Cryptocurrency Anonymity Enhancers – Comparison

Coinfirm’s Regulatory Affairs department has done a deep-dive look into cryptocurrency anonymity enhancers. Including their history, differing reasons for creation and technological overview. This article examines:

1. Privacy vs. Pseudonymity vs. Anonymity
2. Transparent Blockchains vs AEC vs AES (Anonymity Enhancing Services)
   • Anonymity enhancers embedded into the blockchain
     • Blockchain feature
     • Cross-chain transactions ( non-regulated market players)
   • Anonymity enhancers: market players (AES)
     • Regulated/non-regulated?
3. Comparison of Crypto Anonymity Enhancers
   • Mixers/Tumblers
     • Examples of market players who offer such services (e.g. Tornado cash for ETH, Bitcoin Fog for BTC)
   • CoinJoins
   • Lightning Network
   • zk-SNARKs crypto currencies [ZCash]
   • LTC MWEB
   • Taproot
   • Dandelion; Dandelion++

_{A) Anonymity vs. Pseudonymity vs. Privacy}

Anonymity and privacy are not synonymous, especially in the context of crypto assets. The majority of crypto assets are anonymous, but not private. The nature of the ownership of BTC, ETH and most other crypto-assets is anonymous, given that details of the identity of the person making a transfer are not included on the blockchain.

All crypto transactions are anonymous, until they are made through a VASP, which is required to identify the identity of the individuals and entities linked to addresses. A VASP (Virtual Asset Service Provider) is a described by the Financial Action Task Force (FATF) as any natural or legal person that offers exchange services to or performs transfers on behalf of another natural or legal person between virtual assets and fiat currencies, different virtual assets, as well as fiat to virtual assets. Other services performed on behalf of another natural or legal person that fall under the VASP definition are safekeeping and/or the administration of virtual assets or instruments enabling control over virtual assets as well as the participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.

Thus, as long as there is a person identified to be offering or conducting any of the above services they are classified as a VASP and have the duty to conduct Know Your Customer (KYC) verification and ongoing monitoring throughout the duration of the business relationship.

Although the FATF has dedicated Recommendations and guidances on virtual assets (VAs) for jurisdictions to implement in their national law, there still exists countries which have not issued anti-money laundering (AML) regulations on VAs or are in incipient stages. In the case of the former, VASPs from such jurisdictions are under no obligation to abide by AML laws, allowing their clients to perform transactions anonymously. This becomes important when suspicious transactions are detected during the ongoing monitoring and Source of Funds (SoF) and/or Source of Wealth (SoF) tracing.

See: Coinfirm’s Source of Funds Reports

Some blockchain analytics entities, such as Coinfirm, provide Entity Due Diligence reports, identifying important aspects of a VASP, such as geolocation and level of KYC performed.

Read: Coinfirm Releases Entity Due Diligence for Streamlined Crypto Compliance

Such information is crucial for investigators both from the private and public sectors, to identify involved individuals in transactions when following the money, especially in high-risk situations where money laundering or terrorist financing is suspected or detected.

In the case of law enforcement agencies (LEAs) and financial intelligence units (FIUs) it is necessary to understand where a specific VASP is located in order to request information from them on involved parties in specific transactions. Such requests may be performed based on STRs/SARs (suspicious transaction reports/ suspicious activity reports) submitted by VASPs or financial institutions (FIs) or based on different circumstances unveiled by LEAs/FIUs. As per FATF’s Recommendation 20, “if a financial institution [or VASP] suspects or has reasonable grounds to suspect that funds are the proceeds of a criminal activity, or are related to terrorist financing, it should be required, by law, to report promptly its suspicions to the financial intelligence unit (FIU).”

Regulating the crypto market has had the biggest impact on identifying individuals performing transactions on the blockchain, thus lowering the inherent anonymity aspect of blockchain transactions.

In October 2018, FATF updated its Standards to extend AML/CFT requirements to Virtual Assets (VAs) and Virtual Asset Service Providers (VASPs). In June 2019, FATF adopted an Interpretive Note to Recommendation 15 (INR.15) to clarify how the FATF requirements apply in relation to VAs and VASPs.

Subsequently, Recommendation 16, also known as the Trave Rule, was updated in October 2021 to include VAs, adding another layer in deanonymizing blockchain transactions. The FATF’s ‘Travel Rule’ requires FIs and VASPs to pass on information as stated in the table below:

While regulators work on deanonymising blockchain transactions, other parties work on enhancing anonymity and privacy, both through creating privacy coins as well as other systems and tools which obfuscate the origin of the funds. These developments have been registered, because blockchain transactions may be anonymous, but are generally not private:

1. A transaction is ‘anonymous’ if no-one knows who you are. This refers to methods of concealing a person’s identity.
   • Full anonymity: the person’s identity is unknown and no transactions or any activity performed on the blockchain or on VASPs can be linked back to them.
   • Pseudonymity: various transactions and addresses can be linked to the same person whose identity in unknown.
2. A transaction is ‘private’ if no one knows what you purchased and for what amount. The transparency of the source of funds in the blockchain has been a catalyst for the emergence of blockchain features and crypto services aimed at obscuring the trace of funds.

The transparency of blockchain in public domain removes the privacy element from many of the assets (e.g. Bitcoin on Ethereum). Using tools such as Blockchain Browser or Etherscan – or more advanced blockchain analytics services such as those offered by firms such as Coinfim – everyone can fully trace all transactions performed with a given address.

Thus, knowing the public address, anyone can view its full history. This feature is certainly hindering the ease of moving illicit assets. It has also proven inconvenient for some investors, e.g. High-net Worth individuals protecting their privacy. To address the need of the market for increased privacy, several asset obscuring features and services have emerged. Depending on the blockchain, various techniques are used to cut off the trace of the assets. After using the service, previous transactions will no longer be visible on the address.

_{B) Transparent Blockchains vs Anonymity Enhancing Coins and Services (AECs vs AESs)}

In the blockchain, ‘transparency’ means that the transactional activity is fully traceable. AECs and AESs aim to cut off the visibility of transactions’ origin, direction and amount, meaning that participating addresses and, in some cases, amounts, will not be visible to anyone who is not part of the transaction and in some cases, not even to the participants.

Both AECs and AESs are ways to provide privacy, which can be obtained though:

1. Blockchain embedded features which create Anonymity Enhancing Coins (AEC)/privacy coins. ’Privacy coins’ as a whole are a small category of all available coins, far fewer in numbers than non-privacy ones. These features represent different ways to anonymise transaction data and wallet balances. Some of the strategies involve splitting up each transfer into smaller ones, addresses created for temporary use, encryption of parts or entire transactions. Depending on the type of privacy features inbuilt into blockchains we obtain:
   • Coins that offer full anonymity, such as Monero. Its blockchain code is written so that it prevents any traceability and offers privacy via stealth addresses (a unique address created every time a transaction is performed – it uses past transactions as decoy and splits up the actual transaction in parts). This makes Monero perfect for hiding identities, and transactions.
   • Coins that offer partial anonymity – in these cases the users of the blockchain can opt to activate the privacy features – for example Zcash. This coin’s anonymity feature restricts access to transactions’ data between participating addresses by using a form of cryptography known as zero-knowledge-proof (ZKP) technology. There are two types of ZKPs:
     • ‘Zero-Knowledge Succinct Non-Interactive Argument of Knowledge,’ or ‘zk-SNARK’: this is a cryptographic method that allows the validation of a transaction (checking if the sending address has available funds to cover the amount that is to be sent and the correct private key is used) without disclosing the address or transaction amount. The blockchain network uses zk-SNARKs to encode a part of its consensus rules to offer this functionality. 
     • ‘Zero-Knowledge Scalable Transparent Argument of Knowledge’, or ‘zk-STARK’: this functions in the same way as zk-SNARKs, however it does not put forth privacy, but scalability.
2. Services offered by companies, Anonymity Enhancing Services (AES). These aim to cut off the tracing of assets, such as mixers(tumblers), adding an extra layer of privacy with the scope of reaching anonymity. This functions as a large transaction with inputs from multiple addresses and sends multiple outputs making it difficult to determine which outputs belong to which sender addresses. The core of this process, before sending the outputs, is the mixing of coins, losing the traceability of the sender.

This result can be obtained by Coinjoins (a software) or by using mixers/tumblers (services providing this obfuscation method). The difference between them is that Mixers take custody of users’ funds, whereas, in Coinjoins this does not happen, users maintaining control of their cryptocurrency at all times. Although a mixer is a company, for the most part, if they offer only mixing services, and not others that fall under the definition of a VASP, they fall under the category of non-regulated entities. This means they have no AML obligations, however, they are obligated to adopt measures to ensure sanctions circumvention and terrorist financing does not occur. 

_{C) Comparison of Crypto Anonymity Enhancers}

• Mixers/Tumblers
• CoinJoin
• Lightning Network
• zk-SNARKs Cryptocurrencies [ZCash]
• LTC MWEB
• Taproot
• Dandelion; Dandelion++

Anonymity Enhancer: Mixer

Date of Creation: 2011

Creator: First mixer: Bitcoin Fog. Alleged founder: Roman Sterlingov

Reason for Creation: The aim is to obfuscate BTC transaction history.

Supported Blockchains: ETH, BTC, SOL, USDT, etc. Initially created for BTC transactions – it has now evolved to cover other blockchains and coins as well (e.g. Tornado Cash – ETH mixer).

Technical Aspects – Overview: Users send crypto coins to the entity, which are then mixed together losing track of what amount came from which address. The recipients receive coins whose sender has been obfuscated. As more users use a particular mixing service, it becomes increasingly difficult for an outsider to tie any of the input coins to any of the output coins. This breaks the transaction trail, offering privacy to the users.

VASPs have no visibility over the sending address, however, upon request from LEAs mixers are able to provide it.

Anonymity Enhancer: Coinjoin

Date of Creation: 2013

Creator: Gregory Maxwell

Reason for Creation: The aim is to obfuscate BTC transaction history.

Supported Blockchains: BTC

Technical Aspects – Overview: CoinJoin is a software used by individual users who sign a digital smart contract to add their inputs. These are combined resulting in outputs of identical values.
The main difference between a CoinJoin and a mixer is that a mixer is a service offered by a company to mix coins, whereas the CoinJoin is a software used directly by users. This leads to another difference: in CoinJoins, users maintain custody of their funds, whereas with mixers, there is a possibility of funds being lost. 

Anonymity Enhancer: Lightning Network (LN)

Date of creation: White Paper released in 2016. Operational since 2018.

Creator: Joseph Poon and Thaddeus Dryja

Reason for Creation: The aim is to solve Bitcoin’s slow transaction time and throughput.

Supported Blockchains: BTC, LTC

Technical Aspects – Overview: LN was created to reduce fees for micropayments and increase scalability of BTC.

LN is a layer 2 transaction processing solution. Layer 1 represents the mainnet, the original blockchain where a transaction is performed from start to finish. Layer 2 is an additional blockchain built on top of the mainnet, which takes on some of the steps involved in processing a transaction on the mainnet. This process is off-chain and allows for multiple transactions to occur prior to releasing them on the mainnet.

How does it work? A channel is created by two users. They can perform multiple transactions between them before closing and releasing it onto the mainnet which registers it as a single transaction. LN not only supports direct transactions between users that share an open channel, but indirect as well. For example, if two open channels, share a user, he can be used as an intermediary by the other two to send payments between them. The intermediary is incentivised to route the payment by a fee they charge when they forward the payment.

This setup offers less transparency of processed transactions and involved parties. LN is heavily used in El Salvador, where Bitcoin is a legal tender.

Anonymity Enhancer: Zero Knowledge Proof (ZKP) Technology

Date of Creation: The concept was first proposed in 1989. Zcash uses the technology in 2016.

Creator(s): Shafi Goldwasser, Silvio Micali and Charles Rackoff of MIT proposed the idea of “zero knowledge technologies.”
 
2016: “Zcash was the first widespread application of zk-SNARKs. The strong privacy guarantee of Zcash is derived from the fact that shielded transactions in Zcash can be fully encrypted on the blockchain, yet still be verified as valid under the network’s consensus rules by using zk-SNARK proofs.”

Reason for Creation: 2016: ZKP use in Zcash: the goal was to create a privacy extension to Bitcoin.

Supported Blockchains: Is mostly known for its use in  ZCash, however, this privacy feature is employed by multiple blockchains.

Technical Aspects – Overview: ZKP refers to a situation where one can prove possession of certain information, e.g. a secret key, without revealing that information, and without any interaction between the prover and verifier.

Anonymity Enhancer: LTC Mimble Wimble

Date of Creation: 2016 – original whitepaper of MW

Creator: Tom Elvis Jedusor (alias – the French name of Tom Riddle’s character in Harry Potter)

Reason for Creation: Originally created in 2016 based on several privacy-enhancing methods initially envisioned for Bitcoin, MimbleWimble technology emerged to solve privacy and fungibility deficiencies while also providing greater network scalability.

Supported Blockchains: Various blockchains use this technology; there is also an MW Coin. Here, we focus on the MW protocol on the LTC network: Mimblewimble Extension Block (MWEB).

Technical Aspects – Overview: The Litecoin MWEB update uses 5 layers of encryption: Elliptic Curve Cryptography (ECC), Confidential Transaction (also used by Monero), Dandelion, CoinJoin and Cut-through.

LTC MWEB is an opt-in feature, meaning that users can choose to use this privacy feature or perform transparent transactions on the LTC blockchain.

Anonymity Enhancer: Taproot

Date of Creation: 2018

Creator: Gregory Maxwell

Reason for Creation: The aim is to bring greater privacy to the BTC network, make transactions cheaper, faster and easier, and allow for the deployment of advanced smart contracts.

Supported Blockchains: BTC

Technical Aspects – Overview: The Taproot upgrade combines multiple signatures and transactions. This makes it easier and faster to verify transactions on Bitcoin’s network. It also mixes together transactions with single and multiple signatures which makes it more difficult to identify transaction inputs on Bitcoin’s blockchain.

Anonymity Enhancer: Dandelion, Dandelion ++

Date of Creation: 2017-2018

Creator(s): Giulia Fanti, Carnegie Mellon University, Shaileshh Bojja Venkatakrishnan, Massachusetts Institute of Technology, Surya Bakshi, University of Illinois at Urbana-Champaign, Bradley Denby, Carnegie Mellon University, Shruti Bhargava, University of Illinois at Urbana-Champaign, Andrew Miller, University of Illinois at Urbana-Champaign and PRAMOD VISWANATH, University of Illinois at Urbana-Champaign.

Reason for Creation: Dandelion was created to improve on Bitcoin’s P2P network privacy.

Supported Blockchains: BTC, XMR

Technical Aspects – Overview: Dandelion and Dandelion++ add anonymity to transactions made through the Bitcoin peer-to-peer layer.

Dandelion++ is the improved version of Dandelion which was designed to enhance anonymity by making it harder to link a transaction to the IP of the node that originated it.

The name Dandelion comes from the pattern made by the way transactions are forwarded in the network. This created the name of the two phases. Dandelion++ operates in: ‘stem’ and ‘fluff’.

This protocol alters the way transactions propagate. In the ‘stem’ phase, the sending node randomly chooses a node it’s connected to and sends the transaction to it. In the ‘fluff’ phase, the node that receives the transaction furthers it to every outgoing connection. Every few minutes a receiving node defines itself as the one that will either propagate the transaction again via ‘stem’ or ‘fluff’ at random.

The anonymity offered by Dandelion++ remains constant instead of increasing with network size. This translates to scaling the Bitcoin peer-to-peer network does not result in better anonymity.