Researchers from Carnegie Mellon University have released a study into the privacy features of Monero (XMR) and Zcash (ZEC) — arguably the two most-popular crypto assets purporting to offer users anonymity.
The report finds that Monero’s introduction of strict security and anonymity requirements on its broader ecosystem has maintained the asset’s status as “effectively untraceable.”
Transversely, the report concludes that the lack of utilization of Zcash’s privacy capabilities on the part of more than 99% of users undermines the privacy of the overall network despite ZEC offering “strong cryptographic features.”
Zcash user behavior undermines privacy
The report describes Zcash as a Bitcoin (BTC) fork that seeks “to completely break the link between the sender and the receiver.”
The researchers assert that “Zcash is not widely used” currently, citing a May 2020 survey of darknet markets indicating that “it [, Zcash,] is by far not the preferred cryptocurrency on the dark web.”
Through employing zero-knowledge succinct non-interactive arguments of knowledge, or SNARKs, ZEC is able to prevent any interaction between transaction prover and verifier — creating “a barrier that further impedes efforts to link addresses together.”
However, Zcash offers both anonymous shielded and pseudonymous transparent transactions, with the researchers finding that only 0.09% of ZEC transactions within a 30-day period made full use of the protocol’s privacy features.
“[E]ven though cryptographically Zcash is very well-founded, the users behave in a way that does not take full advantage of the shielded pool, making them traceable. As each user in the shielded pool becomes linked to the transparent pool, the overall anonymity of the ZEC ecosystem reduces as the anonymity set shrinks drastically.”
“[I]t seems that the large majority of Zcash users do not yet understand Zcash’s operating model,” the study finds, concluding that the “minuscule” set of ZEC users utilizing shielded transactions renders Zcash “effectively traceable.”
30% of XMR Transactions Found to be Traceable
The report notes that an increasing number of altcoins have sought to brand themselves as privacy coins, claiming to offer completely private transactions in contrast to the pseudonymous transactions enabled by nearly all crypto assets.
The researchers observe several features of Monero designed to provide untraceability and unlinkability.
One-time use addresses are employed for every transaction output to prevent linkability, while traceability is addressed with one-time ring signatures — a form of zero-knowledge proof, alongside decoy inputs called mixins.
The paper also examines a number of further upgrades introduced to the protocol from 2017 onwards, finding that less than one percent of transactions carried out using XMR over the last two years were traceable according to most methods of analysis employed.
However, one model was still able to reveal transaction inputs with an accuracy of 30%.