[en] Blockchains, and especially Bitcoin have soared in popularity since their inceptions. This thesis furthers our knowledge of blockchains and their uses.
First, we analyze transaction linkability in the privacy preserving cryptocurrency Zcash, based on the currency minting transactions (mining). Using predictable usage patterns and clustering heuristics on mining transactions, an attacker can link to publicly visible addresses in over 84% of the privacy preserving transactions.
Then, we further analyze privacy issues for the privacy-oriented cryptocurrency Zcash. We study privacy preserving transactions and show ways to fingerprint user transactions, including active attacks. We introduce two new attacks, which we call the Danaan-gift attack and the Dust attack.
Then, we investigate the generic landscape and hierarchy of miners as exemplified by Ethereum and Zcash. Both chains used application-specific integrated circuit (ASIC) resistant proofs-of-work which favor GPU mining in order to keep mining decentralized. This, however, has changed with the introduction of ASIC miners for these chains. This transition allows us to develop methods that might detect hidden ASIC mining in a chain (if it exists), and to study how the introduction of ASICs affects the decentralization of mining power. Finally, we describe how an attacker might use public blockchain information to invalidate miners' privacy, deducing the mining hardware of individual miners and their mining rewards.
Then, we analyze the behavior of cryptocurrency exchanges on the Bitcoin blockchain, and compare the results to the exchange volumes reported by the same exchanges. We show, that in multiple cases these two values are close to each other, which confirms the integrity of their reported volumes. Finally, we present a heuristic to try to classify large clusters of addresses in the blockchain, and whether these clusters are controlled by an exchange.
Finally, we describe how to couple reputation systems with distributed consensus protocols to provide a scalable permissionless consensus protocol with a low barrier of entry, while still providing strong resistance against Sybil attacks for large peer-to-peer networks of untrusted validators. We introduce the reputation module ReCon, which can be laid on top of various consensus protocols such as PBFT or HoneyBadger. The protocol takes external reputation ranking as input and then ranks nodes based on the outcomes of consensus rounds run by a small committee, and adaptively selects the committee based on the current reputation.