Dandelion++: Lightweight Cryptocurrency Networking with Formal Anonymity Guarantees
This addresses deanonymization attacks in cryptocurrency networks, offering a lightweight and scalable solution for Bitcoin users, though it builds upon prior work with incremental improvements.
The paper tackles the problem of anonymity vulnerabilities in Bitcoin's networking stack, which allows third-party observers to link transactions to IP addresses, by presenting Dandelion++, a defense that provides near-optimal information-theoretic guarantees and demonstrates interoperability and low broadcast latency overhead in experiments on Bitcoin's mainnet.
Recent work has demonstrated significant anonymity vulnerabilities in Bitcoin's networking stack. In particular, the current mechanism for broadcasting Bitcoin transactions allows third-party observers to link transactions to the IP addresses that originated them. This lays the groundwork for low-cost, large-scale deanonymization attacks. In this work, we present Dandelion++, a first-principles defense against large-scale deanonymization attacks with near-optimal information-theoretic guarantees. Dandelion++ builds upon a recent proposal called Dandelion that exhibited similar goals. However, in this paper, we highlight simplifying assumptions made in Dandelion, and show how they can lead to serious deanonymization attacks when violated. In contrast, Dandelion++ defends against stronger adversaries that are allowed to disobey protocol. Dandelion++ is lightweight, scalable, and completely interoperable with the existing Bitcoin network. We evaluate it through experiments on Bitcoin's mainnet (i.e., the live Bitcoin network) to demonstrate its interoperability and low broadcast latency overhead.