An Analysis of Anonymity in the Bitcoin System

Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a complicated issue. Within the system, users are identified by public-keys only. An attacker wishing to de-anonymize its users will attempt to construct the one-to-many mapping between users and public-keys and associate information external to the system with the users. Bitcoin tries to prevent this attack by storing the mapping of a user to his or her public-keys on that user’s node only and by allowing each user to generate as many public-keys as required. In this chapter we consider the topological structure of two networks derived from Bitcoin’s public transaction history. We show that the two networks have a non-trivial topological structure, provide complementary views of the Bitcoin system and have implications for anonymity. We combine these structures with external information and techniques such as context discovery and flow analysis to investigate an alleged theft of Bitcoins, which, at the time of the theft, had a market value of approximately half a million U.S. dollars.

💡 Research Summary

The paper provides a systematic investigation of anonymity in the Bitcoin system by constructing and analyzing two distinct network representations derived from the publicly available transaction ledger. The first, the transaction network, treats each transaction as a node and connects them via directed edges that represent the flow of funds from previous outputs to new inputs. Structural analysis reveals a small‑world topology with high clustering and short average path lengths, as well as a power‑law degree distribution indicating that a few addresses dominate transaction activity. The second, the user network, aggregates multiple public keys that are likely controlled by the same individual into a single “super‑node,” based on input‑output linkage heuristics. This network exhibits clearer community structure and hierarchical centrality, offering a complementary view of user behavior.

Beyond pure topological metrics, the authors integrate off‑network information (e.g., web postings, WikiLeaks donation addresses), TCP/IP layer data (IP addresses and geolocation), ego‑centric visualizations, context discovery (linking transaction timestamps and amounts to real‑world events), and flow‑temporal analyses. Applying these techniques to a real‑world case—a theft of roughly US$500,000 worth of Bitcoins in 2011—they trace the stolen funds through multiple intermediary addresses, identify high‑centrality nodes used for laundering, and ultimately narrow down the probable final recipient.

The study demonstrates that Bitcoin’s design—public transaction history, multi‑input/multi‑output transactions, and the ability for users to generate many public keys—does not guarantee anonymity. An adversary can de‑anonymize users by clustering keys through transaction linkage, enriching the clusters with external metadata, and exploiting network centrality. Mitigation strategies suggested include minimizing key reuse, employing mixing services, and routing traffic through anonymity networks such as Tor to hide IP information. However, because the blockchain is immutable, retroactive protection is limited; user education and protocol‑level enhancements are essential for improving privacy. The paper concludes that Bitcoin provides only limited pseudonymity and that its network structure, combined with auxiliary data, can be leveraged to compromise user anonymity.