Research Summary: Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods

--- tags: Summary categories: Privacy --- # Research Summary: Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods ### TLDR - Blockchain technology enables decentralized and self-sovereign identities including new mechanisms for creating, resolving, and revoking them. - The public availability of data records has allowed attacks that combine sophisticated heuristics with auxiliary information to compromise users’ privacy and deanonymize their identities. - We review and categorize Bitcoin privacy attacks, investigate their impact on one of the Bitcoin-based identity methods namely did:btcr, and analyze and discuss its privacy properties. ### Core Research Question How can we categorize Bitcoin privacy attacks, and investigate privacy issues in did:btcr? ### Citation Ghesmati, S., Fdhila, W., & Weippl, E. (2021, September). Studying Bitcoin privacy attacks and their Impact on Bitcoin-based Identity Methods. In International Conference on Business Process Management (pp. 85-101). Springer, Cham. https://link.springer.com/chapter/10.1007/978-3-030-85867-4_7 ### Background Entities (e.g., users and organizations), use global unique identifiers such as telephone numbers, ID, or URLs. However, these identifiers are often issued and managed by central authorities. Blockchain-based decentralized identifiers have been proposed to prove an identifier’s ownership without having to rely on a trusted entity. - **Decentralized identifier (DID):** A string that includes three main parts: the scheme, the DID method, and the DID method identifier, which should be unique within the DID method. - **DID document:** Contains information about the verification methods and the service endpoints required to interact with the DID subjects. - **DID subject:** The entity that is identified by the DID, and can be a person, an object or an organization. - **DID method:** Defines how DIDs are created, resolved, updated, and revoked. ### Summary - We review and categorize privacy attacks on the Bitcoin blockchain, which may reveal the links between addresses and real-world identities, and also correlate between different identities. - We address Bitcoin privacy attacks’ impact on the DID method did:btcr. - We adopted the privacy terminology from RFC 6973. ### Method Four main steps for collecting and selecting relevant literature: - research questions identification - literature search - literature selection - data extraction ### Results - We categorized Bitcoin privacy attacks into four main categories (i) heuristics, (ii) side channel attacks, (iii) flow analysis, and (iv) auxiliary information. ![](https://i.imgur.com/3Kvyb69.png) ![](https://i.imgur.com/I5Y6nOQ.png) ![](https://i.imgur.com/zsX1URU.png) - We showed how data analysis of Bitcoin public records, in combination with auxiliary information can be exploited using sophisticated heuristics, to reveal or correlate transactions, identities, or addresses of users. - This study has demonstrated that although BTCR provides some advantages such as protection against censorship, integrity, access, and a degree of decentralization; it still lacks methods to deal with the privacy issues identified in this paper. ### Discussion and Key Takeaways We investigate the privacy of the method did:btcr based on the criteria adopted from RFC 6973. - **Surveillance:** Any kind of observation and monitoring of the users, whether the users are aware of the surveillance or not, can influence a user’s the privacy. - Auxiliary information is obtained through the interactions with services using DIDs. - Blockchain is immutable, no way to delete the history. - **Correlation:** The combination of different information, which relates to one user. - Using the same DID or DID document for interacting with different services helps to trace and correlate user activities. - Using the same public keys in different DID documents can reveal the link between the corresponding DIDs. - The IP address of an entity can compromise the relationship of common controls, linking between different DIDs. - Timing analysis can correlate users’ activities using the same service endpoint in the DID documents. - **Identification:** Relating the information to a specific user. - If the Bitcoin address associated to a DID is later spent, it can link the address used for DID to other addresses owned by the user. - The visibility of the DID document can leak the metadata about the attributes and provide information about the service endpoints. - If the DID document is stored in the third-party server, the latter may identify the real DID owner. - If the DID document is stored on a user's own server, it can correlate the user IP address with the DID document. - **Secondary Use:** Collecting the information about a user without their consent and using it for purposes other than that which the information was collected for. - Read/resolve makes it possible to trace the DID use if it is accessed by third party services (e.g., universal DID resolver). - The verifier can trace the transaction flow, check the history of the UTXOs! - DID real identity can be compromised if used in services that require information about the users or their activities (e.g., social networks). - **Disclosure:** Exposure of information about a user which violates the confidentiality of the shared data. - Privacy may be lost in the economic activities for the services authenticated by DIDs. - BTCR updates reveal the public key of the previous DID or changing the access control. - **Misattribution:** Whenever a user’s data or communications are attributed to another, which can consequently affect the user’s reputation. - Using indistinguishable mixing techniques can relate the users’ UTXOs to someone else. ### Implications and Follow-Ups Future research will consist of elaborating and developing new methods, or using existing privacy-enhancing techniques (e.g., mixing techniques, zero-knowledge proofs) to address the aforementioned privacy issues. ### Applicability - This work can improve privacy countermeasures for DIDs BTCR. - It can also provide comprehensive privacy attacks for privacy threat modeling. - Our future work contains privacy threat modeling based on LINDDUN. The paper will appear on https://ptmworkshop.gitlab.io/#/proceedings under the name “User-Centric Public Blockchain Privacy Threats”.