Airdrops and Privacy: A Case Study in Cross-Blockchain Analysis
This highlights a privacy problem for cryptocurrency users, particularly in cross-blockchain contexts, but is incremental as it builds on existing address clustering methods.
The paper tackled the privacy risks of cryptocurrency airdrops by analyzing the 2014 Clam airdrop, showing that address sharing across blockchains can expose entity information, with specific instances identified where activity on the Clam blockchain disclosed ownership details on Bitcoin, Litecoin, and Dogecoin.
Airdrops are a popular method of distributing cryptocurrencies and tokens. While often considered risk-free from the point of view of recipients, their impact on privacy is easily overlooked. We examine the Clam airdrop of 2014, a forerunner to many of today's airdrops, that distributed a new cryptocurrency to every address with a non-dust balance on the Bitcoin, Litecoin and Dogecoin blockchains. Specifically, we use address clustering to try to construct the one-to-many mappings from entities to addresses on the blockchains, individually and in combination. We show that the sharing of addresses between the blockchains is a privacy risk. We identify instances where an entity has disclosed information about their address ownership on the Bitcoin, Litecoin and Dogecoin blockchains, exclusively via their activity on the Clam blockchain.