Paper 2019/1058

Privacy-preserving auditable token payments in a permissioned blockchain system

Elli Androulaki, Jan Camenisch, Angelo De Caro, Maria Dubovitskaya, Kaoutar Elkhiyaoui, and Björn Tackmann


Token management systems were the first application of blockchain technology and are still the most widely used one. Early implementations such as Bitcoin or Ethereum provide virtually no privacy beyond basic pseudonymity: all transactions are written in plain to the blockchain, which makes them perfectly linkable and traceable. Several more recent blockchain systems, such as Monero or Zerocash, implement improved levels of privacy. Most of these systems target the permissionless setting, just like Bitcoin. Many practical scenarios, in contrast, require token systems to be permissioned, binding the tokens to user identities instead of pseudonymous addresses, and also requiring auditing functionality in order to satisfy regulation such as AML/KYC. We present a privacy-preserving token management system that is designed for permissioned blockchain systems and supports fine-grained auditing. The scheme is secure under computational assumptions in bilinear groups, in the random-oracle model.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Major revision. AFT 2020
Contact author(s)
kao @ zurich ibm com
2020-10-13: last of 4 revisions
2019-09-18: received
See all versions
Short URL
Creative Commons Attribution


      author = {Elli Androulaki and Jan Camenisch and Angelo De Caro and Maria Dubovitskaya and Kaoutar Elkhiyaoui and Björn Tackmann},
      title = {Privacy-preserving auditable token payments in a permissioned blockchain system},
      howpublished = {Cryptology ePrint Archive, Paper 2019/1058},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.