Cryptology ePrint Archive: Report 2016/575
TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub
Ethan Heilman and Leen Alshenibr and Foteini Baldimtsi and Alessandra Scafuro and Sharon Goldberg
Abstract: This paper presents TumbleBit, a new unidirectional unlinkable payment hub that is fully compatible with today's Bitcoin protocol. TumbleBit allows parties to make fast, anonymous, off-blockchain payments through an untrusted intermediary called the Tumbler. TumbleBit's anonymity properties are similar to classic Chaumian eCash: no one, not even the Tumbler, can link a payment from its payer to its payee. Every payment made via TumbleBit is backed by bitcoins, and comes with a guarantee that Tumbler can neither violate anonymity, nor steal bitcoins, nor ``print money'' by issuing payments to itself. We prove the security of TumbleBit using the real/ideal world paradigm and the random oracle model. Security follows from the standard RSA assumption and ECDSA unforgeability. We implement TumbleBit, mix payments from 800 users and show that TumbleBit's off-blockchain payments can complete in seconds.
Category / Keywords: applications / bitcoin, anonymity, fair exchange, ecash
Date: received 3 Jun 2016, last revised 17 Feb 2017
Contact author: ethan r heilman at gmail com
Available format(s): PDF | BibTeX Citation
Note: Added discussion about TumbleBit being secure against transaction malleability. Fixed typos and formatting issues.
Version: 20170217:195559 (All versions of this report)
Short URL: ia.cr/2016/575
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]