On the linkability of Zcash transactions
This addresses privacy vulnerabilities for Zcash users, though it is incremental as it builds on known anonymity limitations.
The paper tackled the problem of transaction linkability in Zcash's shielded addresses by analyzing usage patterns and identifying round-trip transactions, finding that 31.5% of coins sent to shielded addresses could be matched using a temporal heuristic.
Zcash is a fork of Bitcoin with optional anonymity features. While transparent transactions are fully linkable, shielded transactions use zero-knowledge proofs to obscure the parties and amounts of the transactions. First, we observe various metrics regarding the usage of shielded addresses. Moreover, we show that most coins sent to shielded addresses are later sent back to transparent addresses. We then search for round-trip transactions, where the same, or nearly the same number of coins are sent from a transparent address, to a shielded address, and back again to a transparent address. We argue that such behavior exhibits high linkability, especially when they occur nearby temporally. Using this heuristic our analysis matched 31.5% of all coins sent to shielded addresses.