| Decentralized ledger-based cryptocurrencies like Bitcoin present a way to construct pay-ment systems without trusted banks.However,as the first application of blockchain technology,which is the underlying technology of Bitcoin system,Bitcoin suffers from a number of issues which prevent Bitcoin from taking the place of traditional currency.One major issue of Bitcoin is the fragile privacy protection.All the Bitcoin transaction details are public to access.By analyzing transaction relation graphs and the transaction timestamps,it is possible to link the Bitcoin addresses with their real world identities.Therefore,low privacy gaurantee becomes an obstacle against the popularity of Bitcoin.Another problem of Bitcoin is poor efficiency,with each transaction requiring 10 minutes to confirm,and the low throughput brought by the block size limit of 1MB.Zerocash is specially designed to protect privacy of transactions,and becomes the first full-fledged anonymous ledger-based currency.Zerocash makes use of zero-knowledge proof,specifically zk-SNARK,to protect privacy.However,the utilization of zero-knowledge proof makes the following problems even worse:poor scalability and low efficiency.In this thesis,we address the privacy issue by constructing new privacy protection technolo-gies based on the current work of Zerocash,to ensure the high efficiency and throughput while maintaining the transaction anonymity.We accomplish this by constructing a micropayment system in Zerocash called Z-Channel.First,we improve the Decentralized Anonymous Payment(DAP)scheme of Zerocash to support multisignature and time lock functionalities,and construct the DAP+scheme.The original DAP scheme only supports the basic payment functionality,i.e.transfer of ownership between Zerocash addresses,while lacking the features required to implement a micropayment system.Specifically,Zerocash does not support multisignature that allows multiple users to share an account,either the time lock functionality,which makes it possible to implement the punishing mechanism.Then we construct Z-Channel based on the improvement introduced by DAP+scheme.In Z-Channel,parties store their currency into a shared account,and sign for each other a transaction for shutting down the channel,so that each of the parties is able to terminate the channel alone,to prevent possible malicious behavior of the other party.Furthermore,we introduced punishing transactions that involves time lock,to prevent malicious attackers from publishing obsolete closing transactions.Next,we define and prove the completeness and security of DAP+scheme and Z-Channel protocol.Specifically,we prove that DAP+scheme satisfies the properties of ledger-indistinguishability,non-maliability,and balance,while Z-Channel satisfies channel privacy and currency security.Finally,we implement the DAP+scheme and Z-Channel protocol by C++code.Particu-larly,we construct the zk-SNARK circuit for DAP+scheme,generate the proving and verification key,and execute the proving and verifying procedures.We also simulate the payments con-ducted in Z-Channel.Our experiments demonstrate that Z-Channel significantly improves the scalability and reduces the confirmation time for Zerocash payments. |
PDF Full Text Request