An Empirical Analysis of Anonymity in Zcash
This work addresses privacy vulnerabilities in Zcash for cryptocurrency users, revealing incremental weaknesses in its deployed system.
The paper analyzed the anonymity guarantees of Zcash, finding that while private usage is possible, the anonymity set can be significantly reduced using simple heuristics based on identifiable usage patterns.
Among the now numerous alternative cryptocurrencies derived from Bitcoin, Zcash is often touted as the one with the strongest anonymity guarantees, due to its basis in well-regarded cryptographic research. In this paper, we examine the extent to which anonymity is achieved in the deployed version of Zcash. We investigate all facets of anonymity in Zcash's transactions, ranging from its transparent transactions to the interactions with and within its main privacy feature, a shielded pool that acts as the anonymity set for users wishing to spend coins privately. We conclude that while it is possible to use Zcash in a private way, it is also possible to shrink its anonymity set considerably by developing simple heuristics based on identifiable patterns of usage.