A set of tools used for identifying CoinJoin transactions in the Bitcoin blockchain and attacking the privacy afforded by those transactions.
Currently, the only form of heuristic used by this tool is intra-transaction analysis of CoinJoin trasactions that leak information through poor matching of input to output values, leading to a deceptively small anonymity set. This is accomplished through brute forcing of the possible summations between inputs and outputs, less a few small improvements in efficiency. The time to required to perform this analysis is an expoential function of the number of inputs and outputs; it is related to the Subset-Sum problem from complexity theory.
This tool was used to perform the research published at this advisory: http://coinjoinsudoku.com/
Kristov Atlas Twitter: @kristovatlas Email: firstname lastname @gmail.com www: http://kristovatlas.com
SharedCoin is a service offered by Blockchain.info that implements a protocol based on CoinJoin. At some points during its history, it has been vulnerable to sudoku analysis. This script will search for transactions that look like they could be SharedCoin transactions. It currently utilizes the Blockchain.info API rather than a local copy of the blocckahin, which makes the code simpler and saves on storage but is many times slower as API query rate is the bottleneck at a typical rate of 87 transactions processed per minute when using an API key.
-
Open
findSharedCoinTxs.phpand change the$startingBlockHashvariable to the hash of a block that you would like to start searching from. Currently, this code can only scan backwards in the blockchain. You can also set$numTransactionsToExamineto set a maximum number of candidate transaction that should be considered as possible SharedCoin transactions. -
Set the number of seconds to sleep between queries by setting
NUM_SEC_DELAY_BEFORE_REQUESTinThrottledDomReader.phpandNUM_SEC_DELAY_BEFORE_REQUESTinThrottledJSONReader.php. Also, if you wish to use an API key, you can specify that inBlockchainInfoBlockReader.phpwith theBLOCKCHAIN_INFO_BLOCK_URL_API_KEYvariable and inBlockchainInfoTxReader.phpwith theBLOCKCHAIN_INFO_TX_JSON_API_KEYvariable. If you are not going to specify an API key, a reasonable throttle to set between queries to avoid IP bans is 6 seconds. -
Run
php findSharedCoinTxs.php
Results will be printed to stdout upon completion, as well as saved in a log file of the form 'scdump_yyyy-mm-dd hh-mm-ss.log'.
TODO
There are two scripts for pre-computing permutations that are required for this tool's sudoku anaylsis. runSetSearch.php will begin pre-computation from scratch. The larger the number of elements you are trying to permute, the longer this computation will take, and so this project also provides runSetSearchAfterFileLoad.php, which can open up a log file previously generated by runSetSearch.php and resume progress, rather than starting over again entirely.
TODO
TODO
This heuristic relies first on precomputation of permutations. Some of the permutations that I have already precomputed are contained in the /data/permutations/ directory.
TODO
TODO