Abstract
Bitcoin relies on a peer-to-peer network for communication between participants. Knowledge of the network topology is of scientific interest but can also facilitate attacks on the users’ anonymity and the system’s availability. We present two approaches for inferring the network topology and evaluate them in simulations and in real-world experiments in the Bitcoin testnet. The first approach exploits the accumulation of multiple transactions before their announcement to other peers. Despite the general feasibility of the approach, simulation and experimental results indicate a low inference quality. The second approach exploits the fact that double spending transactions are dropped by clients. Experimental results show that inferring the neighbors of a specific peer is possible with a precision of 71% and a recall of 87% at low cost.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
- 3.
If there are more than 35 transactions in the queue (which occurs only infrequently), only 35 transactions are announced at once.
- 4.
The next time is calculated as: \( current\_time + \ln \left( 1 + X \cdot \frac{-1}{2^{48}} \right) \cdot average\_interval\_seconds \cdot -1000000 + 0.5\) (all timestamps are in microseconds, \(X \in \mathcal {U}[0:2^{48}-1]\), \( average\_interval\_seconds \) is 5 s for incoming connections and 2 s for outgoing connections).
- 5.
Our measurements show that maintaining connections to \({\approx }\)10,000 peers consumes about 20 Mbit/s.
- 6.
Due to extreme fluctuations in transaction fees and exchange rates, this calculation is just an example.
- 7.
This models the scenario that the adversary pays higher transaction fees than the fees for the other transactions.
- 8.
Peers were found using https://github.com/ayeowch/bitnodes/.
- 9.
Because of the small sample size, the real precision can strongly deviate from the observed precision.
- 10.
520 peers with 8 connections each.
References
Biryukov, A., Khovratovich, D., Pustogarov, I.: Deanonymisation of clients in Bitcoin P2P network. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM (2014)
Decker, C., Wattenhofer, R.: Information propagation in the Bitcoin network. In: 2013 IEEE Thirteenth International Conference on Peer-to-Peer Computing (P2P), pp. 1–10. IEEE (2013)
Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 436–454. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_28
Fanti, G., Viswanath, P.: Anonymity properties of the Bitcoin P2P network. arXiv preprint arXiv:1703.08761 (2017)
Heilman, E., Kendler, A., Zohar, A., Goldberg, S.: Eclipse attacks on Bitcoin’s peer-to-peer network. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 129–144 (2015)
Karame, G.O., Androulaki, E., Capkun, S.: Double-spending fast payments in Bitcoin. In: Proceedings of the 2012 ACM conference on Computer and communications security, pp. 906–917. ACM (2012)
Koshy, P., Koshy, D., McDaniel, P.: An analysis of anonymity in bitcoin using P2P network traffic. In: Christin, N., Safavi-Naini, R. (eds.) FC 2014. LNCS, vol. 8437, pp. 469–485. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45472-5_30
Miller, A., et al.: Discovering Bitcoin’s public topology and influential nodes (2015)
Nakamoto, S.: Bitcoin: A Peer-to-Peer Electronic Cash System (2008)
Nayak, K., Kumar, S., Miller, A., Shi, E.: Stubborn mining: generalizing selfish mining and combining with an eclipse attack. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 305–320. IEEE (2016)
Neudecker, T., Andelfinger, P., Hartenstein, H.: Timing analysis for inferring the topology of the Bitcoin peer-to-peer network. In: 2016 International IEEE Conference on Advanced and Trusted Computing (ATC), pp. 358–367, July 2016
Acknowledgements
This work was supported by the German Federal Ministry of Education and Research (BMBF) within the project KASTEL_IoE in the Competence Center for Applied Security Technology (KASTEL). The authors would like to thank the anonymous reviewers for their valuable comments and suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendix
Appendix
Figure 7 shows that the approach exploiting the accumulation of transactions scales linearly with the network size.
Exploiting transaction accumulation: Number of true positives and false positives depending on the network size for \(v_\mathrm {M}\) being connected to half of the peers.
Precision and recall depending on the number of runs for variant Count and \(v_\mathrm {M}\) being connected to 375 of 500 peers.
Figure 8 shows precision and recall for the variant Count of the approach exploiting double spends. As can be seen, the recall increases in steps. These steps are caused by adjusting the threshold for the required number of receptions. While this variant can be used to reach high precision, the recall is limited even after more than 200 runs.
Rights and permissions
Copyright information
© 2019 International Financial Cryptography Association
About this paper
Cite this paper
Grundmann, M., Neudecker, T., Hartenstein, H. (2019). Exploiting Transaction Accumulation and Double Spends for Topology Inference in Bitcoin. In: Zohar, A., et al. Financial Cryptography and Data Security. FC 2018. Lecture Notes in Computer Science(), vol 10958. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-58820-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-662-58820-8_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-58819-2
Online ISBN: 978-3-662-58820-8
eBook Packages: Computer ScienceComputer Science (R0)