[go: nahoru, domu]
Jump to content

Zerocoin protocol

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Lunokhod (talk | contribs) at 16:41, 14 April 2014 (adding section "rationale for zerocoin"). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Zerocoin protocol
File:Zerocoin logo.png
The Zerocoin logo

Zerocoin is a proposed extension to the bitcoin protocol that would add true cryptographic anonymity to bitcoin transactions. Given that bitcoin transactions are stored in a public ledger (in the so called block chain), the history of any transaction can be traced. Zerocoin provides for anonymity by the introduction of a separate zerocoin cryptocurrency that is stored in the bitcoin block chain. Zerocoins are purchased with bitcoin in fixed demoninations by a zerocoin mint transaction. Later, these zerocoins can be redeemed for bitcoin to a different bitcoin address by a zerocoin spend transaction. Through the use of cryptographic accumulators and digital commitments with zero-knowledge proofs, it is not possible to link the bitcoin address that was used to mint the original zerocoin to the bitcoin address used to redeem the zerocoin. Though originally proposed for use with the bitcoin network, Zerocoin could be integrated into any cryptocurrency.

The rationale for zerocoin

Bitcoin transactions are all stored, by design, in a public ledger (the block chain) that is accessible to everyone. These transactions provide privacy through pseudonymity, in that while each transaction is associated with the public address of the sender and receiver, the names of the owners of these public addresses are at no time made known to the bitcoin network. To increase privacy, each person can create as many public addresses as they like, making it difficult to link a set of transactions to the same person. If additional privacy is required, it is possible to mix, or launder, the owners bitcoin with a larger number of other bitcoin through a third party laundering pool[1].

Nevertheless, by data mining of the block chain, it is possible to link a set of public addresses to a specific (unnamed) individual. This could be done by the analysis of spending habits, or by having change from one public address being sent to another. By utilizing information external to the block chain, such as public bitcoin addresses posted on a web site, or the postal address used with a bitcoin purchase, it becomes possible to determine every single bitcoin transaction of a given person. By knowledge of an individual's public bitcoin addresses, the total amount of bitcoin the person owns is revealed.

Zerocoin protocol

The Zerocoin[2] add–on to Bitcoin would have functioned like a money laundering pool, temporarily pooling Bitcoins together in exchange for a temporary currency called Zerocoins.[3] While the laundering pool is an established concept already utilized by several currency laundering services, Zerocoin would have implemented this at the protocol level, eliminatating any reliance on trusted third parties. It anonymized the exchanges to and from the pool using cryptographic principles, and as a proposed extension to the Bitcoin protocol, would have recorded the transactions alongside Bitcoin's existing block chain.[3] One criticism of the extension was the added computation time required by the process, which would need to have been performed primarily by Bitcoin miners.[3]

The lead author of Zerocoin, Matthew Green, has said that the intent of Zerocoin is not to facilitate criminal activity, and suggested that a “back door” or other features could be added to the Zerocoin protocol to allow police, as one example, to track money laundering.[4]

Extensions of Zerocoin

Recognizing that Bitcoin was unlikely to be implement Zerocoin, the authors of Zerocoin expressed hope that other cryptocurrencies would incorporate the anonymity features of Zerocoin.[5] The main features of Zerocoin are currently being implemented in the alternative cryptocurrency Anoncoin.[6]

On 16 November 2013,[7] Zerocoin developer Matthew Green announced that it would be released as an independent cryptocurrency, going into circulation in May 2014 “in some sort of beta program”.[8]

References

  1. ^ Bradbury, Danny (7 June 2013). "How anonymous is Bitcoin?". CoinDesk. CoinDesk Ltd. Retrieved 8 February 2014.
  2. ^ Miers, Ian; Garman, Christina; Green, Matthew; Rubin, Aviel D. (May 2013). Zerocoin: Anonymous Distributed E-Cash from Bitcoin (PDF). 2013 IEEE Symposium on Security and Privacy. IEEE Computer Society Conference Publishing Services. pp. 397–411. doi:10.1109/SP.2013.34. ISSN 1081-6011. {{cite conference}}: line feed character in |publisher= at position 22 (help)
  3. ^ a b c Peck, Morgan E. (24 October 2013). "Who's who in Bitcoin: Zerocoin hero Matthew Green". IEEE Spectrum. Institute of Electrical and Electronics Engineers. ISSN 0018-9235. Retrieved 31 January 2014.
  4. ^ Hodson, Hal (13 March 2013). "Bitcoin add-on makes your virtual purchases private". NewScientist. Reed Business Information Ltd. ISSN 0262-4079. Retrieved 8 February 2014.
  5. ^ Bradbury, Danny (7 June 2013). "How anonymous is Bitcoin?". CoinDesk. CoinDesk Ltd. Retrieved 8 February 2014.
  6. ^ "AnonCoin". Retrieved 2014-04-03.
  7. ^ Green, Matthew D. "We designed a new version of Zerocoin that reduces proof sizes by 98% and allows for direct anonymous payments that hide payment amount". Twitter. Retrieved 2 February 2014.
  8. ^ Greenberg, Andy (13 January 2014). "Bitcoin Anonymity Upgrade Zerocoin To Become An Independent Cryptocurrency". Forbes. Forbes Inc. ISSN 0015-6914. Retrieved 2014-01-30.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Zerocoin_protocol&oldid=604179478"