Cryptocurrencies have emerged as an important technology over the past decade
and have, undoubtedly, become blockchain’s most popular application. Bitcoin has
been by far the most popular out of the thousands of cryptocurrencies that have been
created. Some of the features that made Bitcoin such a fascinating technology include
its transactions being made publicly available and permanently stored, and the
ability for anyone to have access. Despite this transparency, it was initially believed
that Bitcoin provides anonymity to its users, since it allowed them to transact using
a pseudonym instead of their real identity. However, a long line of research has
shown that this initial belief was false and that, given the appropriate tools, Bitcoin
transactions can indeed be traced back to the real-life entities performing them.
In this thesis, we perform a survey to examine the anonymity aspect of cryptocurrencies.
We start with early works that made first efforts on analysing how private
this new technology was. We analyse both from the perspective of a passive observer
with eyes only to the public immutable state of transactions, the blockchain,
as well as from an observer who has access to network layer information. We then
look into the projects that aimed to enhance the anonymity provided in cryptocurrencies
and also analyse the evidence of how much they succeeded in practice.
In the first part of our own contributions we present our own take on Bitcoin’s
anonymity, inspired by the research already in place. We manage to extend existing
heuristics and provide a novel methodology on measuring the confidence we have in
our anonymity metrics, instead of looking into the issue from a binary perspective,
as in previous research.
In the second part we provide the first full-scale empirical work on measuring anonymity in a cryptocurrency that was built with privacy guarantees, based on a
very well established cryptography, Zcash. We show that just building a tool which
provides anonymity in theory is very different than the privacy offered in practice
once users start to transact with it.
Finally, we look into a technology that is not a cryptocurrency itself but is built
on top of Bitcoin, thus providing a so-called layer 2 solution, the Lightning network.
Again, our measurements showed some serious privacy concerns of this technology,
some of which were novel and highly applicable
