DOCSLIB.ORG

Decentralized Anonymous Payments from Bitcoin

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Decentralized Anonymous Payments from Bitcoin 2014 IEEE Symposium on Security and Privacy Zerocash: Decentralized Anonymous Payments from Bitcoin Eli Ben-Sasson∗, Alessandro Chiesay, Christina Garmanz, Matthew Greenz, Ian Miersz, Eran Tromerx, Madars Virzay ∗Technion, [email protected] yMIT, falexch, [email protected] zJohns Hopkins University, fcgarman, imiers, [email protected] xTel Aviv University, [email protected] Abstract—Bitcoin is the first digital currency to see widespread party and then, after some interval, retrieve different coins adoption. While payments are conducted between pseudonyms, (with the same total value) from the pool. Yet, mixes suffer Bitcoin cannot offer strong privacy guarantees: payment trans- from three limitations: (i) the delay to reclaim coins must be actions are recorded in a public decentralized ledger, from which much information can be deduced. Zerocoin (Miers et large to allow enough coins to be mixed in; (ii) the mix can 1 al., IEEE S&P 2013) tackles some of these privacy issues by trace coins; and (iii) the mix may steal coins. For users with unlinking transactions from the payment’s origin. Yet, it still “something to hide,” these risks may be acceptable. But typical reveals payments’ destinations and amounts, and is limited in legitimate users (1) wish to keep their spending habits private functionality. from their peers, (2) are risk-averse and do not wish to expend In this paper, we construct a full-fledged ledger-based digital currency with strong privacy guarantees. Our results leverage continual effort in protecting their privacy, and (3) are often recent advances in zero-knowledge Succinct Non-interactive AR- not sufficiently aware of their compromised privacy. guments of Knowledge (zk-SNARKs). To protect their privacy, users thus need an instant, risk-free, First, we formulate and construct decentralized anonymous and, most importantly, automatic guarantee that data revealing payment schemes (DAP schemes). A DAP scheme enables users to their spending habits and account balances is not publicly directly pay each other privately: the corresponding transaction hides the payment’s origin, destination, and transferred amount. accessible by their neighbors, co-workers, and merchants. We provide formal definitions and proofs of the construction’s Anonymous transactions also guarantee that the market value security. of a coin is independent of its history, thus ensuring legitimate Second, we build Zerocash, a practical instantiation of our users’ coins remain fungible.2 DAP scheme construction. In Zerocash, transactions are less than 1 kB and take under 6 ms to verify — orders of magnitude more Zerocoin: a decentralized mix. Miers et al. [8] proposed efficient than the less-anonymous Zerocoin and competitive with Zerocoin, which extends Bitcoin to provide strong anonymity plain Bitcoin. guarantees. Like many e-cash protocols (e.g., [2]), Zerocoin employs zero-knowledge proofs to prevent transaction graph Keywords: Bitcoin, decentralized electronic cash, zero knowledge analyses. Unlike earlier practical e-cash protocols, however, Zerocoin does not rely on digital signatures to validate coins, I. INTRODUCTION nor does it require a central bank to prevent double spending. Instead, Zerocoin authenticates coins by proving, in zero- Bitcoin is the first digital currency to achieve widespread knowledge, that they belong to a public list of valid coins adoption. The currency owes its rise in part to the fact that, (which can be maintained on the block chain). Yet, rather than unlike traditional e-cash schemes [1, 2, 3], it requires no trusted a full-fledged anonymous currency, Zerocoin is a decentralized parties. Instead of appointing a central bank, Bitcoin leverages a mix, where users may periodically “wash” their bitcoins via block chain distributed ledger known as the to store transactions the Zerocoin protocol. Routine day-to-day transactions must made between users. Because the block chain is massively be conducted via Bitcoin, due to reasons that we now review. replicated by mutually-distrustful peers, the information it The first reason is performance. Redeeming zerocoins contains is public. requires double-discrete-logarithm proofs of knowledge, which While users may employ many identities (or pseudonyms) have size that exceeds 45 kB and require 450 ms to verify (at to enhance their privacy, an increasing body of research shows the 128-bit security level).3 These proofs must be broadcast that anyone can de-anonymize Bitcoin by using information in the block chain [4, 5, 6], such as the structure of the transaction 1CoinJoin [7], an alternative proposal, replaces the central party of a mix graph as well as the value and dates of transactions. As a result, with multi-signature transactions that involve many collaborating Bitcoin users. Bitcoin fails to offer even a modicum of the privacy provided CoinJoin can thus only mix small volumes of coins amongst users who are currently online, is prone to denial-of-service attacks by third parties, and by traditional payment systems, let alone the robust privacy of requires effort to find mixing partners. anonymous e-cash schemes. 2While the methods we detail in this paper accomplish this, the same While Bitcoin is not anonymous itself, those with sufficient techniques open the door for privacy preserving accountability and oversight motivation can obfuscate their transaction history with the help (see Section X). 3These published numbers [8] actually use a mix of parameters at both of mixes (also known as laundries or tumblers). A mix allows 128-bit and 80-bit security for different components of the construction. The users to entrust a set of coins to a pool operated by a central cost is higher if all parameters are instantiated at the 128-bit security level. © 2014, Eli Ben-Sasson. Under license to IEEE. 459 DOI 10.1109/SP.2014.36 through the network, verified by every node, and permanently is succinct, i.e., for which proofs are very short and easy to stored in the ledger. The entailed costs are higher, by orders verify. More precisely, let L be an NP language, and let C be a of magnitude, than those in Bitcoin and can seriously tax a nondeterministic decision circuit for L on a given instance size Bitcoin network operating at normal scale. n.A zk-SNARK can be used to prove and verify membership The second reason is functionality. While Zerocoin consti- in L, for instances of size n, as follows. After taking C as tutes a basic e-cash scheme, it lacks critical features required input, a trusted party conducts a one-time setup phase that of full-fledged anonymous payments. First, Zerocoin uses results in two public keys: a proving key pk and a verification coins of fixed denomination: it does not support payments key vk. The proving key pk enables any (untrusted) prover of exact values, nor does it provide a means to make change to produce a proof π attesting to the fact that x 2 L, for an following a transaction (i.e., divide coins). Second, Zerocoin instance x (of size n) of his choice. The non-interactive proof has no mechanism for one user to pay another one directly π is zero knowledge and a proof of knowledge. Anyone can in “zerocoins.” And third, while Zerocoin provides anonymity use the verification key vk to verify the proof π; in particular by unlinking a payment transaction from its origin address, it zk-SNARK proofs are publicly verifiable: anyone can verify π, does not hide the amount or other metadata about transactions without ever having to interact with the prover that generated occurring on the network. π. Succinctness requires that (for a given security level) π has Our contribution. In this work we address the aforemen- constant size and can be verified in time that is linear in jxj tioned issues via two main contributions. (rather than linear in jCj). (1) We introduce the notion of a decentralized anonymous B. Decentralized anonymous payment schemes payment scheme, which formally captures the functionality and We construct a decentralized anonymous payment (DAP) security guarantees of a full-fledged decentralized electronic scheme, which is a decentralized e-cash scheme that allows currency with strong anonymity guarantees. We provide a con- direct anonymous payments of any amount. See Section III for struction of this primitive and prove its security under specific a formal definition. Here, we outline our construction in six cryptographic assumptions. The construction leverages recent incremental steps; the construction details are in Section IV. advances in the area of zero-knowledge proofs. Specifically, it Our construction functions on top of any ledger-based base uses zero-knowledge Succinct Non-interactive ARguments of currency, such as Bitcoin. At any given time, a unique valid Knowledge (zk-SNARKs) [9, 10, 11, 12, 13, 14, 15, 16]. snapshot of the currency’s ledger is available to all users. (2) We achieve an implementation of the above primitive, via The ledger is a sequence of transactions and is append- a system that we call Zerocash. Compared to Zerocoin, our only. Transactions include both the underlying currency’s system (at 128 bits of security): transactions, as well as new transactions introduced by our • Reduces the size of transactions spending a coin by 97:7%. construction. For concreteness, we focus the discussion below • Reduces the spend-transaction verification time by 98:6%. on Bitcoin (though later definitions and constructions are • Allows for anonymous transactions of variable amounts. stated abstractly). We assume familiarity with Bitcoin [20] • Hides transaction amounts and the values of coins held by and Zerocoin [8]. users. Step 1: user anonymity with fixed-value coins. We first • Allows for payments to be made directly to a user’s fixed describe a simplified construction, in which all coins have address (without user interaction). the same value of, e.g., 1 BTC. This construction, similar To validate our system, we measured its performance and to the Zerocoin protocol, shows how to hide a payment’s established feasibility by conducting experiments in a test origin.
Load more

Recommended publications
  • Money Laundering Using Cryptocurrency: the Case of Bitcoin!
    Athens Journal of Law - Volume 7, Issue 2, April 2021 – Pages 253-264 Money Laundering using Cryptocurrency: The Case of Bitcoin! By Gaspare Jucan Sicignano* The bitcoin, one of the most discussed topics in recent years, is a virtual currency with enormous potential and can be used almost immediately with no intervention from financial institutions. It has spread rapidly over the last few years, and all financial and governmental institutions have warned of the risk of its use for money laundering. The paper focuses on this aspect in order to understand if any purchases of bitcoins, using illicit money, can come under the anti-money laundering criminal law. Keywords: Bitcoin; Money laundering; Italian law; Cryptocurrency. Introduction The bitcoin1 is a virtual, decentralised and partially anonymous currency based on cryptography and peer-to-peer technology2. With bitcoins it is possible to buy any type of good or service securely and rapidly. Transactions need not be authorised by a central entity; rather, they are validated by all users of the platform. The system is totally secure, since it is practically impossible to hack the protocol3. Bitcoin has been much criticised over the last few years; it has quickly become public enemy number one for everything from financing terrorism to drug dealing to money laundering. It has also recently been said that bitcoin would pollute the planet due to the resources required for mining4. This paper will attempt to analyse in depth the relationship between the bitcoin and money laundering in Italian law. It will analyse the warnings issued by authorities in various sectors, as well as the opinions expressed in Italian legal literature regarding the possibility of committing money laundering and self- laundering crimes in various operations carried out using virtual currency.
    [Show full text]
  • White Paper of Bitcoin Ultimatum Introduction
    White Paper of Bitcoin Ultimatum Introduction 1. Problematic of the Blockchain 4. Bitcoin Ultimatum Architecture industry 4.1. Network working principle 1.1. Transactions Anonymity 4.1.1. Main Transaction Types 1.2. Insufficient Development of Key Aspects of the 4.1.1.1. Public transactions Technology 4.1.1.2. Private transactions 1.3. Centralization 4.1.2. Masternode Network 1.4. Mining pools and commission manipulation 4.2. How to become a validator or masternode in 1.5. Decrease in Transaction Speeds BTCU 4.3. Network Scaling Principle 2. BTCU main solutions and concepts 4.4. Masternodes and Validators Ranking System 4.5. Smart Contracts 2.1. Consensus algorithm basis 4.6. Anonymization principle 2.2. Leasing and Staking 4.7. Staking and Leasing 2.3. Projects tokenization and DeFi 4.7.1. Staking 2.4. Transactions Privacy 4.7.2. Leasing 2.5. Atomic Swaps 4.7.2 Multileasing 4.8. BTCU Technical Specifications 3. Executive Summary 4.8.1. Project Stack 4.8.2. Private key generation algorithm 5. Bitcoin Ultimatum Economy 5.1. Initial Supply and Airdrop 5.2. Leasing Economy 5.3. Masternodes and Validators Commission 5.4. Transactions Fee 6. Project Roadmap 7. Legal Introduction The cryptocurrency market is inextricably tied to the blockchain – its fundamental and underlying technology. The modern market is brimming with an abundance of blockchain protocols, algorithms, and concepts, all of which have fostered the development of a wide variety of services and applications. The modern blockchain market offers users an alternative to both established financial systems and ecosystems/infrastructures of applications and services.
    [Show full text]
  • Aggregate Cash System: a Cryptographic Investigation Of
    Aggregate Cash Systems: A Cryptographic Investigation of Mimblewimble Georg Fuchsbauer1,2, Michele Orrù2,1, and Yannick Seurin3 1 Inria 2 École normale supérieure, CNRS, PSL University, Paris, France 3 ANSSI, Paris, France {georg.fuchsbauer, michele.orru}@ens.fr [email protected] Abstract. Mimblewimble is an electronic cash system proposed by an anonymous author in 2016. It combines several privacy-enhancing techniques initially envisioned for Bitcoin, such as Confidential Transactions (Maxwell, 2015), non-interactive merging of transactions (Saxena, Misra, Dhar, 2014), and cut-through of transaction inputs and outputs (Maxwell, 2013). As a remarkable consequence, coins can be deleted once they have been spent while maintaining public verifiability of the ledger, which is not possible in Bitcoin. This results in tremendous space savings for the ledger and efficiency gains for new users, who must verify their view of the system. In this paper, we provide a provable-security analysis for Mimblewimble. We give a precise syntax and formal security definitions for an abstraction of Mimblewimble that we call an aggregate cash system. We then formally prove the security of Mimblewimble in this definitional framework. Our results imply in particular that two natural instantiations (with Pedersen commitments and Schnorr or BLS signatures) are provably secure against inflation and coin theft under standard assumptions. Keywords: Mimblewimble, Bitcoin, commitments, aggregate signatures. 1 Introduction Bitcoin and the UTXO model. Proposed in 2008 and launched early 2009, Bitcoin [Nak08] is a decentralized payment system in which transactions are registered in a distributed and publicly verifiable ledger called a blockchain. Bitcoin departs from traditional account-based payment systems where transactions specify an amount moving from one account to another.
    [Show full text]
  • Review Articles
    review articles DOI:10.1145/3372115 system is designed to achieve common Software weaknesses in cryptocurrencies security goals: transaction integrity and availability in a highly distributed sys- create unique challenges in responsible tem whose participants are incentiv- revelations. ized to cooperate.38 Users interact with the cryptocurrency system via software BY RAINER BÖHME, LISA ECKEY, TYLER MOORE, “wallets” that manage the cryptograph- NEHA NARULA, TIM RUFFING, AND AVIV ZOHAR ic keys associated with the coins of the user. These wallets can reside on a local client machine or be managed by an online service provider. In these appli- cations, authenticating users and Responsible maintaining confidentiality of crypto- graphic key material are the central se- curity goals. Exchanges facilitate trade Vulnerability between cryptocurrencies and between cryptocurrencies and traditional forms of money. Wallets broadcast cryptocur- Disclosure in rency transactions to a network of nodes, which then relay transactions to miners, who in turn validate and group Cryptocurrencies them together into blocks that are ap- pended to the blockchain. Not all cryptocurrency applications revolve around payments. Some crypto- currencies, most notably Ethereum, support “smart contracts” in which general-purpose code can be executed with integrity assurances and recorded DESPITE THE FOCUS on operating in adversarial on the distributed ledger. An explosion of token systems has appeared, in environments, cryptocurrencies have suffered a litany which particular functionality is ex- of security and privacy problems. Sometimes, these pressed and run on top of a cryptocur- rency.12 Here, the promise is that busi- issues are resolved without much fanfare following ness logic can be specified in the smart a disclosure by the individual who found the hole.
    [Show full text]
  • Does the Hashrate Affect the Bitcoin Price?
    Journal of Risk and Financial Management Article Does the Hashrate Affect the Bitcoin Price? Dean Fantazzini 1,* and Nikita Kolodin 2 1 Moscow School of Economics, Moscow State University, Leninskie Gory, 1, Building 61, Moscow 119992, Russia 2 Higher School of Economics, Moscow 109028, Russia; [email protected] * Correspondence: [email protected]; Tel.: +7-4955105267; Fax: +7-4955105256 Received: 30 September 2020; Accepted: 27 October 2020; Published: 30 October 2020 Abstract: This paper investigates the relationship between the bitcoin price and the hashrate by disentangling the effects of the energy efficiency of the bitcoin mining equipment, bitcoin halving, and of structural breaks on the price dynamics. For this purpose, we propose a methodology based on exponential smoothing to model the dynamics of the Bitcoin network energy efficiency. We consider either directly the hashrate or the bitcoin cost-of-production model (CPM) as a proxy for the hashrate, to take any nonlinearity into account. In the first examined subsample (01/08/2016–04/12/2017), the hashrate and the CPMs were never significant, while a significant cointegration relationship was found in the second subsample (11/12/2017–24/02/2020). The empirical evidence shows that it is better to consider the hashrate directly rather than its proxy represented by the CPM when modeling its relationship with the bitcoin price. Moreover, the causality is always unidirectional going from the bitcoin price to the hashrate (or its proxies), with lags ranging from one week up to six weeks later. These findings are consistent with a large literature in energy economics, which showed that oil and gas returns affect the purchase of the drilling rigs with a delay of up to three months, whereas the impact of changes in the rig count on oil and gas returns is limited or not significant.
    [Show full text]
  • Electronic Cash, Decentralized Exchange, and the Constitution
    Electronic Cash, Decentralized Exchange, and the Constitution Peter Van Valkenburgh March 2019 coincenter.org Peter Van Valkenburgh, Electronic Cash, Decentralized Exchange, and the Constitution, ​ ​ Coin Center Report, Mar. 2019, available at https://coincenter.org/entry/e-cash-dex-constitution Abstract Regulators, law enforcement, and the general public have come to expect that cryptocurrency transactions will leave a public record on a blockchain, and that most cryptocurrency exchanges will take place using centralized businesses that are regulated and surveilled through the Bank Secrecy Act. The emergence of electronic cash and decentralized exchange software challenges these expectations. Transactions need not leave any public record and exchanges can be accomplished peer to peer without using a regulated third party in between. Faced with diminished visibility into cryptocurrency transactions, policymakers may propose new approaches to financial surveillance. Regulating cryptocurrency software developers and individual users of that software under the Bank Secrecy Act would be unconstitutional under the Fourth Amendment because it would be a warrantless search and seizure of information private to cryptocurrency users. Furthermore, any law or regulation attempting to ban, require licensing for, or compel the altered publication (e.g. backdoors) of cryptocurrency software ​ ​ would be unconstitutional under First Amendment protections for speech. Author Peter Van Valkenburgh Coin Center [email protected] About Coin Center Coin Center is a non-profit research and advocacy center focused on the public policy issues facing open blockchain technologies such as Bitcoin. Our mission is to build a better understanding of these technologies and to promote a regulatory climate that preserves the freedom to innovate using blockchain technologies.
    [Show full text]
  • 3Rd Global Cryptoasset Benchmarking Study
    3RD GLOBAL CRYPTOASSET BENCHMARKING STUDY Apolline Blandin, Dr. Gina Pieters, Yue Wu, Thomas Eisermann, Anton Dek, Sean Taylor, Damaris Njoki September 2020 supported by Disclaimer: Data for this report has been gathered primarily from online surveys. While every reasonable effort has been made to verify the accuracy of the data collected, the research team cannot exclude potential errors and omissions. This report should not be considered to provide legal or investment advice. Opinions expressed in this report reflect those of the authors and not necessarily those of their respective institutions. TABLE OF CONTENTS FOREWORDS ..................................................................................................................................................4 RESEARCH TEAM ..........................................................................................................................................6 ACKNOWLEDGEMENTS ............................................................................................................................7 EXECUTIVE SUMMARY ........................................................................................................................... 11 METHODOLOGY ........................................................................................................................................ 14 SECTION 1: INDUSTRY GROWTH INDICATORS .........................................................................17 Employment figures ..............................................................................................................................................................................................................17
    [Show full text]
  • One-Out-Of-Many Proofs: Or How to Leak a Secret and Spend a Coin
    One-out-of-Many Proofs: Or How to Leak a Secret and Spend a Coin Jens Groth1? and Markulf Kohlweiss2 1 University College London 2 Microsoft Research Abstract. We construct a 3-move public coin special honest verifier zero-knowledge proof, a so-called Sigma-protocol, for a list of commit- ments having at least one commitment that opens to 0. It is not required for the prover to know openings of the other commitments. The proof system is efficient, in particular in terms of communication requiring only the transmission of a logarithmic number of commitments. We use our proof system to instantiate both ring signatures and zerocoin, a novel mechanism for bitcoin privacy. We use our Sigma-protocol as a (linkable) ad-hoc group identification scheme where the users have public keys that are commitments and demonstrate knowledge of an opening for one of the commitments to unlinkably identify themselves (once) as belonging to the group. Applying the Fiat-Shamir transform on the group identification scheme gives rise to ring signatures, applying it to the linkable group identification scheme gives rise to zerocoin. Our ring signatures are very small compared to other ring signature schemes and we only assume the users' secret keys to be the discrete logarithms of single group elements so the setup is quite realistic. Sim- ilarly, compared with the original zerocoin protocol we only rely on a weak cryptographic assumption and do not require a trusted setup. A third application of our Sigma protocol is an efficient proof of mem- bership of a secret committed value belonging to a public list of values.
    [Show full text]
  • A View from Mining Pools
    1 Measurement and Analysis of the Bitcoin Networks: A View from Mining Pools Canhui Wang, Graduate Student Member, IEEE, Xiaowen Chu, Senior Member, IEEE, and Qin Yang, Senior Member, IEEE Abstract—Bitcoin network, with the market value of $68 billion as of January 2019, has received much attention from both industry and the academy. Mining pools, the main components of the Bitcoin network, dominate the computing resources and play essential roles in network security and performance aspects. Although many existing measurements of the Bitcoin network are available, little is known about the details of mining pool behaviors (e.g., empty blocks, mining revenue and transaction collection strategies) and their effects on the Bitcoin end users (e.g., transaction fees, transaction delay and transaction acceptance rate). This paper aims to fill this gap with a systematic study of mining pools. We traced over 1.56 hundred thousand blocks (including about 257 million historical transactions) from February 2016 to January 2019 and collected over 120.25 million unconfirmed transactions from March 2018 to January 2019. Then we conducted a board range of measurements on the pool evolutions, labeled transactions (blocks) as well as real-time network traffics, and discovered new interesting observations and features. Specifically, our measurements show the following. 1) A few mining pools entities continuously control most of the computing resources of the Bitcoin network. 2) Mining pools are caught in a prisoner’s dilemma where mining pools compete to increase their computing resources even though the unit profit of the computing resource decreases. 3) Mining pools are stuck in a Malthusian trap where there is a stage at which the Bitcoin incentives are inadequate for feeding the exponential growth of the computing resources.
    [Show full text]
  • Time-Dilation Attacks on the Lightning Network
    Time-Dilation Attacks on the Lightning Network Antoine Riard Gleb Naumenko [email protected] [email protected] ABSTRACT Per time-dilation attacks, a malicious actor slows down block deliv- Lightning Network (LN) is a widely-used network of payment ery to the victim and then finalizes an expired state of the Lightning channels enabling faster and cheaper Bitcoin transactions. In this channel on-chain, before a victim can notice. paper, we outline three ways an attacker can steal funds from For a non-infrastructure attacker eclipsing full nodes is difficult, honest LN users. The attacks require dilating the time for victims to but definitely not impossible, as demonstrated by prior work[19, become aware of new blocks by eclipsing (isolating) victims from 30, 37]. Since full nodes in the LN are often used by hubs (or big the network and delaying block delivery. While our focus is on service providers), we will show that an attacker may justify the the LN, time-dilation attacks may be relevant to any second-layer high attack cost by stealing their aggregate liquidity during one protocol that relies on a timely reaction. short (several hours) Eclipse attack. According to our measurements, it is currently possible to steal At the same time, we will demonstrate that Eclipse attacks are the total channel capacity by keeping a node eclipsed for as little as 2 easier to carry out against the many LN users whose wallets rely on hours. Since trust-minimized Bitcoin light clients currently connect light client protocols to obtain information from the Bitcoin network, to a very limited number of random nodes, running just 500 Sybil and light client implementations are currently more vulnerable to nodes allows an attacker to Eclipse 47% of newly deployed light Eclipse attacks then full nodes.
    [Show full text]
  • Biva : Bitcoin Network Visualization & Analysis
    This document is downloaded from DR‑NTU (https://dr.ntu.edu.sg) Nanyang Technological University, Singapore. BiVA : Bitcoin network visualization & analysis Oggier, Frédérique; Phetsouvanh, Silivanxay; Datta, Anwitaman 2018 Oggier, F., Phetsouvanh, S., & Datta, A. (2018). BiVA : Bitcoin network visualization & analysis. Proceedings of 2018 IEEE International Conference on Data Mining Workshops (ICDMW). doi:10.1109/ICDMW.2018.00210 https://hdl.handle.net/10356/88895 https://doi.org/10.1109/ICDMW.2018.00210 © 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1109/ICDMW.2018.00210 Downloaded on 26 Sep 2021 15:28:46 SGT BiVA: Bitcoin Network Visualization & Analysis Fred´ erique´ Oggier Silivanxay Phetsouvanh and Anwitaman Datta Division of Mathematical Sciences School of Computer Science and Engineering Nanyang Technological University, Singapore Nanyang Technological University, Singapore Email: [email protected] Email: [email protected], [email protected] Abstract—We showcase a graph mining tool, BiVA, for visu- There are numerous works (e.g. [5], [8], [17]) that analyze alization and analysis of the Bitcoin network. It enables data and generate infographics, often of macroscopic aspects of exploration, visualization of subgraphs around nodes of interest, cryptocurrencies, such as the variation of price and volume and integrates both standard and new algorithms, including a general algorithm for flow based clustering for directed graphs, of transactions over time.
    [Show full text]
  • Notice of Filing of a Proposed Rule Change to List and Trade Shares of the Wise Origin Bitcoin Trust Under BZX Rule 14.11(E)(4), Commodity-Based Trust Shares
    SECURITIES AND EXCHANGE COMMISSION (Release No. 34-91994; File No. SR-CboeBZX-2021-039) May 25, 2021 Self-Regulatory Organizations; Cboe BZX Exchange, Inc.; Notice of Filing of a Proposed Rule Change to List and Trade Shares of the Wise Origin Bitcoin Trust under BZX Rule 14.11(e)(4), Commodity-Based Trust Shares Pursuant to Section 19(b)(1) of the Securities Exchange Act of 1934 (the “Act”),1 and Rule 19b-4 thereunder,2 notice is hereby given that on May 10, 2021, Cboe BZX Exchange, Inc. (the “Exchange” or “BZX”) filed with the Securities and Exchange Commission (the “Commission”) the proposed rule change as described in Items I, II, and III below, which Items have been prepared by the Exchange. The Commission is publishing this notice to solicit comments on the proposed rule change from interested persons. I. Self-Regulatory Organization’s Statement of the Terms of Substance of the Proposed Rule Change Cboe BZX Exchange, Inc. (the “Exchange” or “BZX”) is filing with the Securities and Exchange Commission (“Commission”) a proposed rule change to list and trade shares of the Wise Origin Bitcoin Trust (the “Trust”),3 under BZX Rule 14.11(e)(4), Commodity-Based Trust Shares. The text of the proposed rule change is also available on the Exchange’s website (http://markets.cboe.com/us/equities/regulation/rule_filings/bzx/), at the Exchange’s Office of the Secretary, and at the Commission’s Public Reference Room. 1 15 U.S.C. 78s(b)(1). 2 17 CFR 240.19b-4. 3 The Trust was formed as a Delaware statutory trust on March 17, 2021 and is operated as a grantor trust for U.S.
    [Show full text]