Cryptology ePrint Archive: Report 2016/575

TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub

Ethan Heilman and Leen Alshenibr and Foteini Baldimtsi and Alessandra Scafuro and Sharon Goldberg

Abstract: This paper presents TumbleBit, a new unidirectional unlinkable payment hub that is fully compatible with today's Bitcoin protocol. TumbleBit allows parties to make fast, anonymous, off-blockchain payments through an untrusted intermediary called the Tumbler. TumbleBit's anonymity properties are similar to classic Chaumian eCash: no one, not even the Tumbler, can link a payment from its payer to its payee. Every payment made via TumbleBit is backed by bitcoins, and comes with a guarantee that Tumbler can neither violate anonymity, nor steal bitcoins, nor ``print money'' by issuing payments to itself. We prove the security of TumbleBit using the real/ideal world paradigm and the random oracle model. Security follows from the standard RSA assumption and ECDSA unforgeability. We implement TumbleBit, mix payments from 800 users and show that TumbleBit's off-blockchain payments can complete in seconds.

Category / Keywords: applications / bitcoin, anonymity, fair exchange, ecash

Date: received 3 Jun 2016, last revised 31 Jul 2017

Contact author: goldbe at cs bu edu

Available format(s): PDF | BibTeX Citation

Note: Updated paper to highlight the fact that we only use the fact that RSA is permutation in our security proofs. Fixed typos in Figure 6.

Version: 20170731:095034 (All versions of this report)

Short URL: ia.cr/2016/575


[ Cryptology ePrint archive ]