Paper 2016/061

Accountable Privacy for Decentralized Anonymous Payments

Christina Garman, Matthew Green, and Ian Miers


Decentralized ledger-based currencies such as Bitcoin provide a means to construct payment systems without requiring a trusted bank. Removing this trust assumption comes at the significant cost of transaction privacy. A number of academic works have sought to improve the privacy offered by ledger-based currencies using anonymous electronic cash (e-cash) techniques. Unfortunately, this strong degree of privacy creates new regulatory concerns, since the new private transactions cannot be subject to the same controls used to prevent individuals from conducting illegal transactions such as money laundering. We propose an initial approach to addressing this issue by adding privacy preserving policy-enforcement mechanisms that guarantee regulatory compliance, allow selective user tracing, and admit tracing of tainted coins (e.g., ransom payments). To accomplish this new functionality we also provide improved definitions for Zerocash and, of independent interest, an efficient construction for simulation sound zk-SNARKs.

Available format(s)
Publication info
Published elsewhere. Major revision. Financial Cryptography and Data Security 2016
Contact author(s)
cgarman @ cs jhu edu
2016-06-27: last of 2 revisions
2016-01-25: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christina Garman and Matthew Green and Ian Miers},
      title = {Accountable Privacy for Decentralized Anonymous Payments},
      howpublished = {Cryptology ePrint Archive, Paper 2016/061},
      year = {2016},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.