Lockcoin: a secure and privacy-preserving mix service for bitcoin anonymity

We propose Lockcoin, a secure and privacy-preserving mix service for bitcoin anonymity. We introduce mix servers to provide mix service for user to prevent attackers linking the input address with output address by using blind signature shceme, multisignature scheme. Lockcoin provides anonymity, scalability, bitcoin compatibillity, theft impossibility and accountability. We have proposed a prototype of Lockcoin based on bitcoin test network, experimental results show that our solution is efficient. Lockcoin’s source codes are released on github.com/Northeastern-University-Blockchain/Lockcoin.

💡 Research Summary

Lockcoin presents a novel mixing service for Bitcoin that simultaneously addresses privacy, security, and accountability concerns. The authors identify the fundamental weakness of existing mixers: the mixing server can link a user’s input address to the output address because it directly signs or processes the transaction data. To eliminate this linkability, Lockcoin combines two well‑established cryptographic primitives: blind signatures and 2‑of‑2 multisignatures.

In the protocol, a user first creates a deposit request containing a blinded version of the desired output address. The mixing server signs only the blinded data, never seeing the clear‑text address. After receiving the blind signature, the user unblinds it to obtain a valid signature on the real output address. The user then constructs a multisignature deposit transaction that requires both the user’s and the server’s signatures. The server adds its signature, broadcasts the transaction, and the funds become locked in a joint output. For the withdrawal phase, the server selects a random address from a pre‑populated output pool, creates a multisignature withdrawal transaction, and again requires the user’s signature before broadcasting. Because the server never holds a unilateral signing key for either deposit or withdrawal, it cannot steal funds, and the blind signature prevents any correlation between the deposited and withdrawn addresses.

The paper formalizes a threat model that includes external observers, a malicious mixing server, and colluding users. Security proofs show that (1) linkability is reduced to negligible probability under the blind‑signature scheme, (2) theft is impossible without both parties’ signatures, and (3) accountability is achieved by logging all protocol steps, enabling auditors to reconstruct any misbehavior.

A prototype was implemented on the Bitcoin testnet. Experiments measured average mixing latency of 2–3 minutes and transaction fees comparable to the prevailing Bitcoin fee market. The results demonstrate that the additional cryptographic operations impose minimal overhead, making Lockcoin practical for real‑world deployment. Moreover, the implementation relies solely on standard Bitcoin scripts and libraries, ensuring full compatibility with existing wallets and nodes without requiring a hard fork.

All source code, test scripts, and documentation are released on GitHub (Northeastern-University-Blockchain/Lockcoin), allowing independent verification and future extensions. The authors suggest future work such as multi‑server decentralization, integration with smart‑contract platforms, and lightweight client adaptations. In summary, Lockcoin offers a robust, privacy‑preserving mixing service that overcomes the inherent linkability of prior solutions while guaranteeing theft‑impossibility and provable accountability, representing a significant advancement for anonymous Bitcoin transactions.