Privacy coins such as Zcash, Monero, and Dash have a crucial selling point: advanced cryptographic features that ensure senders, receivers, and the value of payments is obfuscated.
Yet a new study by Carnegie Mellon University has uncovered a huge problem with one of the biggest… just 0.09% of Zcash transactions in a 30-day period were untraceable.
Despite Zcash boasting that its blockchain is “completely private,” researchers claim its “ecosystem is not conducive towards achieving anonymity for its users.”
The study suggests that the vast majority of current Zcash users are yet to understand how the technology works—potentially meaning it offers little advantage when compared with more established networks.
“Despite the demand for private digital money, Zcash is evidently still in the early stages of development,” read one damning line in the academic paper.
The issue is not Zcash’s design—its “zk-SNARKs” cryptography is very solid.
According to the researchers, a lot of the privacy coin’s woes can be, er, traced back to how very few Zcash users choose to make use of the “shielded pool” that stops outsiders from connecting the dots between transactions.
“As each user in the shielded pool becomes linked to the transparent pool, the overall anonymity of the ZEC ecosystem reduces as the anonymity set shrinks drastically. On top of the already miniscule set of users even utilizing shielded transactions at all, Zcash is effectively traceable as of this study,” the researchers wrote.
It also seems that many criminals may be all too painfully aware of Zcash’s flaws, given how this isn’t the first piece of research to point out the “privacy coin” is actually quite traceable.
“With a ranking of 26 out of all cryptocurrencies in terms of market capitalizations, ZEC is simply not ‘where the money is,’ thus not enticing to criminals to use if they want to be more accessible to a broader market,” Carnegie Mellon surmised.
None of this is to say that those who are hoping for privacy when they are making crypto payments need to give up and go back to cold, hard cash.
The university found that Monero’s approach means that it is “much harder” to trace transactions. This altcoin has existed since April 2014. One of its primary features involves a single-use address being generated every time a transaction is made. In January 2017, ring signatures were introduced to narrow traceability further. This concept effectively adds decoys so outsiders will find it much harder to deduce who authorized a transaction.
Although researchers found that a handful of XMR transactions are fully deducible, their study added: “The percentage of partially or fully deducible transactions has been nearly zero for over two years.” In part, Carnegie Mellon attributed Monero’s success to how it has been increasing the number of decoys involved in its ring signatures feature.
“The anonymity of Monero has evolved to a large extent in the recent few years,” the authors said. “Compared to the version three years ago, current Monero transactions can be conducted with superior anonymity with the introduction of new techniques like RingCT.”
Conclusions surrounding Zcash were less forgivable—with researchers coming to the “expected” outcome that this altcoin’s privacy guarantees are “questionable.”
They added: “As the volume of public transactions increase at a much faster rate than that of shielded and private transactions, the overall anonymity of ZEC users, even if they are fully utilizing the features of the shielded pools, is decreased.
“Incentivizing current users to at least partially engage in shielded pools would significantly reduce the current flaw in its privacy guarantees.”
The sheer volume of Zcash’s traceable transactions—99.9%—could offer some reassurance to the politicians who have embarked on a quest to ban cryptocurrencies that focus on delivering privacy and anonymity. As reported last March, a Texas state legislator and a French National Assembly deputy were among those putting Zcash under scrutiny, and demanding that both parties in a cryptocurrency transaction must identify themselves.
Unfortunately, life isn’t always this simple.
Last month, crypto intelligence firm Chainalysis gave Modern Consensus insights that chime with Carnegie Mellon’s new report: privacy coins aren’t a criminal’s first choice… Bitcoin is.
As a Chainalysis spokeswoman said: “While privacy coins are more difficult to trace, they are also more difficult to buy and sell as exchanges increasingly delist them due to regulatory reasons. As such, criminals behind darknet markets, extortion schemes, and more need to weigh operational efficiency vs privacy, and often choose operational efficiency.”
Even Monero, increasingly being established as one of the more effective privacy coins, is being roundly outpaced. In terms of daily trading volumes, BTC has 300 times more activity than XMR.
The debate surrounding privacy coins is far from over, especially as countries like China begin to add the finishing touches to their central bank digital currencies. Back in November, an executive at the People’s Bank of China expressed hope that Beijing will be able to achieve “controllable anonymity” with the digital yuan—an Orwellian gem that suggests the suits will be watching when this CBDC is used.
Updated 6:57 p.m. on 05/25/20 to correct photo credit.