Four researchers from University College London found that certain sequence of procedures while transfering anonymous cryptocurrency Zcash significantly reduces transactions confidentiality. Specialists noted that when coins move from "unprotected" to "protected" addresses, and then back, total anonymity of operations is reduced by 69.1%.
“Zcash is a cryptocurrency whose main feature is a “shielded pool” that is designed to provide strong anonymity guarantees. Indeed, the cryptographic foundations of the shielded pool are based in highly-regarded academic research. The deployed Zcash protocol, however, allows for transactions outside of the shielded pool (which, from an anonymity perspective, are identical to bitcoin transactions), and it can be easily observed from blockchain data that the majority of transactions do not use the pool. Nevertheless, users of the shielded pool should be able to treat it as their anonymity set when attempting to spend coins in an anonymous fashion,” - researchers wrote.
Zcash has transparent addresses (t-addresses) same as Bitcoin, but it also gives another option to hide the details of users transactions using private addresses (z-addresses). Private transactions are conducted using the shielded pool which allows users to spend coins without revealing the amount, sender or receiver. This is possible due to the use of zero-knowledge proofs.
The researchers reported that translations involving different types of addresses are much less anonymous. By tracking user behavior, you can get information about "z-addresses", too. Experts state that they warned developers about the discovered vulnerability prior to publishing the report.
Zcash founder Zooko Wilcox and Marketing director Josh Swihart say that they support science and “scientific investigation is the only way for developers to learn what works and what doesn’t work to protect users”. Developers noted that they would update the altcoin protocol in order to decrease risks of anonymity infringement identified in the paper.
“We congratulate this research team for this insightful new paper, and invite other scientists to join with us in investigating these questions that are important to the future of human society,” – Wilcox and Swihart said.
By Ekaterina Ulyanova