input
    3. UTXOs consumed are now considered spent

      Example of an transaction

      1. Alice have 0.45 BTC in her wallet.
      2. It’s a collections of UTXOs. Specifically 2 UTXO worth 0.4 BTC and 0.05 BTC. All those are output from past transactions
      3. Alice → Bob: 0.3 BTC
      4. Breakup her 0.4 BTC
      5. 0.4 BTC us now the spent output and can’t be used
      6. Meanwhile, 2 new UTXOs have been created (0.3 BTC and 0.1 BTC)

        Anonymity

  • Identity of the user are not tied to the public addresses
  • Encourage to create new public address for every transaction
  • Bitcoin does provide anonymity, but still relatively higher anonymity

    Deanonymity Methods

    Using P2P network traffic

  • Maps IPs to public address based on statistic and intuition
  • Calculation
  • Analysis

Integrating off-network information

  • Many organizations and services has information about it’s users
  • Bitcoin Faucet
    • Donate Bitcoins to be redistributed in small amounts to other users
    • Possible to associate IP address with the recipients’ public key
    • Map public keys to IP address ↔ Other public keys related to the public key can be linked
  • Voluntary Disclosure

    TCP/IP Layer Information

  • PK and IP matching
  • Assuming, the first node is the source
  • Unable to derive for user using Tor or proxy

    Egocentric Analysis and visualization

  • Derive information from the user network
  • From bitcoin transaction history
  • E.g. using a graph

Context Discovery

  • Using network structure and context
  • Visualizing ego centric network with fixed radius
  • E.g. Examine all the shortest paths between a set of vertices representing the users we identified using off-network method

    Flow and temporal analyses

  • Follow the signifacant Bitcoin flow
  • Time between two large transaction deemed interesting
  • Built a tool that tract significant flows of Bitcoin over time

    Clustering

    A single user may own a certain number of public addresses. the goal of clustering is to group together public addresses from the same user.

    Heuristic Based clustering

    Utilized structure information of certain transaction

    Multiple input address

  • Assume that all addresses in the inputs belong to a single user
  • For $(I, O, c, s)$ if num of input in $t$ is more than $(I>1)$
  • All addresses in $I$ belong to the same user
  • A reused in address imply that both cluster belong to the same user
  • Sort address are not controlled by the same user into same cluster

  • One-time change address

  • The input of a transaction must all be spent
  • The result of a change in the transaction
  • Requirement the maps the address is a change address which belongs to the same user as the input
    1. First appearance of address $O$
    2. Transaction $t$ is not coint generation
    3. There is no self-change address
    4. The output addresses other than $O$ do not satisfy condition (1)
  • If $A_1$ is the input, then $A_1$ → $u$ then $O$ → $u$ as well
  • If no change, may mistaken identify one of the recipient’s addresses as a change address

    Address Reuse-Based Change Address Detection

  • Requirement
    1. The first appearance of $O’$
    2. Transaction $t’$ is not coin generation
    3. No self-change address
    4. Output address other than $O’$ are reused as output addresses in some later transaction
  • If $A_1$ is the input, then $A_1$ → $u$ then $O’$ → $u$ as well
  • False Negative: Output addresses are not reused
  • False Positive: If a change address is reused as an output address or no change occurs in the transaction, may mistaken recipient address as the change address by mistake.

Question

  • How is a spent TXOs is marked on the blockchain, doesn’t it required to alter information in the block?

#

  • WHat is Eutheruem
  • How to deanonymize user in Eutheruem

Reference

https://en.wikipedia.org/wiki/Unspent_transaction_output https://academy.binance.com/en/glossary/unspent-transaction-output-utxo https://en.bitcoin.it/

You May Also Enjoy

Ethereum DeAnonymisation Techniques

8 minute read

Published:

Anonymize Ethereum with Bitcoin methods

Ethereum Architecture

  • Ethereum stores state and account balance directly
  • Smart contracts
    • Each smart contract is identified by an Ethereum address
    • Written in solidity
  • Blockchain

Ethereum Overview and Privacy Attacks

9 minute read

Published:

Ethereum

Accounts

  • 20-byte address
  • A state -> state’ = transaction of information or value between account
  • Contain 4 fields
    • Nonce: Counter that make sure the transaction can be processed once
    • Ether balance
    • Contract code (for contract account)
    • Storage
  • Type of accounts
    • Externally owned accounts
      • Controlled by private keys
      • Can send messages by creating and signing transaction
    • Contract accounts
      • Controlled by contract code
      • Code is activate when message is received
      • Code could read/write to internal storage or create a message or contract in return

        Contract

  • An autonomous agent the live inside the Ethereum environment
  • Execute a specific code when “triggered”

    Transaction and message

  • Transaction- A sign data package that store a message to be sent from an externally owned account
  • STARTGAS and GASPRICE are to prevent infinite loop by limiting the number of computation steps
  • gas is dependent on the amount of computation and capacity of data
  • Transaction contain
    • Recipient message
    • Signature of the sender
    • Amount of ether to be transfer
    • Data field(optional)
    • STARTGAS - Maximum allowed computation steps
    • GASPRICE - Fees pays by the sender per computational steps(gas)

      Messages

  • Messages is like transaction except it is produced by a contract
  • Messages contain the sender, recipient, amount of ether being sent, data field(optional), STARTGAS

    Ethereum state transition function

  • Validate the transaction
  • Calculate the transaction fee STARTGAS * GASPRICE
  • Subtract the fees from the sender’s account balance and increment the sender’s nonce
  • Transfer the transaction value from sender to recipient.
    • If recipient don’t exist. Create a new account
    • If it’s a contract account, run the contract’s code until completion or run out of gas
  • If ran out of gas or the sender don’t have efficient fund. Revert all state changes except the payment of the fees.
  • Otherwise, refund the remaining gas to the sender.
  • Fees are send to the sender
  • Example of transition function (Send 10eth, 2000 gas, 0.001 ether gasprice and 64 bytes of data)
    • Data being sent:
      • byte[0:31] = 2
      • byte[32:63] = “CHARLIE”

Bitcoin & Blockchain Overview

5 minute read

Published:

What is blockchain?

What is a block?

  • Persistent, immutable and append-only data structure
  • Block used as currency tracks
    • User transactions
    • Timestamp
    • Reference
  • A block (besides the genesis block) is tied to it’s previous block in a cryptographic way
  • Each block contains
    • Header
    • One or more user’s transactions ![Simplified Bitcoin Blockchain]