Abstract
Over the years, several privacy attacks targeted at UTXO-based cryptocurrencies such as Bitcoin have been proposed. This has led to an arms race between increasingly sophisticated analysis approaches and a continuous stream of proposals that seek to counter such attacks against users’ privacy. Recently, PayJoin was presented as a new technique for mitigating one of the most prominent heuristics, namely common input ownership. This heuristic assumes that the inputs of a transaction, and thus the associated addresses, belong to the same entity. However, a problem with PayJoin is that implementations can accidentally reveal such transactions if the corresponding inputs from involved parties are not chosen carefully. Specifically, if a transaction is formed in a way such that it contains seemingly unnecessary inputs, it can be identified through so-called unnecessary input heuristic (UIH). What is not yet clear is the impact of naive coin selection algorithms within PayJoin implementations that may flag such transactions as PayJoin. This paper investigates the resemblance of PayJoin transactions to ordinary payment transactions by examining the significance of the unnecessary input heuristic in transactions with more than one input and exactly two outputs which is the common template of recent PayJoin transactions.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We consider the BlockSci definition in a simpler form, ignoring the transaction fee for data categorization.
- 2.
- 3.
A comprehensive definition can be considered as \((sum(in)-min(in)>=sum(out)-min(out)+TX.fee)\).
- 4.
- 5.
- 6.
In the second transaction, different nSequence fields also reveal that the inputs were added by different wallets, however, wallet fingerprinting is beyond the scope of this paper.
References
Meiklejohn, S., et al.: A fistful of bitcoins: characterizing payments among men with no names. In: Proceedings of the 2013 Conference on Internet Measurement Conference, pp. 127–140. Association for Computing Machinery, New York (2013)
Kalodner, H., et al.: BlockSci: design and applications of a blockchain analysis platform. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2721–2738. USENIX, (2020). Change Address Heuristics. https://citp.github.io/BlockSci/reference/heuristics/change.html. Accessed 20 Sep 2020
Improving privacy using Pay-to-End Point (P2EP). https://blockstream.com/2018/ 08/08/en-improving-privacy-using-pay-to-endpoint/. Accessed 20 Sep 2020
Bustapay BIP: a practical sender/receiver coinjoin protocol. https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2018-August/016340.html. Accessed 20 Sep 2020
PayJoin. https://joinmarket.me/blog/blog/payjoin/. Accessed 23 Aug 2020
BIP78: A simple payjoin proposal. https://github.com/bitcoin/bips/blob/master/bip-0078.mediawiki. Accessed 20 Sep 2020
BitCoin Privacy. https://en.bitcoin.it/wiki/Privacy. Accessed 20 Sep 2020
Acknowledgment
This work is supported by COMET SBA-K1 and the Austrian Research Promotion Agency (FFG) via project number 874019.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Ghesmati, S., Kern, A., Judmayer, A., Stifter, N., Weippl, E. (2021). Unnecessary Input Heuristics and PayJoin Transactions. In: Stephanidis, C., Antona, M., Ntoa, S. (eds) HCI International 2021 - Posters. HCII 2021. Communications in Computer and Information Science, vol 1420. Springer, Cham. https://doi.org/10.1007/978-3-030-78642-7_56
Download citation
DOI: https://doi.org/10.1007/978-3-030-78642-7_56
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78641-0
Online ISBN: 978-3-030-78642-7
eBook Packages: Computer ScienceComputer Science (R0)