Paper 2014/349

Zerocash: Decentralized Anonymous Payments from Bitcoin

Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza

Abstract

Bitcoin is the first digital currency to see widespread adoption. While payments are conducted between pseudonyms, Bitcoin cannot offer strong privacy guarantees: payment transactions are recorded in a public decentralized ledger, from which much information can be deduced. Zerocoin (Miers et al., IEEE S&P 2013) tackles some of these privacy issues by unlinking transactions from the payment's origin. Yet, it still reveals payments' destinations and amounts, and is limited in functionality. In this paper, we construct a full-fledged ledger-based digital currency with strong privacy guarantees. Our results leverage recent advances in zero-knowledge Succinct Non-interactive ARguments of Knowledge (zk-SNARKs). First, we formulate and construct decentralized anonymous payment schemes (DAP schemes). A DAP scheme enables users to directly pay each other privately: the corresponding transaction hides the payment's origin, destination, and transferred amount. We provide formal definitions and proofs of the construction's security. Second, we build Zerocash, a practical instantiation of our DAP scheme construction. In Zerocash, transactions are less than 1 kB and take under 6 ms to verify --- orders of magnitude more efficient than the less-anonymous Zerocoin and competitive with plain Bitcoin.

Note: See http://zerocash-project.org/ for more information.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Major revision. 2014 IEEE Symposium on Security and Privacy
Keywords
Bitcoindecentralized electronic cashzero-knowledge proofs
Contact author(s)
alexch @ mit edu
History
2014-05-19: received
Short URL
https://ia.cr/2014/349
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/349,
      author = {Eli Ben-Sasson and Alessandro Chiesa and Christina Garman and Matthew Green and Ian Miers and Eran Tromer and Madars Virza},
      title = {Zerocash: Decentralized Anonymous Payments from Bitcoin},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/349},
      year = {2014},
      url = {https://eprint.iacr.org/2014/349}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.