Paper 2017/881

Möbius: Trustless Tumbling for Transaction Privacy

Sarah Meiklejohn and Rebekah Mercer


Cryptocurrencies allow users to securely transfer money without relying on a trusted intermediary, and the transparency of their underlying ledgers also enables public verifiability. This openness, however, comes at a cost to privacy, as even though the pseudonyms users go by are not linked to their real-world identities, all movement of money among these pseudonyms is traceable. In this paper, we present Möbius, an Ethereum-based tumbler or mixing service. Möbius achieves strong notions of anonymity, as even malicious senders cannot identify which pseudonyms belong to the recipients to whom they sent money, and is able to resist denial-of-service attacks. It also achieves a much lower off-chain communication complexity than all existing tumblers, with senders and recipients needing to send only two initial messages in order to engage in an arbitrary number of transactions.

Note: full version

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. PETS 2018
Contact author(s)
rebekah @ cs au dk
2018-01-02: revised
2017-09-17: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sarah Meiklejohn and Rebekah Mercer},
      title = {Möbius: Trustless Tumbling for Transaction Privacy},
      howpublished = {Cryptology ePrint Archive, Paper 2017/881},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.