This is a short summary of the transaction clustering attack for Bitcoin and other cryptocurrencies.
Transaction clustering attack
Cryptocurrencies rely on P2P networks to propagate transactions. Bitcoin implements transaction randomization (also known as diffusion) to prevent network-level deanonymization attacks based on traffic analysis. However, these measures are not fully effective.
We show that the privacy of cryptocurrency users can be breached by a well connected adversary who captures and analyzes the network traffic. In particular, we derive and test a network-based method of transaction clustering. In more detail, we show that a network-wide adversary can put transactions into groups (clusters), where each cluster corresponds to a node which initially sent them into the network. The key insight of our method is that transactions broadcast from the same node have a more smilar propagation pattern than random transactions. We quantify this similarity by assigning weights to IP addresses in depending on the time they first announced a given transaction, and calculate correlation coefficients between such vectors. We then use a bi-clustering algorithm which detects the permutation of rows and columns in the correlation matrix such that the clusters are visible along the main diagonal.
Our method gives good results on the Bitcoin testnet, where we see our own transaction forming clear clusters. The same applies to Zcash. On Bitcoin mainnet, the picture is less clear. On Dash and Monero, we did not perform the full scale experiment, but we showed that the traffic structure also exhibits properties that we used for this attack.
We advice users to not use the same connections to broadcast transactions within a short period of time. Instead, users should re-connect to a new set of entry nodes. We are looking forward for planned developments in the Bitcoin networking layer (such as Erlay and Dandelion++), which would protect users from this attack.