Abstract :
[en] In this paper we analyze two privacy and security issues for the
privacy-oriented cryptocurrency Zcash. First we study shielded
transactions and show ways to fingerprint user transactions, including
active attacks.We introduce two new attacks which we call
Danaan-gift attack and Dust attack. Following the recent Sapling
update of Zcash protocol we study the interaction between the new
and the old zk-SNARK protocols and the effects of their interaction
on transaction privacy. In the second part of the paper we check for
the presence of subliminal channels in the zk-SNARK protocol and
in Pedersen Commitments. We show presence of efficient 70-bit
channels which could be used for tagging of shielded transactions
which would allow the attacker (malicious transaction verifier)
to link transactions issued by a maliciously modified zk-SNARK
prover, while would be indistinguishable from regular transactions
for the honest verifier/user. We discuss countermeasures against
both of these privacy issues.
FnR Project :
FNR11684537 - Security, Scalability, And Privacy In Blockchain Applications And Smart Contracts, 2017 (01/08/2018-31/07/2021) - Alex Biryukov
Scopus citations®
without self-citations
34