Is Bitcoin really anonymous?

Tram Ho

The advent of Bitcoin promises to open up a new future of finance and banking when users do not need to depend on intermediaries, pay high transaction fees or wait a week to receive the money sent from. Relatives abroad. However, Bitcoin is also notorious for helping underground activities such as money laundering or arms trading due to its anonymity. So, is Bitcoin really completely anonymous as we thought?

Bitcoin is a secure and anonymous digital currency — WikiLeaks

Bitcoin won’t hide you from the NSA’s prying eyes — Wired UK

1. In terminology

Anonymous from the Cambridge dictionary explains the following: without the name of the author, giver etc being known or given (translated as anonymous).

Pseudonymity is roughly translated as anonymous.

When participating in the Bitcoin network, users are identified by their account address (address). While it is not a real name, it is not entirely anonymous, so in terms of genuine term, Bitcoin is only considered Pseudonymity instead of Anonymous . However, for simplicity, we often call Bitcoin an anonymous system.

2. Anonymity

A completely anonymous system is a system that ensures that the identifier on the system cannot or is difficult to retrieve the true information of the participants. Does Bitcoin guarantee that?

  • When one node transmits the transaction of an address on the network, other nodes can know the IP address of the node from which to retrieve information such as geographic location.
  • You go to buy BTC on the exchanges and need to provide information such as credit card, email … Personal information.
  • For example, if you buy and buy a cup of coffee with Bitcoin, the owner will know this bitcoin address is yours.
  • Information about every transaction (sender, recipient, value) is public on the blockchain. If your account is assigned with a real identifier, people can view your entire transaction history.

3. Mixing

Some notes :

  • Typically, the transaction inputs come from an account. However, the Bitcoin protocol does not require the inputs of a transaction to come from the same account.
  • The address to return the change in the output of the transaction is not necessarily the same as the address at the input. Usually, the wallet address at the output will be a different address from the sender.
  • Although the address has been changed after each transaction, the input of the transaction has only one account, so it is not difficult to track the recipient as well as the value of the transaction.

Mixing is a service that will merge multiple inputs from different accounts, which will make it harder to track which output of which account.

Let’s take a look at the illustration above when transaction 2 uses the CoinJoin protocol:

  • Transaction 2 has 3 inputs: 1 of address 1C3 , 2 of 1A1
  • Transactions with 2 outputs are worth 0.8 BTC, both will make it more difficult to track transactions.

The difficulty will increase even more when the transaction inputs come from 10-20 or even 50 different accounts

You can refer to the following 2 transactions using 2 and 3 inputs respectively .

There are 2 types of Mixing services:

  1. Centralized: You need to trust the service, this type of centralized service can be deceptive (with unreliable services) or unauthorized use of your transaction information as provided to the party. 3 for example. Relatively popular services like SmartMix or ChipMixer
  2. Decentralized: Solving existing problems of centralized Mixing services. This section we will learn about CoinJoin .

Wallets with CoinJoin integration like Wasabi or Samourai . These wallets also integrate the TOR protocol to hide the IP address of the sender

4. ZeroCoin / ZeroCash

Zero Knowledge Proof (ZKP)

Before learning what ZeroCoin / ZeroCash is? We will take a look at Zero Knowledge Proof (An important mechanism used in ZeroCoin / ZeroCash).

ZKP has 2 components: Verifier and Prover . The ZKP mechanism was achieved when Prover proved to the Verifier that he knew this but did not need to disclose the details of the information.

It sounds a bit confusing. We will illustrate it with a simple example:

  • Alice has 2 identical size balls, only different in color. However, she was color blind so she could not distinguish the difference in color between the two balls and thought that the two balls were no different.
  • Bob told Alice: “These two balls are different colors”. But how did Alice know that Bob didn’t lie?
  • Alice will make convention with Bob about the number of 2 balls (the ball on the left is number 1, the ball on the right is number 2).
  • Next, she hid two balls behind her back and shuffled them away and then showed one to Bob to see. So many times, if Bob always said the correct number of the ball, Alice believed that Bob did not lie because if Bob lies, the probability of guessing each time is 0.5 (if many times, the probability of guessing Bob’s correctness would be extremely low).
  • Bob proves to Alice that the balls are different in color but there is no need to reveal details about the colors of the balls.


ZeroCoin is a protocol proposed by a group of scientists from leading universities in the world such as MIT, Tel Aviv, Johns Hopkins to increase privacy and anonymity on Bitcoin network. ZeroCoin uses encryption algorithms and ZKP mechanism to completely hide the origin of transactions, prevent transaction traceability and identify agents on the network.

The goal of the original ZeroCoin developers is:

Our goal is to build a cryptocurrency where your neighbors, friends and enemies can’t see what you bought or for how much.

Nomadic is building a completely anonymous digital currency system, where you won’t be able to be tracked

Note : ZeroCoin has not been implemented on Bitcoin network because implementing ZeroCoin needs to be implemented at the protocol layer, high complexity as well as the need for consensus from the community as well as the development team.


ZeroCoin’s idea to help anonymize on Bitcoin is to change from one amount of Bitcoin to the corresponding amount of Bitcoin through an intermediary called zerocoin . From there, tracing the transaction would be impossible because the original amount of Bitcoin had nothing to do with the amount of Bitcoin being converted. This form is similar to the money laundering done by individuals or illegal organizations.

Specific process

Convert bitcoin into zerocoin

  1. Create an S serial number and a secret number r .
  2. Calculate the Commit (S, r). Commitment scheme is an algorithm in code, within the scope of this article we will not learn details about this algorithm. If you want to learn more you can refer here
  3. Publish commitment on blockchain. List commiment is denoted {c1, c2, …, cn}.

Converting zerocoin into bitcoin

In exchange for converting zerocoin to bitcoin , users need to prove that they created the zerocoin . In more detail, prove that you know the secret number r of one of the commitments being stored on the blockchain.

  1. Create the transaction with the serial number S (reveal S). Means: “I know some r that Commit (S, r) belongs to {c1, c2, …, cn}”.
  2. Miner will confirm the transaction. With serial number S, miner can check S in one of the Commitment or not but will not know the specific serial number S is under any Commitment? (Miner only knows S but not r ).
  3. Check that the serial number S has been used in any transaction yet? (avoid double-spend).
  4. Transaction output is the amount of bitcoin converted.


Factors that make anonymity of zerocoin through 2 above processes:

  • During the process, r is not exposed.
  • No one knows which S serial number corresponds to which zerocoin . From there lost track of the original Bitcoin used to convert into zerocoin and new Bitcoin.


  • Complicated, need to deploy at the protocol layer (protocol). Need the consensus of large community and development team.
  • Due to the conversion mechanism and encryption functions, zerocoin is very slow (about 2 tx / s).
  • The value of the transaction has not been hidden yet.


ZeroCash is ZeroCoin’s successor to overcome the limitations of the brother. ZeroCash is the foundation for the development team to create a new coin, Zcash .

Features of ZeroCash:

  • Use a new technique called zero-knowledge succinct noninteractive arguments of knowledge (zk-SNARKs).
  • Faster than ZeroCoin.
  • Hide the transaction input value.

Regarding the specifications of ZeroCash applied in Zcash , please allow to see you in an article not far.


In this article, I introduced the concepts, methods, and anonymous protocols applied on Bitcoin. Of course, there are still missing some un mentioned names such as CoinWitness , etc. The description of the ZerCoin protocol is also only conceptual, ideological but not in depth, detailing the operations of the algorithm. In the near future, see you all in the article about Zcash


Bitcoin and Cryptocurrency Technologies

Bitcoin Magazine

BitCoin Wiki

Share the news now

Source : Viblo