Cryptology ePrint Archive: Report 2016/575

TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub

Ethan Heilman and Leen Alshenibr and Foteini Baldimtsi and Alessandra Scafuro and Sharon Goldberg

Abstract: This paper presents TumbleBit, a new unidirectional unlinkable payment hub that is fully compatible with today's Bitcoin protocol. TumbleBit allows parties to make fast, anonymous, off-blockchain payments through an untrusted intermediary called the Tumbler. TumbleBit's anonymity properties are similar to classic Chaumian eCash: no one, not even the Tumbler, can link a payment from its payer to its payee. Every payment made via TumbleBit is backed by bitcoins, and comes with a guarantee that Tumbler can neither violate anonymity, nor steal bitcoins, nor ``print money'' by issuing payments to itself. We prove the security of TumbleBit using the real/ideal world paradigm and the random oracle model. Security follows from the standard RSA assumption and ECDSA unforgeability. We implement TumbleBit, mix payments from 800 users and show that TumbleBit's off-blockchain payments can complete in seconds.

Category / Keywords: applications / bitcoin, anonymity, fair exchange, ecash

Date: received 3 Jun 2016, last revised 17 Feb 2017

Contact author: ethan r heilman at gmail com

Available format(s): PDF | BibTeX Citation

Note: Added discussion about TumbleBit being secure against transaction malleability. Fixed typos and formatting issues.

Version: 20170217:195559 (All versions of this report)

Short URL: ia.cr/2016/575

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]