Listening to Whispers of Ripple: Linking Wallets and Deanonymizing Transactions in the Ripple Network

Open access


The decentralized I owe you (IOU) transaction network Ripple is gaining prominence as a fast, low-cost and efficient method for performing same and cross-currency payments. Ripple keeps track of IOU credit its users have granted to their business partners or friends, and settles transactions between two connected Ripple wallets by appropriately changing credit values on the connecting paths. Similar to cryptocurrencies such as Bitcoin, while the ownership of the wallets is implicitly pseudonymous in Ripple, IOU credit links and transaction flows between wallets are publicly available in an online ledger. In this paper, we present the first thorough study that analyzes this globally visible log and characterizes the privacy issues with the current Ripple network. In particular, we define two novel heuristics and perform heuristic clustering to group wallets based on observations on the Ripple network graph. We then propose reidentification mechanisms to deanonymize the operators of those clusters and show how to reconstruct the financial activities of deanonymized Ripple wallets. Our analysis motivates the need for better privacy-preserving payment mechanisms for Ripple and characterizes the privacy challenges faced by the emerging credit networks.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Becoming a Ripple Gateway. Ripple online documentation.

  • [2] Becoming a Stellar Gateway. Stellar online documentation.

  • [3] Bitcoin Wiki: Mixing Services.

  • [4] Executive Summary for Financial Institutions. Ripple online documentation.

  • [5] Hot and Cold Wallets. Ripple online documentation.

  • [6] Litecoin.

  • [7] Namecoin.

  • [8] Ripple brochure.

  • [9] Ripple names with their balance of XRP. Reddit.

  • [10] Ripple Website.

  • [11] Terracoin.

  • [12] Ripple privacy. Ripple Forum Nov 2012.

  • [13] CoinJoin: Bitcoin Privacy for the Real World. Post on Bitcoin Forum Aug. 2013.

  • [14] Dividend Rippler. Ripple Forum Jun 2013.

  • [15] Introducing Goodwill. Ripple Forum May 2013.

  • [16] Introducing Ripple Currency: DYM. Bitcointalk Forum Mar 2013.

  • [17] Ripple allows payments to any Bitcoin address straight from its client. Gigaom Blog Jul 2013.

  • [18] Are XRP or STR effective at preventing ledger spam?. Ripple Forum Aug 2014.

  • [19] [Closing] Peercover. Ripple Forum Mar 2014.

  • [20] Fidor Bank: Testing the ’Auslandsüberweisung über Ripple’. Archive from XRPTalk Forum Aug 2014.

  • [21] Fidor Becomes First Bank to Use Ripple Payment Protocol. CoinDesk Blog May 2014.

  • [22] Ripple Labs Signs First Two US Banks. Ripple Blog Sep 2014.

  • [23] Ripple Privacy - details on proxy payments or alternative? Ripple Forum Nov 2014.

  • [24] Using multi-signature transactions to provide privacy. Ripple Forum Oct 2014.

  • [25] Australia’s Commonwealth Bank Latest to Experiment With Ripple. CoinDesk Blog May 2015.

  • [26] Bank-Wise Analysis of Blockchain Activity. Let’s Talk Payments Blog Aug 2015.

  • [27] Breaking the taboo on private Ripple ledgers. Ripple Forum Jul 2015.

  • [28] How EarthPort and Ripple are teaming up to make crossborder payments instant. Blog Aug 2015.

  • [29] How Marco Montes is Empowering Migrant Workers. Ripple Blog Feb 2015.

  • [30] Implementing the Interledger Protocol in Ripple. Ripple blog Oct 2015.

  • [31] Microsoft Explores Adding Ripple Tech to Blockchain Toolkit. CoinDesk Blog Dec 2015.

  • [32] Ripple Gateway List. Ripple online documentation Nov 2015.

  • [33] Ripple Labs Joins International Payments Framework Association. Ripple Blog Mar 2015.

  • [34] Ripple Labs joins the Center for Financial Services Innovation. Ripple Blog Feb 2015.

  • [35] Ripple Labs Joins W3C Web Payment Interest Group to Help Set Standards for the Value Web. Ripple online documentation Feb 2015.

  • [36] Ripple Labs Named a Technology that by World Economic Forum. Ripple Blog Aug 2015.

  • [37] Santander: Distributed Ledger Tech Could Save Banks $20 Billion a Year. Ripple Blog Jun 2015.

  • [38] StellarVerse’s Cold Wallet Generator. Stellar Forum Jan 2015.

  • [39] What would you like to see in Ripple? Ripple Forum Jun 2015.

  • [40] World Economic Forum Report: The Rise of Non-Traditional Payment Systems. Ripple Blog Jul 2015.

  • [41] Earthport launches distributed ledger hub via Ripple 2016.

  • [42] Japan’s SBI Holdings Teams With Ripple to Launch New Company. CoinDesk Blog Jan 2016.

  • [43] Royal bank of canada teams up with ripple for blockchain remittance system. Coinspeaker Blog Feb 2016.

  • [44] Santander Becomes the First U.K. Bank to Use Ripple for Cross-Border Payments. Ripple blog May 2016.

  • [45] Androulaki E. Karame G. O. Roeschlin M. Scherer T. and Capkun S. Evaluating User Privacy in Bitcoin. Financial Cryptography and Data Security: 17th International Conference FC 2013 pp. 34-51.

  • [46] Barber S. Boyen X. Shi E. and Uzun E. 16th International Conference Financial Cryptography and Data Security. 2012 ch. Bitter to Better - How to Make Bitcoin a Better Currency pp. 399-414.

  • [47] Biryukov A. Khovratovich D. and Pustogarov I. Deanonymisation of clients in bitcoin p2p network. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (2014) CCS ’14 pp. 15-29.

  • [48] Biryukov A. and Pustogarov I. Bitcoin over tor isn’t a good idea. In Security and Privacy (SP) IEEE Symposium on (2015) IEEE pp. 122-134.

  • [49] Bissias G. Ozisik A. P. Levine B. N. and Liberatore M. Sybil-resistant mixing for bitcoin. In Proceedings of the 13th Workshop on Privacy in the Electronic Society WPES ’14 pp. 149-158.

  • [50] Blondel V. Guillaume J. Lambiotte R. and Mech E. Fast unfolding of communities in large networks. J. Stat. Mech (2008) P10008.

  • [51] Bonneau J. Narayanan A. Miller A. Clark J. Kroll J. A. and Felten E. W. Mixcoin: Anonymity for Bitcoin with accountable mixes. In Proc. of the 17th International Conference on Financial Cryptography and Data Security FC’14 Springer.

  • [52] Dingledine R. Mathewson N. and Syverson P. Tor: The second-generation onion router. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 SSYM’04 pp. 21-21.

  • [53] Fortunato S. and Castellano C. Community Structure in Graphs. In Encyclopedia of Complexity and Systems Science. 2009 pp. 1141-1163.

  • [54] Fugger R. Money as IOUs in Social Trust Networks & A Proposal for a Decentralized Currency Network Protocol 2004.

  • [55] Ghosh A. Mahdian M. Reeves D. M. Pennock D. M. and Fugger R. Mechanism design on trust networks. In Proceedings of the 3rd International Conference on Internet and Network Economics WINE’07 pp. 257-268.

  • [56] Hay M. Miklau G. Jensen D. Towsley D. and Weis P. Resisting Structural Re-identification in Anonymized Social Networks. Proc. VLDB Endow. 1 1 (2008) 102-114.

  • [57] Heilman E. Baldimtsi F. and Goldberg S. Blindly signed contracts: Anonymous on-blockchain and offblockchain bitcoin transactions. IACR Cryptology ePrint Archive 2016 (2016) 56.

  • [58] Kaminsky D. Black Ops of TCP/IP 2011. Black Hat USA 2011.

  • [59] Karlan D. Mobius M. Rosenblat T. and Szeidl A. Trust and Social Collateral. The Quarterly Journal of Economics 124 3 (2009) 1307-1361.

  • [60] Korayem M. and Crandall D. J. De-anonymizing users across heterogeneous social computing platforms. In ICWSM (2013) E. Kiciman N. B. Ellison B. Hogan P. Resnick and I. Soboroff Eds. The AAAI Press.

  • [61] Koshy P. Koshy D. and McDaniel P. An Analysis of Anonymity in Bitcoin Using P2P Network Traffic. Financial Cryptography and Data Security: 18th International Conference FC 2014. pp. 469-485.

  • [62] Kullback S. and Leibler R. A. On Information and Sufficiency. The Annals of Mathematical Statistics 22 1 (1951) 79-86.

  • [63] Meiklejohn S. and Orlandi C. Privacy-Enhancing Overlays in Bitcoin. Financial Cryptography and Data Security: FC 2015 International Workshops BITCOIN. pp. 127-141.

  • [64] Meiklejohn S. and Orlandi C. Privacy-Enhancing Overlays in Bitcoin. Financial Cryptography and Data Security: FC 2015 International Workshops BITCOIN. pp. 127-141.

  • [65] Miers I. Garman C. Green M. and Rubin A. D. Zerocoin: Anonymous distributed e-cash from bitcoin. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (2013) pp. 397-411.

  • [66] Mislove A. Post A. Druschel P. and Gummadi P. K. Ostra: Leveraging trust to thwart unwanted communication. In 5th USENIX Symposium on Networked Systems Design & Implementation NSDI 2008 Proceedings pp. 15-30.

  • [67] Mittal P. Papamanthou C. and Song D. X. Preserving Link Privacy in Social Network Based Systems. In Network and Distributed System Security 2013.

  • [68] Mohaisen A. Hopper N. and Kim Y. Keep your friends close: Incorporating trust into social network-based Sybil defenses. In INFOCOM 2011 Proceedings IEEE (2011) pp. 1943-1951.

  • [69] Mohaisen A. Tran H. Chandra A. and Kim Y. Trustworthy distributed computing on social networks. In Proceedings of the 8th ACM SIGSAC Symposium on Information Computer and Communications Security (2013) pp. 155-160.

  • [70] Moreno-Sanchez P. Kate A. Maffei M. and Pecina K. Privacy Preserving Payments in Credit Networks: Enabling trust with privacy in online marketplaces. In Network and Distributed System Security 2015.

  • [71] Moreno-Sanchez P. Zafar M. B. and Kate A. Project website.

  • [72] Nakamoto S. Bitcoin: A peer-to-peer electronic cash system. Technical report 2008.

  • [73] Narayanan A. and Shmatikov V. De-anonymizing social networks. In Proceedings of the 2009 30th IEEE Symposium on Security and Privacy pp. 173-187.

  • [74] Post A. Shah V. and Mislove A. Bazaar: Strengthening user reputations in online marketplaces. In Proceedings of the 8th USENIX Conference on Networked Systems Design and Implementation (2011) NSDI pp. 183-196.

  • [75] Reid F. and Harrigan M. An analysis of anonymity in the bitcoin system. Security and Privacy in Social Networks 2013.

  • [76] Ripple Charts.

  • [77] Ron D. and Shamir A. Quantitative Analysis of the Full Bitcoin Transaction Graph. Financial Cryptography and Data Security: 17th International Conference FC 2013. pp. 6-24.

  • [78] Ruffing T. Moreno-Sanchez P. and Kate A. Coin- Shuffle: Practical Decentralized Coin Mixing for Bitcoin. Computer Security - ESORICS 2014: 19th European Symposium on Research in Computer Security. pp. 345-364.

  • [79] Sala A. Zhao X. Wilson C. Zheng H. and Zhao B. Y. Sharing graphs using differentially private graph models. Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference pp. 81-98.

  • [80] Sasson E. B. Chiesa A. Garman C. Green M. Miers I. Tromer E. and Virza M. Zerocash: Decentralized anonymous payments from bitcoin. In Proceedings of the 2014 IEEE Symposium on Security and Privacy (2014) pp. 459-474.

  • [81] Spagnuolo M. Maggi F. and Zanero S. BitIodine: Extracting Intelligence from the Bitcoin Network. Financial Cryptography and Data Security: 18th International Conference FC 2014. pp. 457-468.

  • [82] Tran N. Min B. Li J. and Subramanian L. Sybilresilient online content voting. Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation pp. 15-28.

  • [83] Valenta L. and Rowan B. Blindcoin: Blinded Accountable Mixes for Bitcoin. FC 2015 International BITCOIN Workshops Financial Cryptography and Data Security. pp. 112-126.

  • [84] Wondracek G. Holz T. Kirda E. and Kruegel C. A practical attack to de-anonymize social network users. Proceedings of the 2010 IEEE Symposium on Security and Privacy pp. 223-238.

  • [85] Zheleva E. and Getoor L. Preserving the privacy of sensitive relationships in graph data. Proceedings of the 1st ACM SIGKDD International Conference on Privacy Security and Trust in KDD pp. 153-171.

  • [86] Ziegeldorf J. H. Grossmann F. Henze M. Inden N. and Wehrle K. Coinparty: Secure multi-party mixing of bitcoins. In Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (2015) pp. 75-86.

Journal information
Cited By
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 1003 603 12
PDF Downloads 533 287 12