What is an IP address?

An Internet Protocol (IP) address can be thought of like your home address. It uniquely identifies you on the Internet. When someone wants to send you a piece of mail or a package, they send it to your home address (or any other physical address you want to receive mail at). Similarly, if anyone wants to send you some data over the Internet–music, video, programs, websites, et cetera–they need a way to reach you. That’s where your IP address comes in.

You also use IP addresses to navigate the Internet. Instead, though, the Domain Name System (DNS) helps out. Instead of typing 172.217.8.206, you type google.com. DNS translates human-readable forms, like google.com, into the hard to remember IP addresses where those servers reside. Say you have a friend, John. Instead of telling your other friends to go to 1234 Main Street, New York, NY every time, you just tell them to go to John’s house. Everyone automatically translates that simple request into John’s known address. (As a side note, Google maintains a large number of IP addresses. The IP address mentioned above is not the only way to reach their website.)

Internet Service Providers (ISPs) negotiate the flow of data between your device and the Internet. They are gatekeepers, essentially. Considering that they control the route, they are also able to see all traffic that passes through that route. When using plain HTTP, data is sent over the network in plaintext (not encrypted). When sent over HTTPS, the data is encrypted and then sent over the network. This prevents the ISP from easily looking at what you’re sending. Additionally, an ISP has plenty of personally identifying information on you considering they require it for you to sign up for their services, including name, address, and banking information.

How does it relate to a transaction on Zcoin?

Zcoin transactions do not contain IP addresses. Bitcoin, and its derivatives, operate in the same fashion.

A transaction contains:

· the amount

· sending addresses

· receiving addresses

Why, then, is it recommended to hide your IP address for transactions?

When transactions are created and sent, it is merely relayed across the entire network. This can be done by a method of trickling or diffusion, which we’ll discuss later. In either event, a motivated adversary with access to a node that connects to most other nodes in the network can gather, record, and analyze the transaction data in order to piece together where a transaction may have originated from. That is, this adversary may be able to follow the graph of data and identify the source IP address of the given transaction. As Dan Kaminsky notes in his Black Hat USA 2011 talk, Black Ops of TCP/IP 2011, “[when] you’re connected to every node, the first node to inform you of a transaction is the source of it.” Giulia Fanti and Pramod Viswanath show in Deanonymization in the Bitcoin P2P Network that such deanonymization occurs with up to 30% accuracy.

While diffusion attempts to help protect against this by delaying the relaying of transactions, it does not offer much more anonymity than its predecessor, trickling. As Fanti and Viswanath summarize, “trickle and diffusion have similar probabilities of detection.”

However, hiding your IP address can help in preserving your privacy. One such method of doing such is by using Tor, which we’ll discuss next. Even if analysis by an adversary as depicted above occurs and the source IP address is discovered, your real IP address is still safe.

As Gavin Andreson is quoted as saying in Kaminsky’s talk:

Unless you are very careful in the way you use Bitcoin (and you have the technical know-how to use it with other anonymizing technologies like Tor or i2p), you should assume that a persistent, motivated attacker will be able to associate your IP address with your bitcoin transactions.

What is Tor (The Onion Router)

Tor provides a level of privacy by routing your network traffic through “a series of virtual tunnels.” Instead of directly connecting to a website, your traffic travels through these tunnels to the destination. Your traffic follows a random sequence through Tor relays to route your traffic. Additionally, the pathway you take is not known in its entirety to others.

When data is passed off to a relay, that relay only knows the relay that gave it the data and the next relay it is giving the data to. That is, a given relay only knows about its immediate neighbors and nothing about the remainder of the route. There are new encryption keys used for each hop to ensure that a given hop cannot trace any connections through identical keys.

Traffic analysis is unable to generate a link between the source and destination due to the visibility from each relay. Further, the same circuit is used for all connections that occur within the same ten minutes. Additional requests use a new circuit, stopping anyone from linking previous requests.

In terms of cryptocurrency transactions, this means that the motivated adversary from before will be unable to determine the source IP address as the IP address they will see will be one from the virtual tunnels, not yours.

Zcoin has had full TOR support for quite some time and now with the most recent version of the release, it will be easier for casual users to switch on and off.

Why blockchain privacy is important and not just IP address protection

In Deanonymisation of Clients in Bitcoin P2P Network, Alex Biryukov, Dmitry Khovratovich, and Ivan Pustogarov explain, “We demonstrate that the use of Tor does not rule out the attack as Tor connections can be prohibited for the entire network.” This means that IP address protection is not the only thing that matters. Rather, blockchain privacy must be built in to ensure privacy as well.

Several problems plague cryptocurrencies that don’t implement blockchain privacy:

Multi-input transactions. When there isn’t enough of a given coin in a given address, wallets can combine the coins in multiple addresses in your wallet in order to satisfy the payment. Considering that this only works with addresses that are in your wallet, this shows that multiple addresses are grouped in one wallet when viewing transaction data. If a single address that is part of a multi-input transactions is linked to an identity, then they all become linked to that identity.

Building on the idea of multiple inputs, multiple outputs can also erode privacy. Change addresses are generated to collect the change of a transaction. Think of it like inserting $2 into a vending machine for a bag of chips that cost $1.25. The vending machine returns $0.75. In Bitcoin, though, you’ll be getting the change in a new address. While this is done in the interest of user privacy, it can also be used to link a single change address to multiple addresses that were used for the input. It then follows that they can all be linked together if a single address is tied to an identity.

Exchanges. To combat money laundering of fiat currencies, exchanges are required to collect information about you. They also provide an address for your account to use. Considering that this address will be the intermediary between the fiat currency and cryptocurrency, it could reveal your identity once you deposit or withdraw from the exchange.

General linkage. Some people put their Bitcoin address on their blog that may use their true identity. That address is then already linked to their identity.

An important aspect of Zcoin is in its solution to blockchain privacy through the implementation of the Zerocoin protocol. With Zerocoin, the user is able to “burn” coins to create brand new coins for spending later — effectively severing the link between them.

What’s next?

There is ongoing research as to how to improve the privacy of cryptocurrencies. Dandelion has garnered support in the Bitcoin community and Zcoin is looking at it as a potential solution. Dandelion works by implementing asymmetry whereby a transaction is initially relayed normally. It then takes a change from the traditional approach by then being broadcast by a node down the line; that is, the source node is not the one that broadcasts the transactions to the entire network. This process and its resultant pattern ends up looking like a dandelion and makes it more difficult to determine the source than trickling or diffusion. Sigma and EZC research is also underway. In the mid-term, Zcoin will be releasing MTPv2, BIP47 for stealth addresses and a decentralized mixer for Ethereum.

For more information on Zcoin and where to buy it, go to http://zcoin.io

Follow us on Twitter https://twitter.com/zcoinofficial and Instagram https://www.instagram.com/zcoinofficial/

Join our Discord here https://discordapp.com/invite/4FjnQ2q