Paper 2015/1008

Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges

Gaby G. Dagher, Benedikt Buenz, Joseph Bonneau, Jeremy Clark, and Dan Boneh

Abstract

Bitcoin exchanges function like banks, securely holding their customers' bitcoins on their behalf. Several exchanges have suffered catastrophic losses with customers permanently losing their savings. A proof of solvency demonstrates that the exchange controls sufficient reserves to settle each customer's account. We introduce Provisions, a privacy-preserving proof of solvency whereby an exchange does not have to disclose its Bitcoin addresses; total holdings or liabilities; or any information about its customers. We also propose an extension which prevents exchanges from colluding to cover for each other's losses. We have implemented Provisions and show that it offers practical computation times and proof sizes even for a large Bitcoin exchange with millions of customers.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. MAJOR revision.ACM CCS
Keywords
Bitcoinproof of solvency
Contact author(s)
jbonneau @ cs stanford edu
History
2015-10-26: last of 2 revisions
2015-10-19: received
See all versions
Short URL
https://ia.cr/2015/1008
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2015/1008,
      author = {Gaby G.  Dagher and Benedikt Buenz and Joseph Bonneau and Jeremy Clark and Dan Boneh},
      title = {Provisions: Privacy-preserving proofs of solvency for Bitcoin exchanges},
      howpublished = {Cryptology ePrint Archive, Paper 2015/1008},
      year = {2015},
      note = {\url{https://eprint.iacr.org/2015/1008}},
      url = {https://eprint.iacr.org/2015/1008}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.