Highlights

A Survey on Ethereum Pseudonymity: Techniques, Challenges, and Future Directions

Shivani Jamwal,José Cano,Gyu Myoung Lee,Nguyen H. Tran,Nguyen Truong

• This insightful survey provides a novel systematic analysis of privacy preservation techniques in conjunction with
the state-of-the-art Deanonymisation methods in Blockchain and Ethereum ecosystems following novel systematic
scrutiny.

• The paper also suggests applicable and potential techniques for the countermeasure of those Deanonymisation methods,
exploring the intricate dynamics of privacy and deanonymization in the Ethereum blockchain ecosystem.
• It also examines the regulatory-compliance challenges and their implications arising from the intersection of the GDPR
and Ethereum, which is vital for ensuring the coexistence and advancement of groundbreaking blockchain capabilities
and protecting user data.
A Survey on Ethereum Pseudonymity: Techniques, Challenges, and
Future Directions
Shivani Jamwala,∗ , José Canoa , Gyu Myoung Leeb , Nguyen H. Tranc and Nguyen Truonga,∗∗
a School of Computing Science, University of Glasgow, Glasgow G12 8RZ, United Kingdom
b School of Computing Science, Liverpool John Moores University, Liverpool L3 3AF, United Kingdom
c School of Computer Science, The University of Sydney, Darlington, 2008, NSW, Australia.

ARTICLE INFO Abstract

Keywords: Blockchain technology has emerged as a transformative force across various sectors, including
Anonymity finance, healthcare, supply chains, and intellectual property management. Beyond Bitcoin’s role as
Bitcoin a decentralized payment system, Ethereum represents a notable application of blockchain, featuring
Blockchain Smart Contract functionality that enables the development and execution of Decentralised Appli-
Data Protection Regulation cations (DApps). A key feature of Ethereum, and public blockchains in general, is pseudonymity,
Deanonymization typically achieved by using public keys as pseudonyms for users. Despite implementing several
Ethereum privacy-preserving techniques, the public recording of users’ activities on the blockchain allows
GDPR various deanonymization methods that can profile users, reveal sensitive information, and potentially
Privacy Preservation re-identify them. Most blockchains, such as Bitcoin, Litecoin, and Cardano, employ the Unspent
Transaction Output (UTXO) model for accounting, which focuses on individual transactions and
is susceptible to various deanonymization techniques. Conversely, Ethereum uses an Account-based
transaction model, integrating the concepts of accounts and wallets at the protocol level. This makes
most UTXO-based deanonymization techniques ineffective for Ethereum. Nonetheless, alternative
methods have been proposed and developed with the potential to deanonymize Ethereum users.
Privacy preservation techniques have been employed to counter deanonymization attempts; however,
the challenges related to these techniques, their effectiveness and efficiency, and the trade-off between
usability and protection levels remain areas for further exploration. This survey presents a compre-
hensive analysis of state-of-the-art privacy preservation along with deanonymization techniques in
Blockchain and Ethereum ecosystems. It examines the intrinsic mechanisms supporting pseudonymity
in Ethereum, providing a detailed assessment of the advantages and disadvantages of privacy
preservation techniques, and suggesting potential countermeasures against those deanonymization
methods. It also discusses the implications arising from the intersection of DApps and data protection
legislation, which is vital for ensuring the coexistence and advancement of groundbreaking blockchain
capabilities and protecting user data.

1. Introduction critical elements that define Ethereum, and more broadly,

In recent years, blockchain technology has emerged as a
transformative tool with significant implications for various
sectors, from finance to healthcare and supply chain manage-
ment to digital identity verification. A prominent manifesta-
tion of blockchain technology is Ethereum, a decentralized,
open-source platform featuring smart contract functionality
that enables the development and execution of decentralized
applications (DApps). Since its inception in 2015, Ethereum
has transformed the landscape of the traditional client-server
applications and services (e.g., DApps), the financial world
(e.g., cryptocurrencies and Decentralized Finance DeFi in
general), and the digital marketplace (e.g., non-fungible
token NFT and decentralized storage services) [32]. With
a robust programming language (i.e., Solidity) and an open-
source, decentralised platform, Ethereum has gained signif-
icant attention worldwide, and it is now the second-largest
cryptocurrency network after Bitcoin. However, one of the
∗ First
Author, Corresponding Author
∗∗ PrincipalCorresponding Author
the field of cryptocurrencies, is its pseudonymity, which,
while providing users with a level of privacy, also makes it
a hub for illicit activities. Therefore, the deanonymization of
Ethereum transactions, which refers to identifying the par-
ties involved, has become an increasingly important research
domain [18].
The pseudonymous nature of any blockchain system,
Ethereum in particular, is achieved using public keys as
pseudonyms for users. However, users’ activities can be
traced and linked by analyzing these public keys and trans-
action patterns [200]. Several techniques and tools have
been developed over the years that have the potential to
deanonymize these transactions, resulting in the ability to
profile and re-identify the users [42, 18, 77]. To our knowl-
edge, most deanonymization techniques have targeted Bit-
coin and other blockchains using the Unspent Transaction
Output (UTXO) accounting model due to the feasibility
of inferring sensitive information about on-chain activity
by examining and tracking UTXOs. In the account-based
model of Ethereum, an Ether token (i.e., coin) belongs to

[email protected] (S. Jamwal); an account, which is specified by public/private key pairs,
[email protected] (J. Cano); [email protected] (G.M. Lee);
[email protected] (N.H. Tran); [email protected] (N.
represented as its balance [32]; there are no such kinds
Truong) of reference linking tokens in transactions in the UTXO
ORCID (s):

Jamwal et al.: Preprint submitted to Elsevier Page 1 of 26

 Survey on Ethereum Pseudonymity

model [134]. Consequently, those deanonymization tech- Table 1

niques are impractical for Ethereum and other account-based Abbreviations used in the paper.
blockchain platforms because of the elemental difference in ABE Attribute-based Encryption
their transaction model. However, the account model has to DApps Decentralized Applications
come with the reuse of account addresses. This is generally DPoS Delegated Proof of Stake
a detriment to Ethereum users’ privacy because transactions EOA Externally Owned Accounts
linking to an account can effortlessly be traced back to a EEA European Economic Area
single owner. EU European Union
Deanonymization methods that have the potential to EVM Ethereum Virtual Machine
interpret and classify Ethereum transactions have been FHE Fully Homomorphic Encryption
proposed and implemented, resulting in profiling and re- GDPR General Data Protection Regulation
HE Homomorphic Encryption
identifying Ethereum users. At the same time, to counter-
IPFS Inter-Planetary File System
measure those privacy attacks, several privacy-preservation NIZK Non-Interactive Zero-Knowledge Proofs
techniques including Mixing services, Zero-Knowledge- P2P Peer-to-Peer
Proof (ZKP) [34], and Secure Multiparty Computation PbD Privacy by Design
(SMPC) [207] have been developed to empower Ethereum PHE Partially Homomorphic Encryption
privacy [161] [214]. Yet, the challenges associated with PoA Proof of Authority
these techniques, their efficiency, and their scalability still PoH Proof of History
need to be explored. This survey presents an in-depth QAP Quadratic Arithmetic Program
analysis of such state-of-the-art techniques by inspecting the SMPC Secure Multi-Party Computation
intrinsic mechanisms of Ethereum that support anonymity, TGA Transaction Graph Analysis
evaluating various deanonymization techniques, discussing UTXO Unspent Transaction Output
ZKP Zero-Knowledge Proof
potential implications on privacy, and identifying future
zk-SNARK Zero-Knowledge Succinct
research directions in the field of privacy in Ethereum-based Non-Interactive Argument of Knowledge
platforms. zk-STARKs Zero-Knowledge Scalable
This paper presents a survey of the pseudonymity of Transparent Arguments of Knowledge
Blockchain, particularly Ethereum, ecosystem, providing
a detailed study of existing privacy preservation in con-
junction with deanonymization techniques, examining the pseudonymity of Ethereum, including the regulatory con-
challenges researchers and practitioners face in the line of cerns. Finally, Section 7 concludes the paper with potential
research, and suggesting applicable and potential techniques future research directions.
for the countermeasure of those state-of-the-art Deanonymi-
sation methods. The motivation for this survey is multifold. 2. Background and Challenges
Firstly, it seeks to consolidate the vast amount of research
conducted in the area, catering for a single reference for aca- This section introduces the background of blockchain
demics, researchers, and industry professionals. Secondly, it and Ethereum, including the definition, system model, appli-
aims to highlight the challenges and issues faced with the cation scenarios, and privacy and security in permissionless
state-of-the-art privacy-preservation techniques in permis- blockchain platforms.
sionless blockchain platforms, particularly Ethereum, stim-
ulating further development and improvement. Finally, the 2.1. Blockchain Technology
paper underscores the importance of this research within the Satoshi Nakamoto [134] is credited with the inception of
broader context of data protection legislation, considering Bitcoin and the underlying blockchain technology, a revolu-
the escalating popularity of DApps, ensuring the coexistence tionary decentralized framework designed for secure com-
and advancement of groundbreaking blockchain capabilities putations within networked systems without a central regula-
and protecting user data. tory authority. A blockchain system records all transactions
The remainder of the paper is organized as follows: Sec- or messages transmitted from one network node to an-
tion 2 provides the background of blockchain and Ethereum other. After network nodes’ verification, following a major-
along with the privacy and security, including pseudonymity ity consensus protocol, these transactions are permanently
in these blockchain platforms. Section 3 details the state- recorded on the blockchain, ensuring the immutability of
of-the-art privacy preservation techniques for blockchain stored information and the traceability of each transaction’s
platforms, focusing on strengthening pseudonymity. Section history [188]. From a data management perspective, the
4 discusses the deanonymization techniques by analyzing blockchain serves as a distributed database that archives
their efficiency and potential. Section 5 introduces prospec- an ever-evolving collection of transaction records. This is
tive resolutions for the deanonymization on Ethereum plat- achieved by systematically organizing these records into a
forms and Section 6 ponders the broader implications of the chain of interconnected blocks.
A blockchain system is typically a peer-to-peer (P2P)
network characterized by two types of nodes: miners and
users. The freedom to assume either role lies with each

Jamwal et al.: Preprint submitted to Elsevier Page 2 of 26

 Survey on Ethereum Pseudonymity
node. Miners are pivotal to the blockchain infrastructure,
jointly maintaining the operation of the P2P network [44].
The following discourse provides an in-depth exploration
of the salient components of blockchain technology: the
distributed ledger and the consensus mechanisms.
• Blockchain as a Distributed Ledger: A distributed ledger
is a decentralized database that records all blockchain data
in a standardized format and is managed by all partici-
pating miners. It encompasses a series of interconnected
blocks in a chain linked using a hash function. Each block
is added and maintained chronologically, identifiable by
its unique hash value, i.e., the block address. The block
header incorporates the current version number, the previ-
ous block’s hash value, its block address, the Merkle root
hash, and the creation timestamp, as shown in figure 1.
A consensus mechanism, such as Proof of Work (PoW)
[134], Proof of Stake (PoS) [137], are employed, contain-
ing a nonce that confirms the computational correctness of
the block generation. The block body permanently records
all confirmed transactions in the blockchain, which are
structured as a Merkle tree, organizing all transactions for
efficient querying and verification [141].
The onus of maintaining the distributed ledger falls on
the miners. They can both access and write data into the
ledger. However, before recording any data, its validity
must be confirmed via the consensus mechanism. While
users can access data, they can only write and append data
to the blockchain with miners’ assistance.
• Consensus Mechanisms: The consensus mechanism is a
fault-tolerant process that allows multiple parties to agree
on a single data value or network state [192]. It sustains
the blockchain data’s authenticity, consistency, and order
across the network. The consensus mechanism resolves
the Byzantine general’s problem that in a distributed
system with numerous nodes, these nodes must reach
an identical decision despite disloyal nodes. Consensus
mechanism guarantees the blockchain’s verifiability and
tamper-resistance by obtaining approval from these nodes
in which mining is the core process to reach consensus on
a newly created block via the blockchain, providing sys-
tem liveness and safety. Familiar consensus mechanisms
include PoW [134], PoS [32], Delegated Proof of Stake
(DPoS) [184], Proof of Authority (PoA) [50], and Proof
of History (PoH) [204].
Typically, the security of a blockchain system, like Bit-
coin, is contingent upon its consensus model. The se-
curity of consensus is premised on the assumption of
an honest majority; that is, the majority of consensus
voting power is honest. Some blockchains, like Bitcoin,
incorporate an incentive mechanism to motivate miners
to create new blocks. This incentive contributes to the
blockchain’s resilience and, based on game theory, aug-
ments the blockchain’s security and privacy.
Jamwal et al.: Preprint submitted to Elsevier
Figure 1: Overview of the Blockchain data structure consisting
of blocks linked to each other using cryptographic hashes of
the previous blocks.
2.2. Blockchain Characteristics
Unique characteristics of blockchain are discussed, delv-
ing into its core features such as decentralization, autonomy,
transparency, non-repudiation, and immutability.
2.2.1. Decentralization and autonomy
Decentralization and autonomy are quintessential fea-
tures of blockchain technology, breaking away from conven-
tional centralized systems.
The decentralized nature of blockchain technology im-
plies that no single entity controls the entire network [6].
Instead, the network is maintained collectively by all nodes
participating, often known as ’peers’. Each peer has a copy
of the entire blockchain and participates in the validation of
transactions.
This decentralized architecture contributes to the robust-
ness and security of the system. Since no central author-
ity can be compromised, the system is resilient to various
attacks, including denial-of-service attacks. Moreover, the
absence of a central authority eliminates the need for trust in
a single entity, as the integrity of the system is maintained
by the consensus of the network participants.
The autonomous nature of blockchain technology emerges
from its use of smart contracts, which are self-executing
contracts with the terms of the agreement directly written
into code. The code and the agreements exist across a dis-
tributed, decentralized blockchain network, ensuring their
execution is automatic, traceable, and irreversible[122]. This
autonomy reduces the possibility of manipulation, bias, or
error and enhances efficiency by eliminating the need for
intermediaries.
Decentralization and autonomy, while providing signif-
icant advantages in terms of security and efficiency, also
present challenges. For instance, the autonomous execution
of smart contracts might lead to unintended consequences
if the code is flawed [164]. These challenges necessitate
ongoing research and development in the field.
2.2.2. Transparency
Information recorded in a blockchain (i.e., on-chain data)
is transparent to all nodes in the blockchain network, and
users can conveniently access this on-chain data by querying
miners. Transparency enhances data immutability and veri-
fiability because all nodes can detect illegal modification and
data. Nevertheless, privacy leakage due to transparency has
Page 3 of 26
 Survey on Ethereum Pseudonymity
become a crucial issue that dramatically limits blockchain
applications [20].
Each transaction on a blockchain is time-stamped, im-
mutable, and linked to the previous transaction, forming
a chain of blocks. Any alteration in a block impacts all
subsequent blocks, making unauthorized changes nearly im-
possible without detection [20]. This immutability feature
enhances transparency and trust in the system, as partici-
pants can verify the integrity of transactions without relying
on third-party intermediaries [215].
2.2.3. Non-repudiation
Non-repudiation is an inherent property of blockchain
technology that ensures irreversible and undeniable proof
of participation in a transaction or event [66]. The non-
repudiation of Blockchain refers to (i) No one can deny
transaction contents created by himself and (ii) No one can
repudiate the transaction time generated by himself. This
characteristic is vital for creating a trustless environment
where participants can confidently interact, knowing their
actions cannot be denied later. Non-repudiation is achieved
in blockchain technology through the use of cryptographic
digital signatures [217]. In a transaction process, the sender
signs the transaction with their private key, which anyone
can verify using the sender’s public key. This signature
serves as strong proof of the origin and integrity of the
transaction. Once the transaction is included in a block and
the block is appended to the blockchain, the transaction
becomes immutable and undeniable [217].
Due to the characteristic of non-repudiation, if a trans-
action exists in the Blockchain, it must be initiated by its
signer itself. The node cannot deny that it has published
the transaction. The distributed nature of blockchain tech-
nology ensures that all nodes in the network hold a copy
of the blockchain, and this duplication further bolsters non-
repudiation. Suppose a participant attempts to deny their
action. In that case, other participants can refer to their local
blockchain copies to verify the action’s occurrence [217].
Non-repudiation, while offering an added layer of se-
curity and trust in blockchain transactions, raises several
implications, particularly privacy. Once a transaction is com-
mitted, it is permanently recorded and openly verifiable.
This feature presents challenges for privacy-concerned users
who may need to obfuscate their activities to maintain their
privacy, bringing forth anonymity and pseudonymity in the
blockchain.
2.2.4. Verifiability and immutability
Verifiability means that the validity of each transaction
in the blockchain can be verified and cannot be modified
or removed from the blockchain [138]. Since all miners
confirm the blocks in which transactions are recorded via
the consensus mechanism, invalid transactions will not be
recorded in the blockchain. Any data modification in the
blockchain will be denied unless the adversary compromises
the whole system. Also, blocks are organized in a chain using
the hash function, which makes any modification to the data
Jamwal et al.: Preprint submitted to Elsevier
easily detected. This characteristic benefits security but also
results in the problem that sensitive data cannot be removed
from the blockchain.
Immutability means whose state cannot be altered after
its creation. Immutable transactions make it impossible for
any entity to manipulate and falsify data stored on the
network [138]. Since historical transactions can be audited
at any point, immutability enables high data integrity.
2.3. Ethereum platform
Ethereum, launched in 2015, is an open-source, blockch-
ain-based platform that enables the development and exe-
cution of smart contracts [32]. The earlier cryptocurrency,
Bitcoin, influenced the design of Ethereum, but with signif-
icant enhancements to extend its functionalities beyond just
a peer-to-peer electronic cash system.
Ethereum, since its inception, has revolutionized the
blockchain landscape by introducing the concept of pro-
grammable contracts known as “smart contracts”. This plat-
form enables developers to create decentralized applications
that operate on a blockchain, leading to trustless and trans-
parent interactions over the internet [49].
In Ethereum, users can create accounts, transfer their
native Ether (ETH) cryptocurrency, and interact with smart
contracts. Smart contracts are immutable and autonomous
scripts stored on the Ethereum blockchain that execute
predefined functions when certain conditions are met [49].
These smart contracts are pivotal in allowing DApps to
be built on Ethereum, making it more than just a plat-
form for cryptocurrency transactions. One notable fea-
ture of Ethereum is the introduction of the Ethereum Vir-
tual Machine (EVM), a runtime environment that executes
smart contracts. This makes Ethereum a general-purpose
blockchain, unlike Bitcoin, designed with a specific use case
[49].
In parallel to Bitcoin, Ethereum offers its users a degree
of anonymity through its use of pseudonymous addresses
linked to each account. These addresses bear no explicit
identifiers tying them to the users’ real-world identities,
offering a level of privacy that is essential for many [186].
Nevertheless, this feature can be a double-edged sword as it
opens avenues for potential illicit activities [211].
2.4. Smart Contracts
A smart contract platform is software that runs on
a blockchain, extending its functionality and broadening
its application. Smart contracts are programs stored on a
blockchain that execute when certain predetermined con-
ditions are fulfilled [32]. They are used to automate the
execution of an agreement so that all participants can
instantly ascertain the outcome, thus eliminating any need
for an intermediary or wasting time. Workflow automation
is possible, triggering the subsequent action when conditions
are met [32].
Smart contracts are defined in many ways. Szabo first
proposed that ’Smart contracts are a computable transaction
protocol to execute contract terms’ [177]. Ethereum’s smart
Page 4 of 26
 Survey on Ethereum Pseudonymity
contract is a digital asset control program based on the
blockchain [22]. In a narrow sense, a smart contract is a
program code involving business logic, algorithms, complex
relationships among people, legal agreements, and networks.
A smart contract is a computer protocol that can self-execute
and self-verify after deployment [177].
The operation of smart contracts involves three proce-
dures: contract creation, contract publishing, and contract
execution [197]. During contract creation, the contract par-
ticipants will negotiate to clarify parties’ rights and obliga-
tions, determine the standard contract text, and then program
them into a smart contract program. The contract program
generally requires auditing for secure execution. In contract
publishing, the contract creator signs and requests a miner to
record the signed contract into the blockchain. The contract
execution is based on an event-triggered mechanism on the
blockchain, which encompasses transaction processing and
preservation mechanisms and is a complete state machine.
Specifically, the external nodes can interact with a smart
contract program by sending transactions. The transactions
can change the status of the contract. All miners monitor the
status, and once they detect its change, they execute the smart
contract based on its design.
2.5. Security and Privacy in Ethereum
This section delves into the security and privacy con-
cerns in Ethereum platforms. While the inherent structure of
blockchain offers significant security measures, Ethereum,
with its unique characteristics, poses unique challenges in
ensuring user data protection and malicious attempts.
2.5.1. Security
Security in the blockchain is based on the following
factors. First, blockchain technology relies on a decentral-
ized ledger to keep track of all financial transactions. The
“master” ledger would be a point of vulnerability [12]. If
the ledger was compromised, then it could lead to a system
breakdown. Secondly, the ledger exists as a long chain of
cryptographically encrypted sequential blocks, reducing the
risk of data tampering. Blockchain consists of hundreds to
thousands of unique nodes. Every node has a complete copy
of the digital ledger. The nodes can work independently for
the verification of a transaction. If the nodes do not agree,
then the transaction is cancelled.
Thirdly, The cryptographic keys and two key systems
used in blockchain exchanges are very long, complex and
difficult to decipher unless one has the authorisation to view
the keys. The public key and private key in public-key
cryptography. Both of these keys are generated using the
Elliptic Curve cryptography method. Firstly, it creates the
private key, and then a public key from the private key is
created using the Elliptic Curve Algorithm (ECDSA) [99].
Therefore, private and public keys are cryptographically
and mathematically linked. Therefore security in blockchain
ensures confidentiality , availability ,integrity and ledger
consistency
Jamwal et al.: Preprint submitted to Elsevier
However, although the security embedded, blockchain is
prone to attacks such as double spending, wallet-based at-
tacks (i.e., client-side security), network-based attacks such
as DDoS, Sybil, and eclipse and mining-based attacks such
as 51% [208], block withholding and bribery [86], [54],
[172]. As a prominent platform for decentralized applica-
tions, Ethereum presents unique security challenges stem-
ming from its open, decentralized, and complex nature.
These challenges can broadly be categorised into protocol-
level challenges, smart contract vulnerabilities, and network-
level threats as follows:
• Protocol-Level Challenges: Like all blockchain systems,
Ethereum is subject to attacks that attempt to manipulate
the consensus protocol. Examples include 51% attacks,
where a malicious entity with control over the major-
ity of the network’s hashing power can manipulate the
blockchain, and eclipse attacks, where a node is isolated
from the rest of the network and fed false information [65].
• Smart Contract Vulnerabilities: Ethereum’s distinctive
feature, the smart contract, introduces unique security
issues. These programmable contracts, while powerful,
have been a common target for attackers due to vulner-
abilities in their code. Notable attacks exploiting smart
contract vulnerabilities include the DAO and Parity wallet
incidents. Detecting and eliminating such vulnerabilities
before contract deployment remains challenging due to
the Turing completeness of Ethereum’s programming lan-
guage, Solidity, and the immutability of deployed con-
tracts [115].
• Network-Level Threats: Ethereum is also subject to com-
mon network-level attacks as part of the Internet. These
include DDoS attacks, Sybil attacks, and routing attacks.
Effective defence mechanisms are needed to maintain the
robustness and reliability of the Ethereum network [13].
2.5.2. Privacy
Data privacy of blockchain refers to the property that
blockchain can firstly provide Anonymity where it is the
state of being anonymous and unidentified [86], [92], [69]
and secondly ensure Unlinkbaility where users’ transactions
related to themselves cannot be linked [169], [162], [69].
Despite its innovative applications and significant potential,
Ethereum grapples with inherent privacy challenges. These
issues are related to the system’s pseudonymous nature,
transparency of transactions, and the interaction of smart
contracts as follows:
• Pseudonymity and Linkability: Ethereum accounts are
pseudonymous, and transactions are publicly visible. This
leaves room for the potential deanonymization of user
accounts through data analysis. An attacker can link ad-
dresses to identify a unique user or organization and then
analyze their financial behaviour. Although this trans-
parency is necessary for ensuring the system’s integrity,
it presents significant privacy concerns [33].
Page 5 of 26
 Survey on Ethereum Pseudonymity
• Transaction Transparency: Every transaction on the Ether-
eum blockchain is visible to every participant in the
network [142]. While this provides essential advantages,
it can lead to privacy leaks. Information about the value
transferred, the parties involved, and even the timing of
the transaction can reveal sensitive data [130].
• Smart Contract Privacy: Smart contracts, a distinctive
feature of Ethereum, have exacerbated privacy concerns
[108]. The logic and state of a smart contract are visible
to all participants, potentially revealing sensitive business
logic or private data. Moreover, interaction with smart
contracts can leak information about the parties involved.
While these challenges exist, it is essential to note that
continuous efforts are being made by Ethereum developers
and the wider blockchain community to identify and mitigate
these security and privacy threats. Addressing these issues
is crucial for adopting and surviving Ethereum as a secure
platform for decentralized applications.
3. Privacy Preservation Techniques in
Blockchain Platforms
Since the introduction of Blockchain, various privacy-
preservation techniques have continuously been adopted and
integrated to enhance the confidentiality and anonymity of
users’ identities and transaction data on the networks. In
this section, we delve into the significant milestones in
the journey of the privacy evolution in blockchain sys-
tems, particularly Ethereum, from the implementation of
Ring Signatures in 2015 to more advancements, such as
Mixing Services and Differential Privacy. In the journey
towards enhancing privacy on the Ethereum blockchain, as
seen in Figure 2, several implementations of these privacy-
preserving techniques stand out. To name a few, introducing
a unique ring signature scheme using secp256k1 elliptic
curve that provides anonymity for signers within a group
[129]and integrating ZKPs to bolster scalability and confi-
dentiality in transactions via zk-SNARKs [131]. Ethereum’s
privacy mechanisms further expanded with Tornado Cash, a
decentralized, non-custodial mixing service that uses smart
contracts and zero-knowledge proofs to enhance transac-
tion privacy [147]. Tornado Cash breaks the on-chain link
between sender and receiver addresses, providing a higher
degree of anonymity and privacy for Ethereum transactions
[147].
Additionally, SMPC is used in REN Protocol, an open
protocol built to provide interoperability and liquidity be-
tween different blockchain platforms [179]. Attribute-based
Encryption (ABE) technique in Ethereum is the integration
of ABE with smart contracts for fine-grained access control,
where data access can be precisely controlled according to a
set of attributes, such as user roles, permissions, or other cri-
teria, without revealing the identities of the users involved,
particularly relevant for use cases where sensitive data is
involved, such as in healthcare [98]. Lastly, the introduction
of HE techniques allowed for computations on encrypted
Jamwal et al.: Preprint submitted to Elsevier
Figure 2: Employment of Privacy-Preserving techniques in
Ethereum considering both computation and implementation
complexities since its inception.
data, preserving the privacy of the underlying information
[205]. The Zether protocol brought Differential Privacy to
Ethereum, providing statistical privacy by obscuring indi-
vidual data within aggregated data sets [31]. Collectively,
these advancements have been seen to contribute to the ro-
bust framework of privacy within the Ethereum ecosystem.
These privacy-preservation techniques are briefly summa-
rized in Table 2 with their pros and cons.
3.1. Mixing Services
Mixing services are essential tools in the blockchain
ecosystem for enhancing user privacy, particularly in ad-
dressing the non-anonymous nature of cryptocurrencies
such as Bitcoin. Despite employing pseudonymous ad-
dresses, the public nature of Bitcoin transactions allows for
the analysis and correlation of a user’s transactions. Mixing
services, such as Tornado Cash on the Ethereum platform
[147], obfuscate transaction trails to impede address linkage.
However, they do not protect against coin theft [38]. Notable
mixing services include MixCoin [29], CoinJoin [52], and
Private CoinJoin as implemented in DASH [56]. These
services play a pivotal role in preserving user anonymity in
the blockchain. Several notable mixing services have been
proposed as follows:
1. MixCoin: Introduced by Bonneau [29], MixCoin aims
to provide anonymous transactions for Bitcoin and sim-
ilar cryptocurrencies. It counters passive adversaries by
broadening the anonymity set, facilitating simultaneous
coin mixing by all users. Against active adversaries, Mix-
Coin offers anonymity akin to traditional communication
mixes. Significantly, MixCoin incorporates an account-
ability mechanism, deterring coin theft by aligning user
incentives and fostering rational usage.
2. CoinJoin: Conceived in 2013, CoinJoin offers an alter-
native for anonymizing Bitcoin transactions [52, 124].
Page 6 of 26
 Survey on Ethereum Pseudonymity

Table 2
Comparative Analysis of Privacy-Preservation Techniques in Blockchain Platforms.
Technique
Mixing Services [147, 29, 52,
124, 56, 9, 24, 168, 199, 201]
Ring Signature [15, 76, 174,
174, 118, 3, 209, 185, 47, 140,
43]
ABE [202, 198, 98, 28, 37,
123, 132, 87, 153, 95, 203,
206, 143]
SMPC [116, 128, 213, 216,
17, 5, 17, 220]
ZKP [146, 30, 83, 146, 149,
85, 26, 93, 131, 144]
Differential Privacy [8, 59, 60,
1, 105, 78, 125, 90, 73, 114,
97, 96, 145]
HE [79, 53, 133, 189, 113,
189, 167]
Pros
Efficiently obscures transaction trails, making
linking addresses and tracing transactions
back to users difficult.
Ensures anonymity of the signer within
a group, thereby effectively shielding the
sender’s identity in a transaction.
Supports both confidentiality and access con-
trol and has the potential for decentralized
multi-authority systems.
Enables confidential computations involving
multiple entities while ensuring the privacy
of data segments among participants.
Allows for validating blockchain transactions
in DApps without revealing sensitive data and
offers strong cryptographic privacy guaran-
tees.
Offers strong mathematical assurances
against data breaches, crucial in protecting
individual privacy during computations
pertinent in DApps for processing or sharing
sensitive data.
Enables computation on encrypted data while
preserving privacy; ideal for DApps which
manage and process sensitive data either on-
chain or off-chain.
Cons
Enhances privacy but do not necessarily in-
crease security against theft or loss of cryp-
tocurrency.
Do not conceal the transaction amounts or
the recipient’s address. The presence of com-
putational overhead associated with larger
ring sizes can affect transaction processing
times.
Limited adoption of certain DApps is at-
tributed mainly to their complexity and the
challenges associated with implementation.
Computationally complex and can lead to in-
creased network latency, affecting blockchain
networks’ efficiency.
Introduces significant computational over-
head, especially in non-optimized implemen-
tations.
May lead to diminished data utility, impact-
ing the effectiveness of data-driven deci-
sions in blockchain applications. Privacy level
depends on parameter configuration, which
requires careful balancing to achieve desired
privacy without significantly compromising
data usefulness.
Complex implementation and computation-
ally intensive which results in slower perfor-
mance, less scalable, and impracticality for
smart contract operations.

Rooted in the concept of joint payments, CoinJoin allows
a user to collaborate with another user to execute a
collective payment within a single transaction. Such joint
payments considerably diminish the likelihood of tracing
input-output links or discerning a specific user’s mon-
etary flow direction. Early mixing services employing
this approach, like SharedCoin [9], relied on centralized
servers. However, such centralization, while simplifying
the process, introduced trust issues. Users had to trust
these service operators to safeguard the bitcoins and
not retain transaction logs, which would undermine the
privacy efforts.
3. Private CoinJoin: DASH has implemented an advanced
version of CoinJoin [56] providing privacy features throu-
gh its 𝑃 𝑟𝑖𝑣𝑎𝑡𝑒𝑆𝑒𝑛𝑑 function [56, 24, 52]. 𝑃 𝑟𝑖𝑣𝑎𝑡𝑒𝑆𝑒𝑛𝑑
is an optional feature in DASH that blends multiple
transactions, making it substantially challenging to deter-
mine the source, destination, and amounts in individual
transactions. This CoinJoin-inspired method allows users
to utilise the increased privacy feature without making it
mandatory for all DASH transactions [52].
Mixing services represent a pivotal advancement in pre-
serving user anonymity within the blockchain realm, espe-
cially given the transparency challenges posed by cryptocur-
rencies like Bitcoin. While they mask transactional histories,
inherent vulnerabilities remain, particularly regarding coin
security. As blockchain technology progresses, a deep un-
derstanding of these services’ pros and cons becomes crucial
for developers and users [168].
3.2. Ring signature
Ring signatures, introduced by Rivest, Shamir, and Tau-
man [156], represent a sophisticated approach to digital
signatures that allow a member of a group to sign messages
anonymously. An example of ring signatures in practical
use is in anonymous voting systems [15], where they ensure
voter anonymity while maintaining vote integrity.As Figure
3 illustrates, the ring consists of several members, any of
whom could be the actual signer, depicted by the figures
around the “RING”. This ensures that while the signature
validates the message as originating from the group, the
actual author’s identity remains concealed, depicted by the
detached figure holding the “Signature Value”.

Jamwal et al.: Preprint submitted to Elsevier Page 7 of 26

 Survey on Ethereum Pseudonymity
Such a mechanism of signer ambiguity, as shown in the
diagram, ensures privacy and is computationally formidable
to penetrate, making it a valuable tool for maintaining the
signer’s anonymity within a set [76, 174]. The practicality
of ring signatures is evident in various domains, most no-
tably within blockchain technology and cryptocurrencies,
where they play a pivotal role in safeguarding transactional
anonymity [174, 118].
In the realm of cryptocurrencies, ring signatures find a
significant application in Monero[185], a prominent privacy-
centric cryptocurrency. By leveraging the ring signature
mechanism, Monero can obscure the actual sender of a
transaction by blending their identity with decoy inputs,
ensuring the origin of funds remains confidential. Techni-
cally, Mereno combines Ring Signatures, Stealth Addresses
[47], and Confidential Transactions [140] to achieve trans-
actional privacy. Ring Signatures, in particular, involve the
creation of a signature by a group such that it becomes
computationally infeasible to determine the actual signer.
Stealth Addresses ensure transaction outputs are directed
to one-time addresses, rendering them unlinkable to the
recipient’s public address. This prevents potential linkage
attacks where transaction patterns are analyzed to determine
sender-receiver relations. These techniques combined make
Monero transactions opaque, ensuring the details of the
sender, receiver, and transaction amounts remain concealed
[185].
However, while ring signatures offer enhanced privacy,
it is imperative to understand their limitations and the trade-
offs involved [43]. Specifically, the size of the ring (i.e.,
the number of potential signers) can impact both the level
of anonymity provided and the computational overhead re-
quired. Larger rings offer higher anonymity but at the cost
of increased computational resources and transaction sizes.
Moreover, while ring signatures shield the sender’s identity,
they do not inherently conceal transaction amounts or the
recipient’s address. To achieve a more comprehensive pri-
vacy solution, ring signatures are often combined with other
cryptographic techniques, such as Confidential Transactions
[140] or Stealth Addresses [47] as pointed out in Monero.
This combination will complement Ring Signatures as a
robust cryptographic tool, balancing transactional privacy
and computational efficiency.
3.3. Attribute-based encryption
Attribute-based Encryption (ABE) is an advanced cryp-
tographic method where user attributes are defining and
regulatory factors in the encryption process that provide the
framework for the ciphertext produced by a user’s secret
vital [160, 21, 36]. A practical application can be seen in
healthcare blockchain platforms, where ABE controls access
to sensitive patient data [98]. Successful decryption of the
encrypted data using a user’s secret key occurs only if the
user’s attributes align with the ciphertext attributes [28].
This arrangement highlights the crucial security aspect of
ABE known as collision resistance, ensuring that malicious
Jamwal et al.: Preprint submitted to Elsevier
Figure 3: Privacy Preservation techniques based on Ring
Signature where the level of anonymity is restricted to the
number of users (i.e., size of the ring).
users cannot access data beyond what their private keys
allow, even in instances of collusion [37, 123].
A unique feature of ABE is its capacity to support con-
fidentiality and access control through singular encryption
[84, 190, 212]. This is facilitated by the involvement of
four key parties, namely, the cluster head or data owners,
blockchain miners, attribute authorities (AA), and the dis-
tributed ledger (typically represented by blockchain with
blocks of transactions) [132, 87, 153]. Despite its potential,
the application of ABE remains limited, primarily due to a
general lack of comprehension surrounding its core princi-
ples and efficient implementation strategies [95, 203].
Furthermore, ABE does not necessitate a fixed author-
ity, enabling the potential for multiple authorities within
a decentralized network, providing a robust and adaptable
approach for network management [36, 206]. Technologies
such as the Inter-Planetary File System (IPFS) [16] and
Storj [195] leverage this, permitting witnesses to assume the
role of these authorities within a blockchain. Despite the
advances, implementing ABE within a blockchain-centric
approach presents ongoing challenges. It is a topic of active
research [143].
3.4. Secure multi-party computation
Secure multi-party computation (SMPC) has emerged
as a cornerstone cryptographic protocol, enabling multiple
entities to collaboratively compute a function over their
respective inputs while maintaining the confidentiality of
these inputs [55, 48]. Rooted in the seminal work by Yao in
1982 [207], SMPC distributes data or programmatic states,
such as those inherent to blockchain-based smart contracts,
across 𝑁 parties via advanced secret sharing techniques.
Under this paradigm, a subset of 𝑀 parties from the total 𝑁.
𝑁 is indispensable for the joint computation of a designated
input, producing the output and revealing the underlying data
or programmatic states. Notably, each participating entity
is privy only to an input segment, thereby possessing a
unique position on a distinct polynomial, instrumental for
discerning a specific data segment [207].
Page 8 of 26
 Survey on Ethereum Pseudonymity
Integrating SMPC in blockchain frameworks epitomizes
an evolutionary step towards enhancing user privacy [213,
216, 17]. Bitcoin, for instance, has harnessed variations of
multi-party computation for the augmentation of transac-
tional privacy, a significant illustration being its deployment
in the generation of threshold signatures [5]. Central to this
privacy-centric methodology is the imperative for the ma-
jority of participants to maintain probity, thereby ensuring
the sanctity and security of the collective computations.
Nonetheless, it is pertinent to acknowledge the computa-
tional intricacies introduced by SMPC, especially in terms
of network latency - attributed to the inherent inter-node data
exchanges requisite for MPC computation [17].
In the decentralized computational landscape, the Enigma
platform, unveiled in 2015, is a paragon of SMPC implemen-
tation [220]. Enigma harnesses a verifiable secret-sharing
scheme, fortifying its computational model’s integrity and
privacy. Further, instead of engendering a nascent blockchain,
Enigma employs an auxiliary blockchain as an immutable
event ledger, concurrently facilitating peer-to-peer network
governance, which addresses identity management and ac-
cess control nuances [220].
3.5. Zero-Knowledge Proof
Zero-Knowledge Proofs (ZKPs) is an advanced cryp-
tographic technique designed to enhance privacy in the
blockchain [146]. A relevant use case of ZKP is in iden-
tity verification systems, allowing users to prove specific
attributes, like age or citizenship, without revealing other
personal details [175]. The origins of this privacy-preserving
technique trace back to the 1980s when it was proposed as
a zero-knowledge proof [70, 83]. At its core, the concept
provides formal proof that verifies a program’s execution
using an input secretly known by the user [82]. These proofs
allow one entity to convincingly demonstrate to another
that it possesses a particular piece of information without
divulging any specifics about the data. The execution results
in a publicly available output, ensuring no sensitive data or
attributes are exposed.
For ZKP to function effectively, it must satisfy three
critical criteria as follows [27]:
1. Completeness: Given a true statement, the prover should
invariably be able to present a successful proof.
2. Soundness: If the statement under scrutiny is false, a
dishonest prover should find it near-impossible to deceive
the verifier into believing its authenticity, barring a mi-
nuscule probability.
3. Zero-Knowledge: There should be an algorithm, limited
by polynomial time, that can autonomously create tran-
scripts of the protocol which cannot be differentiated
from a genuine proof shared between a prover and a
verifier. This is pivotal because if an external entity,
unaware of the statement’s veracity, can fashion a le-
gitimate protocol transcript, neither a verifier nor any
interceptor can glean additional information from the real
interaction.
Jamwal et al.: Preprint submitted to Elsevier
As depicted in Figure 4, the process involves two parties:
a Prover and a Verifier. The Prover sends a confidential
information, generates a proof of their knowledge using
func(makeProof), and sends this proof to the Verifier. The
Verifier then uses func(checkProof) to verify the proof’s
validity and concludes the process by obtaining the results.
This succinctly illustrates the ZKP methodology where the
Prover can affirm the possession of confidential information
without revealing any information itself, thus preserving
privacy.
Figure 4: Privacy Preservation techniques based on Zero
Knowledge Proof where a formal proof performed by a Verifier
helps verify program’s execution from a Prover.
Within the broader category of ZKPs, variations have
emerged to cater to specific needs. One such adaptation is
the non-interactive variant of ZKP (NIZK) [67, 152]. In
this NIZK variant, computational zero-knowledge is realized
without needing the certifier and verifier to engage directly,
as long as they both have access to a shared standard ref-
erence string. This finds applications in blockchain, where
all account balances are encrypted on the chain [146, 175].
When an individual wishes to transfer funds, they can em-
ploy ZKPs to substantiate their ample balance while obscur-
ing the actual balance [146].
Zcash, a ZKP derivative, leverages a type of zero-
knowledge proof called zk-SNARK (Zero-Knowledge Suc-
cinct Non-Interactive Argument of Knowledge), which con-
structs a pool of chaff-coins via the Quadratic Arithmetic
Program [149, 85]. The zk-SNARK proof variation was
first introduced by Bitansky [26] and subsequently formed
the foundation of the Zcash protocol [93]. zk-SNARKs and
its newer version zk-STARKs (Zero-Knowledge Scalable
Transparent Arguments of Knowledge) offer cryptographic
means to prove knowledge without revealing the information
itself [131, 144]. zk-STARKs is an evolution that provides
similar benefits to zk-SNARKs without needing a trusted
setup. They are also post-quantum secure, making them
future-proof against quantum computing threats [144]. The
Zcash mechanism employs zk-SNARKs and zk-STARKs to
validate transactions, ensuring user privacy remains uncom-
promised [149].
3.6. Differential Privacy
Differential privacy, a paradigm conceived by Cynthia
Dwork [57], has been acknowledged for pioneering in safe-
guarding individuals’ privacy in computational processes
[59]. At the heart of this framework is a mathematically
Page 9 of 26
 Survey on Ethereum Pseudonymity
rigorous guarantee: an adversary’s knowledge about an in-
dividual remains invariant, whether or not the individual’s
data is part of the computational dataset. Given two adjacent
databases, 𝐷1 and 𝐷2, that differ by precisely one record,
the probabilities of obtaining any specific output from these
databases should be nearly identical [57, 60]. Consequently,
an adversary remains indecisive about the database of ori-
gin for a particular output, which implies that, even when
equipped with supplementary data, the adversary needs to
gain additional insights about the individual in question.
The concept is exemplified in Figure 5, which outlines
the fundamental operation of differential privacy. The two
databases, 𝐷1 and 𝐷2, differ by only one record. When
each is subjected to an equivalent analysis or computation,
the resulting answers, 𝐴 for 𝐷1 and 𝐵 for 𝐷2, should be
nearly indistinguishable. This ensures that the participation
of an individual’s record in either database does not provide
significant information that could lead to their identification.
Figure 5: Differential Privacy safeguards blockchain users’ data
published onchain with nearly identical outputs when being
processed.
The efficiency of differential privacy is parameterized by
the privacy constant, 𝜀, and the cumulative queries executed
over a duration [57, 60, 58]. The smaller the value of 𝜀,
the stronger the privacy guarantee; however, it often comes
at a utility cost. Notable applications of differential privacy
include its integration in systems like the U.S. Census Bu-
reau’s OnTheMap [1], Google’s RAPPOR, Apple, and Mi-
crosoft [105], showcasing its practical usage so far. Moving
from a theoretical approach to real-world implementation
presents challenges, including requiring a skilled person
and an appropriate computing development environment and
determining the most favourable 𝜀 parameters [78].
In recent years, the blockchain landscape has identified
the potential of incorporating differential privacy mecha-
nisms [125, 90, 73]. For instance, research has been con-
ducted on using differential privacy and blockchain together
with Bitcoin [114]. These studies [114] aim to find ways of
preserving privacy in the overall structure of the blockchain
and to evaluate the effectiveness of differential privacy in im-
proving anonymity. Such integrations are paramount when
adversaries exploit blockchain records to deduce sensitive
Jamwal et al.: Preprint submitted to Elsevier
user information, especially during federated learning pro-
cesses or while chronicling crowd-sourced endeavours [90,
73, 97, 96].
A notable stride in this direction was the introduction of a
blockchain-centric data-sharing framework [73]. This novel
approach empowers data proprietors with the capability to
oversee anonymization procedures, thereby thwarting poten-
tial data mining-centric threats targeted at blocking informa-
tion. Using local differential privacy (LDP) in conjunction
with blockchain has also been an approach - LDP is a
privacy-preserving technique that ensures individual privacy
while allowing statistical data analysis [59]. By combining
blockchain and LDP, a secure genomic data management
system was built that addresses privacy concerns associated
with sharing gene data using LDP.[145].
3.7. Homomorphic Encryption
Homomorphic Encryption (HE), a significant advance-
ment in cryptographic techniques, facilitates operations di-
rectly on encrypted data, obviating the need for decryption
prior to computation [79, 53]. For example, in blockchain-
based healthcare services, HE enables data analytics on pa-
tient records without exposing individual data [189]. There
are primarily two forms of HE: Fully HE (FHE) and Partially
HE (PHE). FHE allows for addition and multiplication oper-
ations on encrypted data, whereas PHE restricts operations
to addition or multiplication [133]. This capability paves the
way for more secure data processing and holds particular
promise for blockchain applications.
These FHE and PHE encryption schemes have been pro-
gressively integrated into blockchain frameworks, fortifying
data privacy even during computational phases. Such imple-
mentations become indispensable for sectors handling crit-
ical and sensitive data. Within the blockchain domain, exe-
cuting private smart contracts or undertaking computations
on confidential data without compromising data integrity
is invaluable [113]. Also, in blockchain-based healthcare
services, where patient records demand utmost confidential-
ity, HE allows data analytics and research without exposing
individual patient data [189, 167].
Implementing HE in blockchains poses several chal-
lenges due to blockchain systems’ specific needs and proper-
ties. The computational demands of operating on encrypted
data, mainly using FHE, can hinder the blockchain’s per-
formance and scalability. Designing effective HE schemes
should balance robust security and practical computation
with processes to ensure accurate decryption. Integrating en-
cryption into established blockchain architectures demands
attention to compatibility and maintaining the decentraliza-
tion structure. Beyond technical aspects, there are regulatory
and legal hurdles since privacy norms differ globally, em-
phasising adherence to global regulations. The complex na-
ture of HE requires enhanced educational awareness and ex-
pertise among blockchain developers and researchers [167].
Page 10 of 26
 Survey on Ethereum Pseudonymity
4. Deanonymization Techniques on Ethereum
With its open ledger, Ethereum offers unparalleled trans-
parency, where every transaction is auditable. However, this
transparency does not equate to a complete loss of pri-
vacy. Users can interact with the Ethereum network through
pseudonymous addresses, ensuring transactions are visible
while the real-world identity of the actors remains obscured.
Despite employing a number of privacy-preserving tech-
niques on Ethereum-based platforms, there is still a possi-
bility that sensitive information about users, including their
real-world identities, can be inferred and revealed. Ethereum
has been at the center of several deanonymization attacks,
ranging from simple address clustering to sophisticated traf-
fic analysis techniques.
4.1. Account-based vs UTXO Transaction Models
Ethereum employs an account-based transaction model,
distinguishing itself from the UTXO model of Bitcoin. As
illustrated in Figure 6, instead of dealing with unspent trans-
action outputs, Ethereum maintains a global state of ac-
counts where each account possesses an associated balance,
and in the case of smart contract accounts, related code
and internal storage [32]. Transactions in this paradigm
directly alter this global state by transferring Ether between
accounts or invoking operations in smart contract accounts,
as depicted in the right side of Figure 6. This framework
facilitates intricate interactions with smart contracts and the
subsequent development of DApps.
Figure 6: Comparison of UTXO vs Account-based Transaction
Models for cryptocurrencies and/or tokens in Blockchain
systems.
The UTXO and the account-based models are founda-
tional paradigms that track asset ownership on blockchains.
The UTXO model, adopted by Bitcoin and shown on the left
side of Figure 6, operates on a principle where transactions
consume and produce outputs, with the blockchain’s state
being defined by these unspent outputs [134]. For instance,
in Figure 6, the UTXO model illustrates the changes in the
list of UTXOs in a blockchain network after each state (e.g.,
a new block is generated) in which UTXOs are combined
and produced (e.g., UTXO2 and UTXO3 are combined in
a transaction and UTXO8 is produced accordingly as the
output of the transaction). Technically, in the UTXO model,
Jamwal et al.: Preprint submitted to Elsevier
cryptocurrencies (i.e., tokens) are linked to specific outputs,
and users own private keys to claim ownership of these
outputs. The UTXO model is expected to provide anonymity,
as the unused transaction information is confidential; it also
promotes privacy due to its decentralized transaction linkage
and is amenable to parallelism in transaction validation.
In comparison, the account-based model implemented
by Ethereum is similar to a conventional bank account
system where each account has an explicit balance. Trans-
actions in this model adjust account balances, leading to
a direct association between transactions and account ad-
dresses. The design facilitates intricate smart contract func-
tionalities and provides a structure that resonates with tra-
ditional financial frameworks. In the account-based model,
Ethereum uses accounts as explicit entities. There are two
types of accounts in Ethereum: user accounts, also known
as Externally Owned Accounts (EOA), and smart contracts.
Transactions in Ethereum are changes in the account bal-
ance. The account-based model allows for complex state
transitions through smart contracts written in a Turing-
complete scripting language.
Ethereum’s account-based model and UTXO have dif-
ferent approaches to handling transactions and account bal-
ances. The account-based model in Ethereum allows for
complex state transitions through smart contracts. In con-
trast, the UTXO model provides anonymity and can run in
parallel. Both models have advantages and disadvantages,
and the choice between them depends on the specific require-
ments of the blockchain platform [121].
4.2. Differences in the Deanonymization
Approaches in Ethereum and Bitcoin
Focusing on the architectural difference highlighted in
Figure 6, the deanonymization techniques differ between
Bitcoin and Ethereum due to their foundational transaction
models. As a pure P2P cryptocurrency, Bitcoin’s primary
intent was to offer an electronic cash system free from
centralized intermediaries. Its pseudonymous nature, under-
pinned by unique alphanumeric addresses, ensured that the
entities behind them were not immediately discernible while
transactions were public [4, 46]. Ethereum, proposed in late
2013 by Vitalik Buterin [32], is not just a cryptocurrency
but a platform for decentralized applications. Unlike Bit-
coin, which was designed primarily for P2P transactions,
Ethereum introduces a more versatile scripting language that
allows for the creation and execution of smart contracts on
its platform. These contracts are self-executing, with the
agreement directly written into lines of code, fostering a
broad spectrum of decentralized applications. This leads to
more complexity in preserving privacy in Ethereum-based
systems [18, 31].
While both Bitcoin and Ethereum provide pseudony-
mous interactions on their respective blockchains, the meth-
ods to deanonymize or link these pseudonyms to real-world
identities vary due to their internal architecture and pur-
poses. Bitcoin’s UTXO model and its focus on value trans-
fer have led to specific deanonymization techniques, such
Page 11 of 26
 Survey on Ethereum Pseudonymity

Table 3
Comparison of Deanonymization Techniques: Ethereum vs. Bitcoin.
Technique Bitcoin
Transaction Graph Analysis TGA relies on the simpler UTXO model. It
[35, 127] primarily uses the common input ownership
heuristic, suggesting that all transaction in-
puts likely belong to one entity. The model
is straightforward and capable of capturing
complex transaction patterns unique to Bit-
coin.
Address Reuse & Cluster Bitcoin’s vulnerability to address reuse makes
Analysis [107, 89] it more amenable to cluster analysis, as
addresses can be grouped to identify users
potentially. The transparency of its transac-
tions simplifies this process.
Off-Chain Data Cross- In Bitcoin, linking transactions with off-
Referencing [81, 107] chain data like KYC(Know Your Customer)
information and social media activity can
effectively deanonymize users by associating
on-chain activities with real-world identities.
Timing Analysis [136, 18] Bitcoin’s timing analysis is effective for pro-
filing users, as transaction patterns, like fre-
quency and regularity, can be more easily
correlated with specific behaviours due to the
regularity and simplicity of Bitcoin transac-
tions.
Network Traffic Analysis [42, In Bitcoin, network traffic analysis helps iden-
24] tify transaction origins and pinpoint node lo-
cations, thus potentially revealing user identi-
ties. The analysis benefits from Bitcoin’s less
complex transaction model.
Machine Learning [18, 182, Machine learning techniques such as entity
41, 159, 62] identification and graph representation learn-
ing are utilized for deanonymization, which
analyzes transaction networks and money
flows, focusing on identifying and categoriz-
ing entities and detecting illegal activities.
Ethereum
TGA is more complex due to the layered
interactions involving smart contracts and
internal transactions. This complexity allows
for a deeper, though more challenging, anal-
ysis of transaction flows and user behaviours.
Ethereum’s norm of address reuse is similar
to Bitcoin, but the presence of smart con-
tracts acting as mixers introduces additional
complexity. It requires more sophisticated
methods to differentiate between user and
contract addresses.
Ethereum’s application of off-chain data
cross-referencing is similar to Bitcoin’s. How-
ever, the involvement of smart contracts and
diverse transaction types adds layers of com-
plexity in drawing direct associations between
on-chain activities and real-world identities.
Ethereum’s transaction timing offers insights
into user habits and locations, but the com-
plex nature of transactions, including inter-
actions with smart contracts, adds additional
layers to the analysis.
In Ethereum, it is used to study the network’s
propagation patterns and node distribution.
The diverse node distribution in Ethereum
complicates the analysis but helps identify
security threats and inefficiencies.
Machine learning can analyse transac-
tion data and identify patterns that can
deanonymize users by pairing Ethereum ac-
counts of the same user and identifying
sensitive activities linked to public identities.

as the “common input ownership” heuristic [4, 46]. In
contrast, Ethereum’s account-based model and the com-
plexity introduced by smart contracts require a different
approach to deanonymization, focusing more on contract
interactions, internal transactions, and gas usage patterns
[18, 31]. Thus, while both blockchains share the broad goal
of pseudonymity, the nuances in their designs have spawned
diverse challenges and methods in forensic analysis and
deanonymization [19].
4.3. Address Clustering Technique
Address clustering is one of the most salient techniques
for Blockchain, including Ethereum, deanonymization [139,
63, 39]. The key idea driving this is that addresses used
as inputs in a single transaction are likely controlled by
the same entity, thereby allowing for the grouping of ad-
dresses into clusters representing individual users or entities
[173, 187, 102] as shown in 7. A common practice among
cryptocurrency users is to use a fresh address for every
transaction to protect their privacy. However, when users
try to consolidate funds from multiple addresses or spend
more than they have in a single address, they unintention-
ally link these addresses, allowing for clustering [39, 187].
This inadvertent linkage creates identifiable patterns, which,
when analysed, can help deanonymize users or at least link
multiple addresses to a single entity [157, 35, 187].
Another aspect to consider is the “change address”. In
scenarios where the output value of a transaction is less than
its input, a change address is often returned the remaining
balance. In comparison, Ethereum’s account-based model
does not function precisely like Bitcoin’s UTXO model, the
concepts of fund consolidation and distribution across ad-
dresses still apply and can be exploited for clustering. While
address clustering can provide valuable insights, it is crucial

Jamwal et al.: Preprint submitted to Elsevier Page 12 of 26

 Survey on Ethereum Pseudonymity
to approach its results with caution. False positives, where
unrelated addresses are incorrectly linked, can occur. This
mandates using supplemental information or techniques to
validate the associations derived from clustering.
Figure 7: Address clustering technique groups some addresses
that might belong to a user (i.e., e1 or e2)
In the context of Ethereum, tools like Tornado Cash
have emerged to enhance transactional privacy [147, 109].
Tornado Cash, a non-custodial coin mixer on Ethereum,
is designed to protect the privacy of addresses [147, 109].
However, certain transaction behaviours within its mixing
mechanism can lead to potential privacy risks. Specifically,
malicious attackers can link multiple addresses of the same
users based on transaction data. This highlights the chal-
lenges and nuances of maintaining privacy even when us-
ing additional privacy-preservation techniques designed to
enhance it [178].
4.4. Transaction Graph Analysis
Transaction Graph Analysis (TGA) leverages graph the-
ory to map out the intricate web of blockchain transac-
tions. Nodes correspond to individual addresses, and di-
rected edges trace the movement of currency, revealing
transaction volumes and patterns [107]. For instance, TGA
is used to depict a typical daily transaction graph where
nodes, indicated by PageRank metrics, represent critical
actors within the blockchain as illustrated in Figure 8. These
nodes significantly influence the flow of cryptocurrency due
to their high transaction volumes. This method is integral
to detecting typical and anomalous behaviour within the
network, which is essential for security analysis and market
research [11, 127].
TGA has become a pivotal tool in privacy research,
uncovering the blockchain’s pseudonymity limits and iden-
tifying traceable patterns that could lead back to real-world
entities [4, 35, 72, 158]. It faces challenges from evolving
blockchain features, like smart contracts, and obfuscation
methods such as tumblers [74, 42, 103]. In addressing se-
curity concerns, graph analysis has revealed the identities
behind Ethereum attacks by dissecting transaction data asso-
ciated with various security breaches [35, 42, 119, 210, 100].
Advances in TGA have enabled the rapid analysis of exten-
sive data, such as in the work of researchers who analyzed
Jamwal et al.: Preprint submitted to Elsevier
millions of Ethereum transactions to identify blacklisted ad-
dresses and potential security threats within seconds [110].
Figure 8: Transaction Graph Analysis technique used PageR-
ank metrics over the volumes of transactions to characterise
different types of nodes in Bitcoin network
4.5. Transaction Fingerprint and Timing Analysis
Transaction fingerprint is a specialised technique used
predominantly in blockchain analytics, focusing on some
unique attributes of transactions, including the temporal
attributes such as Hour of Day, Time of Day, Time of Hour,
and Random time-interval so-called Timing Analysis [4,
18]. Generally, by analyzing the timestamps of transactions
within a blockchain, timing analysis endeavours to identify
patterns, correlate activities, and potentially deduce the iden-
tities or behaviours of participants [136]. The foundational
theory of the timing analysis in blockchain revolves around
the observation that while addresses may be pseudony-
mous, their activities, marked by timestamps, are transparent
[4, 18]. This transparency means that by merely analyzing
the frequency, regularity, or timing of transactions from a
specific address, it might be possible to glean information
about the user or entity behind it. For instance, patterns
that emerge, such as transactions consistently occurring at
specific times of the day, can provide hints about the user’s
timezone or habits [18].
Other transaction fingerprints can also be Coin-Flow
and Input/Output balance [4] so that when combined with
the temporal attributes, it might increase the probability to
deanonymize individual users. For instance, Androulaki et
al. have based on the transaction fingerprints of Bitcoin
transactions in a university campus to successfully identify
40% user profiles, even when the users generate new ad-
dresses for every transaction. This technique can be imple-
mented for Ethereum and Bitcoin transactions, regardless
of their transaction models (i.e., account-based and UTXO)
[136, 18].
A notable application of the transaction fingerprint tech-
nique is the study of user behaviours concerning exchange
platforms [181]. For example, when a user interacts with a
decentralized exchange, there is often a discernible delay
between when funds are sent to an exchange address and
when they are withdrawn or traded. By closely examining
Page 13 of 26
 Survey on Ethereum Pseudonymity
these time deltas and cross-referencing them with off-chain
events like exchange downtimes or high trading volumes,
researchers can get insights into user strategies, preferences,
or even identities in some cases [14, 181].
Despite its usefulness, this analysis comes with certain
limitations. The increasing adoption of privacy-enhancing
technologies and best practices, like CoinJoin or mixers,
can obfuscate transaction patterns, making pure timing-
based analysis less effective. Furthermore, as blockchains
grow and transaction volumes swell, the sheer number of
transactions can make it challenging to definitively correlate
events solely based on timings [155].
4.6. Network-Level Analysis
Blockchain operations depend on a peer-to-peer net-
work, making understanding this layer crucial for improv-
ing system efficiency and examining vulnerabilities. Since
blockchain interactions leave traces at the network layer,
their study can reveal insights into on-chain pseudonymity
[92]. The network-level analysis investigates interactions,
data flows, and traffic in blockchain networks, seeking in-
formation about nodes, transactions, and user behaviour
[25, 23]. Central to this analysis is traffic pattern examination
[24]. When a transaction is broadcast, it initially reaches
a few nodes before spreading network-wide. Identifying a
transaction’s origin or early receivers helps pinpoint the
initiator. Analyzing block propagation can hint at miners’
locations or identities.
This approach helps identify Sybil attacks, where at-
tackers create many nodes to disrupt traffic [193]. Recent
research has shed light on a significant privacy concern: the
exposure of Bitcoin users to vulnerabilities through Tor’s
hidden services [2]. Tracing a Bitcoin transaction back to
its origin is feasible by scrutinising publicly available data.
Linking a previous transaction to a specific Bitcoin address
can reveal the user’s identity. This revelation highlights
a critical intersection between blockchain technology and
user privacy, underlining the need for enhanced security
measures in blockchain networks to protect user anonymity
[2].
4.7. Machine Learning-based Analysis
Machine learning has revolutionized blockchain analysis
by enabling the identification of complex patterns within
transaction data. These algorithms analyze large datasets to
uncover transaction frequencies, amounts, timing, and in-
teractions between addresses, aiding in profiling blockchain
users and potentially linking pseudonymous addresses to
real-world identities [18]. This capability extends to iden-
tifying control over multiple addresses by single entities,
which is crucial for deanonymization efforts. Complement-
ing this, graph databases provide a powerful means to vi-
sualize and analyze the interconnectedness of transactions
and addresses, unveiling fund movement and interaction
patterns that are key to understanding blockchain dynamics
[75, 18, 41].
In parallel, Natural Language Processing (NLP) and
predictive analytics contribute significantly to the depth of
Jamwal et al.: Preprint submitted to Elsevier
blockchain analysis. By analyzing transaction-related textual
data and public forum discussions, NLP techniques help
correlate on-chain activities with real-world identities [159],
which could add another dimension to deanonymization
methodologies. Predictive analytics using historical data
could forecast future transaction patterns and behaviours
in blockchain, identifying unusual or user-specific patterns.
These insights are crucial to uncovering the hidden aspects
of pseudonymity in blockchain, offering a deeper under-
standing of user behavior that necessitates further study
[41, 18, 159].
This section has elucidated various deanonymization
techniques, each with a unique facet of potential vulnerabili-
ties within the Ethereum network. From address clustering’s
propensity to link multiple addresses to transaction graph
analysis’s power to reveal intricate transactional relation-
ships to the subtle cues offered by timing analysis and the
holistic insights of network-level examinations, each method
offers a glimpse into the hidden intricacies of user interac-
tions. However, these techniques are not without challenges,
demanding continuous refinement in light of the evolving
blockchain ecosystem.
5. Countermeasures for Deanonymization on
Ethereum platforms: the Road Ahead
Although revolutionary for its decentralized and im-
mutable characteristics, blockchain technology confronts
significant privacy preservation challenges. The public na-
ture of permissionless blockchain ensures transparency but
may also inadvertently expose some sensitive information.
Ethereum is not an exception, even though it is renowned
for its pseudonymous nature, as the platform maintains
public transactions without directly revealing real-world
identities—the trade-off between its pseudonymous nature
and the risk of exposing sensitive transactional information.
Privacy preservation in permissionless blockchain systems
like Ethereum is a pivotal yet intricate endeavour, and
achieving the ideal balance between transparency, security,
and privacy still presents a multifaceted set of challenges.
In this section, we delve into the complex landscape of pri-
vacy preservation in permissionless blockchain systems like
Ethereum, exploring the intricate challenges and potential
solutions.
5.1. Openness versus Privacy: a Long-standing
Challenge
Ethereum, often complimented for its transparency and
decentralized nature, inherently poses significant challenges
when ensuring user privacy. This subsection discusses the
inherent conflict between Ethereum’s design priorities and
privacy concerns. The system design and techniques imple-
mented in the Ethereum blockchain prioritise transparency
over anonymity. This intrinsic design ensures trustworthi-
ness among decentralized nodes, as every transaction is ver-
ifiable by any participant. However, the flip side to openness
is that all transaction details become publicly available. Even
Page 14 of 26
 Survey on Ethereum Pseudonymity
though Ethereum offers pseudonymity to an extent through
unique cryptographic addresses, they should go further than
that to provide better privacy. Balancing the scale between
openness and privacy preservation becomes a complex en-
deavour deeply rooted in the foundational principles of tech-
nology. However, this transparency comes at the cost of
privacy, as detailed below.
• Immutable Public Ledgers: At the core of permissionless
blockchains like Ethereum is a publicly available im-
mutable record of all transactions. While this design en-
sures transparency and trustworthiness, it exposes trans-
action details to the public [150]. Finding ways to conceal
specific transaction data without compromising ledger
integrity is challenging.
• Transparency in Smart Contracts: Ethereum’s smart con-
tracts, in enabling programmable transactions, are visible
on the blockchain. The contract’s transparency can inad-
vertently expose private logical methods or data. The data
in these contracts can also be publicly accessed [106].
For example, suppose a smart contract is designed to
store user data or credentials. This data is visible on the
blockchain unless specific privacy-enhancing techniques
are employed, like zk-SNARK [149, 85].
The transparency of the Ethereum blockchain allows any-
one to view all transactions and smart contract interac-
tions. This lack of privacy can be a barrier for individuals
and organizations that require confidentiality for their
transactions [69]. Several privacy-enhancing technolo-
gies, such as mixers [126, 147, 166], stealth addresses
[47], and confidential transactions[31], have been pro-
posed and deployed to enhance blockchain-level privacy.
These technologies aim to obfuscate transaction details
and protect participants’ privacy on the blockchain.
5.2. Blockchain-related Technical Challenges
Some technical challenges hinder the efficiency and ef-
fectiveness of privacy preservation techniques in blockchain-
based systems due to the nature of permissionless blockchain
platforms. These challenges are always must-considered fac-
tors for any privacy preservation techniques, which include
(i) the balance between anonymity and pseudonymity, (ii)
the trade-off between the high cost of computation and
storage, the scalability and the user privacy, and (iii) the
interoperability between on-chain and off-chain computation
and storage.
• Pseudonymity vs Anonymity: Ethereum operates on a pub-
lic ledger where transactions are tied to pseudonymous
addresses. These addresses, commonly denoted as a 42-
character hexadecimal string (e.g., 0𝑥...), serve as an iden-
tifier on the Ethereum network. Unlike real-world identi-
ties, these addresses provide a degree of pseudonymity but
not anonymity (i.e., absolute privacy) [77]. As presented
in Section 4, vulnerabilities like pattern and behavioural
analysis over the Ethereum transaction graph, repeated
usage of Ethereum addresses in various interactions, and
Jamwal et al.: Preprint submitted to Elsevier
Table 4
Understanding the multifaceted complexities of Smart Con-
tracts development in Ethereum.
Complexity
Description
Types
Computational resources consumption.
Computational
It is associated with gas costs, requiring
Complexity [41]
optimisation for cost efficiency.
Rigorous validation for Smart Con-
Logical
tracts as any mistakes can lead to
Complexity
[22, 10]
unintended consequences, including fi-
nancial losses.
Inter-contract Dependencies among Smart Contracts
Complexity emerging complexity as a Smart con-
[101] tract can invoke others.
Usability
Requirement for user-friendly inter-
Complexity
faces with abstraction layers.
[45]
associating Ethereum addresses with identifiable data on
external platforms can expose user identities. Anonymity
is the form of privacy that we are targeting. Unfortunately,
it comes with some far-reaching implications.
• Scalability and Privacy Trade-offs: Privacy-preserving
cryptographic techniques, like zk-SNARKs, which are
utilized in specific Ethereum-based applications, pose
substantial computational and storage usage [131]. Incor-
porating these methods can lead to increased block veri-
fication times and higher gas fees. Ethereum developers
would have to weigh the benefits of enhanced privacy
against the potential drawbacks regarding system perfor-
mance and transaction efficiency.
• Interoperability Concerns: The drive towards blockchain
interoperability—different chains communicating and trans-
actions pose privacy concerns. A transaction might main-
tain privacy within one chain but risk exposure during
cross-chain operations.
5.3. Complexity of Smart Contracts
Smart contracts, as implemented in blockchain platforms
such as Ethereum, have introduced a paradigm shift in
executing contractual agreements [32]. Their inherent nature
enables automation, trust, and decentralization. However, as
shown in Table 4, with these advantages come complexities
both in their design and operations, which result in complica-
tions in guaranteeing security and privacy effectively [218].
• Computational Complexity: Every operation in a smart
contract, from arithmetic operations to storage, consumes
a certain amount of computational resources. Especially
in platforms like Ethereum, these operations are associ-
ated with gas costs [41]. Optimising the computational
tasks within a contract is paramount for cost efficiency
and ensuring the contract does not run out of gas, which
would result in a failed transaction.
Page 15 of 26
 Survey on Ethereum Pseudonymity
Figure 9: Forthcoming solutions for enhancing privacy on the Ethereum blockchain, encompassing mixers, P2P security, Layer-2
scaling, and educational initiatives.
• Logical Complexity: Ensuring a contract behaves as in-
tended requires rigorous validation, given the immutable
nature of blockchains [22]. Once deployed, a contract’s
logic cannot be altered. Mistakes can lead to unintended
consequences, including financial losses [10].
• Inter-contract Complexity: Smart contracts can invoke
other contracts, creating a web of dependencies [101].
This can lead to emergent complexities that are harder to
predict at the time.
• Usability Complexity: For non-technical users, smart con-
tracts’ intricacies, deployment, and management can be
overwhelming [45]. User-friendly interfaces and abstrac-
tion layers are essential to make smart contracts accessible
to a broader audience.
5.4. Forthcoming Solutions
Potential innovative countermeasures for deanonymiza-
tion have breathlessly been developed in the Ethereum
ecosystem. These emerging solutions range from advanc-
ed cryptographic techniques to off-chain strategies, from
network-level security to system scalability while strength-
ening user privacy and security. We will delve into using
mixers, network-layer security improvements, Blockchain
layer-2 scaling techniques, and educational initiatives that
collectively contribute to the Ethereum blockchain’s ro-
bustness and resilience. As illustrated in Figure 9, these
countermeasures span multiple stakeholders, including wal-
let service, centralised third-party service, and the layered
Ethereum platform (e.g., Application, Layer-2, Consensus,
and P2P Network Layers).
Jamwal et al.: Preprint submitted to Elsevier
5.4.1. Use of Mixers
Ethereum mixers either function as third-party services
(i.e., centralised mixer, generally integrated with an ex-
change) or a decentralized mixer (i.e., operated at the Ap-
plication layer in the Ethereum layered stack as depicted in
Figure 9) that help users obfuscate their transactions. By
sending their Ether to the mixer, users receive another set
of Ether from a different address that cannot be directly
linked to their original one. Decentralized mixers seem to
be a prospective solution, and several cryptocurrencies have
developed this approach to their protocols, such as Tornado
Cash [147] and Zether [31].
Tornado Cash is a decentralized Ethereum mixer that
uses zk-SNARKs to ensure that the outgoing transaction
cannot be linked to the corresponding deposit, thereby break-
ing the on-chain link between the source and destination
addresses [147]. Zether is a fully decentralized, confiden-
tial payment mechanism compatible with Ethereum’s con-
sensus model. It uses zero-knowledge proofs, specifically
Bulletproofs, to maintain transaction confidentiality [31].
Bulletproofs are a non-interactive zero-knowledge proof sys-
tem that greatly reduces computational overhead and proof
sizes. In comparison against systems like zk-SNARKs [131],
Zether does not require a trusted setup. This presents a
considerable advantage as such setups can become critical
vulnerabilities if they were to be compromised.
5.4.2. P2P Network-layer Solutions
The P2P layer of blockchain technology presents unique
challenges and opportunities for user anonymity, particularly
within the Ethereum ecosystem. A deeper analysis employ-
ing network and data traffic indicators reveals a pressing
need to deploy sophisticated privacy-preserving techniques
rapidly [77]. Integrating the Tor network with blockchain
Page 16 of 26
 Survey on Ethereum Pseudonymity
technology significantly enhances anonymity and exposes
distinct packet characteristics that may compromise privacy
[92].
Recent advancements in P2P protocols demonstrate
the potential to obfuscate the origin and destination of
blockchain transactions, thereby strengthening anonymity
[148]. These advancements include onion routing [40, 104]
and cryptographic shuffling [111], instrumental in con-
cealing user 𝐼𝑃 addresses and transaction details from
network observers. Such techniques are imperative in an
era where blockchain forensic tools are increasingly adept
at deanonymizing P2P ledger activities.
The advocacy for anonymous communication channels,
particularly the Tor network, emphasizes the necessity of
access-related privacy within decentralized architectures.
The scholarly consensus points towards the need for systems
that enable users to conduct and retrieve transactions without
revealing network addresses or transaction specifics. This
requirement extends to access transaction details without di-
vulging individual transactional behaviours or preferences,
preserving privacy against traffic analysis attacks [92, 148].
Integrating privacy-focused P2P solutions with Ethere-
um’s smart contracts and DApps can address some of the in-
herent limitations of public blockchains in protecting trans-
actional privacy. Such integrations could also facilitate a
more secure and private infrastructure for decentralized fi-
nance (DeFi) applications, which are particularly sensitive
to the risks of financial privacy breaches.
5.4.3. Layer-2 Solutions
Layer-2 scaling solutions address the scalability and
privacy challenges inherent to Ethereum’s Layer-1. These
solutions operate on top of the Ethereum mainnet (Layer-
1). Being Layer-2 solutions, these methods operate on top
of the Ethereum mainnet and can process transactions more
efficiently, offering scalability and enhanced privacy [117].
One of the prominent Layer-2 solutions is Rollups, a
technique that uses Layer-2 network entities to process com-
ponent transactions outside of the main-chain. These entities
then interact with the blockchain through smart contracts to
post transaction data to the main chain as calldata. Rollups
provide a mechanism to batch multiple transactions into one
transaction, reducing the on-chain data footprint. By aggre-
gating multiple transactions, Rollups enhance the through-
put and make it more challenging for adversaries to analyze
individual transactions, offering privacy [180].
There are two primary types of Rollups: zk-Rollups and
Optimistic Rollups [180]. zk-Rollups technique utilizes zk-
SNARKs to bundle multiple transactions into a single proof,
which is then submitted to the main-chain. This ensures
scalability and provides a layer of privacy due to the suc-
cinct nature of zk-SNARKs [135]. The integration of zk-
SNARKs, a privacy cryptography protocol, and zk-Rollups,
a Layer-2 scaling solution, plays a crucial role in improving
the scalability and privacy of the Ethereum ecosystem. This
Jamwal et al.: Preprint submitted to Elsevier
integration facilitates the aggregation of hundreds of trans-
actions into one, significantly enhancing scalability and pri-
vacy on the Ethereum blockchain [117]. One of the notable
Ethereum’s zk-SNARKs integration methods, Ethereum’s
Istanbul upgrade, has brought notable changes in gas costs,
allowing for zk-SNARKs operations to be more affordable
and hence paving the way for more private transactions on
Ethereum [131].
Another type of Rollups is Optimistic Rollups tech-
nique, which posts the transaction data to the main-chain
but executes them on the Layer-2 network [7]. Unlike zk-
Rollups, this Optimistic Rollups technique does not use
ZKP-variants; instead, it assumes transactions are valid by
default and only runs computations in case of a challenge us-
ing its dispute resolution mechanism [7]. To do so, optimistic
rollups implement a fraud-proving scheme to detect incor-
rect transactions by computing a fraud-proof for the chal-
lenge [7, 163]. Ethereum co-founder’s belief in rollups as a
promising solution for Layer-2 functionality in Ethereum 2.0
underscores their importance in addressing scalability issues
while maintaining data privacy and availability [171, 196].
A new development in the Ethereum ecosystem called
Proto-Danksharding is an evolution of sharding technology
to improve network scalability. It is designed to increase the
space available for processing large volumes of data, thereby
enhancing the overall efficiency of the Ethereum network.
This approach is expected to reduce gas fees significantly
and speed up transaction processing, making Ethereum more
scalable and capable of supporting a more extensive user
base [68].
5.4.4. Off-chain Solutions
Off-chain solutions allow transactions to be processed
at a third-party centralised server, outside the Ethereum
main-net, with only the final state or a summary updated
on the main chain [112]. The off-chain solutions primarily
cooperate with the blockchain main-net at Layer-2 to record
the final state or updates on-chain using several Layer-2
on-chain/off-chain interaction techniques, including State
Channels and Plasma. This approach offers significant ad-
vantages in terms of both scalability and privacy [112].
• State Channels: State channels are two-way pathways
opened between two participants. Once a state channel
is opened, participants can transact amongst themselves
without involving the main chain [61]. Only their transac-
tions’ final state is recorded on the Ethereum blockchain.
This ensures rapid and cost-effective transactions and
provides privacy, as intermediate states are not publicly
recorded. State channels benefit applications where mul-
tiple rapid transactions are expected between participants,
such as in gaming or micro-payment scenarios [191].
• Plasma: Plasma is a framework that allows for the cre-
ation of child chains branching off the main Ethereum
chain. These child chains can process transactions in-
dependently, reducing the load on the main Ethereum
Page 17 of 26
 Survey on Ethereum Pseudonymity
chain [151]. Periodically, these child chains submit a sum-
mary of their transactions to the main chain. Since only
summaries are recorded on the main chain, individual
transaction details on the child chains remain obfuscated,
providing a layer of privacy [151].
5.4.5. Education and Privacy Awareness
As seen in platforms like Ethereum, the rapid advance-
ment of blockchain technology emphasizes the importance
of education and privacy awareness when navigating a bal-
ance between decentralization, pseudonymity, and regula-
tory compliance [154]. Although Ethereum provides a layer
of privacy through its inherent pseudonymity, it does not of-
fer complete anonymity. Users must be well-informed about
the nuances of their public addresses, transaction patterns,
and the potential for linkage to real-world identities to make
informed decisions about their on-chain activities.
As deanonymization techniques evolve, raising aware-
ness about these methods within the Ethereum community
is crucial. Workshops, webinars, and online resources can be
vital in disseminating knowledge about emerging threats and
countermeasures. While smart contracts have the potential
to revolutionize contractual paradigms, they also introduce
unique privacy challenges. Users require guidance on vetting
smart contracts, understanding their underlying logic, and
ensuring their interactions do not compromise personal data.
6. Regulatory-compliance for DApps
In April 2016, an important data protection regula-
tion, the GDPR (General Data Protection Regulation), was
adopted. It became enforceable in May 2018 and was created
by the European Parliament, the Council of the European
Union, and the European Commission [64]. While GDPR
primarily targets data protection within the EU and EEA, its
global implications affect any organization dealing with EU
residents’ data. GDPR aims to consolidate data protection
for all individuals within the European Union (EU) and
the European Economic Area (EEA), emphasizing giving
citizens and residents greater control over their data. Addi-
tionally, it aims to streamline the regulatory framework for
international businesses [64].
The utilisation of blockchain architecture has increased
since Nakamoto publicised the foundational article in 2009,
particularly after the inauguration of Ethereum in 2015
[134]. Since then, many solutions have relied on this de-
centralized database to process personal data. However,
the permanent nature of recorded data in these solutions
raises concerns about how to ensure GDPR compliance.
The challenge intensifies when considering the global na-
ture of blockchain technology and the varying data protec-
tion laws across different jurisdictions. This paper examines
the regulatory-compliance challenges and their implications
arising from the intersection of the GDPR and Ethereum,
focusing mainly on areas of compatibility and tension.
Jamwal et al.: Preprint submitted to Elsevier
6.1. Regulatory-compliance Challenges
Integrating blockchain technology, specifically Ethere-
um’s decentralized architecture, with the GDPR presents a
complex and challenging landscape [71]. At the core of this
tension lies the differing operational philosophies: Ethereum
operates on principles of decentralization and immutability,
whereas GDPR is built around individual data rights and
control. This dichotomy raises pertinent questions regarding
assigning roles like data controllers and processors within
a decentralized system, a fundamental aspect of GDPR’s
framework [176].
• Legal and Regulatory Complexity: Blockchain technol-
ogy’s cornerstone is its immutability. Once data enters
the blockchain, its alteration or deletion becomes impos-
sible. This characteristic directly challenges Article 17 of
the GDPR, which introduces the “right to be forgotten,”
granting individuals the privilege to request their personal
data’s deletion under predefined conditions [64]. Appli-
cations developed atop the Ethereum platform, which
inscribe personal data directly onto the blockchain, may
inherently breach the GDPR’s right to erasure. This has
led to extensive deliberations among technologists and
legal scholars [94]. sqlCopy code
• Regulatory and Compliance Pressures: Regulatory bod-
ies worldwide are increasingly interested in cryptocurren-
cies. Though often well-intended, their push for oversight
and transparency can place strains on maintaining user
privacy. For instance, as smart contracts can represent and
even automate real-world agreements, they often intersect
with traditional legal systems [194]. Determining the ju-
risdiction, applicability of laws, and the legal status of a
smart contract execution **presents unique** challenges.
6.2. Regulatory Implications
The decentralized nature of Ethereum, where multiple
nodes validate and record transactions simultaneously, dis-
rupts the traditional understanding of the three roles (i.e.,
Data Subject, Data Controller, and Data Processor) defined
in the GDPR. This dissonance complicates the identification
of responsible parties (e.g., lawful bases for data processing,
the obligations of the Data Controller, and the rights of
Data Subjects). It also raises concerns about accountability
in cases of regulatory breaches. Below are notable aspects
considered for harmonizing permissionless blockchains like
Ethereum with the GDPR [176].
• Right to be Forgotten: The GDPR, through Article 17, in-
troduces the “Right to be Forgotten”, allowing individuals
the power to have their personal data erased under certain
conditions [64]. This clashes directly with the immutabil-
ity feature of blockchain. It was mentioned that the inher-
ent unsuitability of decentralized systems like blockchain
for storing personal data [80]. Instead of hosting personal
data, blockchain’s strengths should be towards achieving
consensus and verification, with personal data storage
allocated to traditional systems. This aligns with Bitcoin’s
Page 18 of 26
 Survey on Ethereum Pseudonymity
initial design, which operates without storing directly
identifiable data. By using Ethereum addresses instead of
personal identification, the public ledgers sidestep many
GDPR issues.
A solution to reconcile the GDPR with blockchain is
through encryption [80]. It was pointed out that encrypted
personal data can fulfil GDPR’s erasure requirements if
the decryption key is held off-chain or destroyed. The
idea of a referenced approach was presented [183]. Var-
ious GDPR compliance proposals for blockchain include
Chameleon Hash for data modification, secret sharing for
more comprehensive modification access, cryptographic
deletion via Linkable Digital Multi-signature, minimal-
impact alteration with Reconstructable Ephemeral Key,
local Erasure Database for participant-led data removal,
blockchain-based authentication and authorization, and
Tree Structure for more straightforward data deletion [80].
• Automated Decisions and Smart Contracts: Smart con-
tracts, conceptualised by Szabo, execute contractual obli-
gations automatically [177]. However, this concept en-
counters GDPR’s Article 22, which grants individuals the
right to challenge decisions based exclusively on auto-
mated processing. The significance of integrating ’exit
strategies’ within smart contracts to ensure GDPR com-
pliance has been underscored in the past. These strate-
gies are essential for adapting smart contracts to legal
frameworks like the GDPR, allowing for adjustments in
response to automated decisions [51]. Consent remains
a significant element in the GDPR’s framework. Trans-
parent and explicit consent in blockchain contexts could
mitigate potential conflicts. This approach is particularly
effective when users can challenge or modify the conse-
quences of their consent.
• Cross-border transfer: The General Data Protection Reg-
ulation (GDPR) has specific provisions concerning trans-
ferring personal data across borders, particularly outside
the European Economic Area (EEA). Article 44 of the
GDPR [64] mandates that any transfer of personal data
which are undergoing processing or are intended for pro-
cessing after transfer to a third country or an international
organization shall take place only if the conditions laid
down in the regulation are complied with by the data con-
troller and processor, ensuring that the level of protection
guaranteed by the GDPR is not undermined [64].
In the blockchain and DApps context, the distributed
nature of blockchain technologies presents challenges in
ensuring GDPR compliance. Anonymizing personal data
in blockchains through public key cryptography may not
exempt it from GDPR, as pseudonymous data still qualify
as personal data under the regulation [150]. Adapting
blockchain to comply with GDPR’s data transfer require-
ments may require new legal frameworks or significant
modifications to existing ones [88]. One approach is ’data
localization’, which involves storing and processing data
within the data origin’s geographical boundaries. This
Jamwal et al.: Preprint submitted to Elsevier
method, however, may conflict with the decentralized
nature of blockchain [170].
In healthcare, where GDPR compliance is critical, block-
chain applications must carefully navigate data protection
and interoperability requirements. Ensuring patient data
transferred across borders via blockchain technologies
complies with GDPR is essential [91].
• Privacy by Design (PbD): The principle of “Privacy by
Design” (PbD) is a proactive approach for centralised
systems, suggesting that privacy considerations should be
central to any system or process design from its inception
[120]. The GDPR has enshrined this concept, making it
a legal requirement for any system handling the personal
data of EU citizens as the role of a Data Controller [183].
In DApps developed on blockchain platforms such as
Ethereum, the inherent decentralization characteristic of
these platforms is mirrored. This architectural choice
negates centralized control over the operations of DApps,
leading to the distribution of operational data across many
nodes. This distribution paradigm presents significant
deviations from traditional data management and privacy
protocols [94, 183, 219]. Recent scholarly discussions
have pointed out that the attributes underpinning the
revolutionary nature of DApps may concurrently result in
inherent challenges in aligning with GDPR compliance
[219]. Establishing a centralized oversight entity within
the decentralized sphere of DApps is a potential solution.
This entity would be tasked with monitoring, enforcing,
and rectifying potential GDPR breaches [165]. It could
also serve as a resource for standardized guidelines, best
practices, and tools, thereby ensuring the embedding of
privacy considerations at the core of DApps’ design under
the Privacy by Design principle.
While Ethereum’s principles may initially seem antithet-
ical to GDPR’s mandates, exploring avenues that harmo-
nize these conflicting foundations is imperative, particularly
in incorporating new technologies into existing regulatory
frameworks. This reconciliation is vital for ensuring the
coexistence and advancement of groundbreaking blockchain
capabilities and protecting user data, including ensuring ac-
countability of data processing as well as offering individual
data rights, as one of the ultimate goals for establishing the
GDPR.
7. Conclusion
This insightful survey paper has comprehensively ex-
plored the intricate dynamics of privacy and deanonymiza-
tion in the Ethereum blockchain ecosystem. The decen-
tralized and open-source nature of Ethereum, while instru-
mental in driving innovation and transparency, concurrently
poses significant privacy challenges. The inherent trans-
parency of Ethereum’s public ledger, essential for trust and
auditability, paradoxically creates avenues for potential pri-
vacy invasions. Deanonymization techniques, such as ad-
dress clustering, transaction graph analysis, and transaction
Page 19 of 26
 Survey on Ethereum Pseudonymity
fingerprint analysis, leverage the openly available transac-
tional data to potentially expose user identities and be-
haviours. Furthermore, these techniques can be combined
with off-chain information including network-level, social
network, and web-crawling data for more effectiveness of
the re-identification of users. While beneficial for forensic
analysis and network security, these techniques underscore
the vulnerabilities in Ethereum’s pseudonymous framework.
The advent of various privacy-preserving methodolo-
gies, including mixers, zk-SNARKs, and network-layer so-
lutions, signifies the ongoing efforts to bolster privacy in
Ethereum. However, these solutions have limitations, often
with trade-offs between privacy, scalability, and regulatory
compliance. Introducing blockchain layer-2 solutions, off-
chain transactions, and advanced privacy enhancing tech-
niques like zk-STARKs presents promising avenues for user
privacy. However, they also necessitate a balance between
the inherent decentralization of blockchain and the regula-
tory demands, particularly in light of GDPR compliance.
Furthermore, the complexity of smart contracts adds another
layer to the privacy puzzle, necessitating robust design and
operational strategies to safeguard user data.
The tension between the immutable nature of blockchain
and emerging data protection regulations like the GDPR also
presents a formidable challenge, calling for innovative solu-
tions that harmonize decentralized technology with evolving
legal frameworks. Presumably, Ethereum’s blockchain sig-
nificantly advances decentralized applications; however, its
engagement with privacy issues and the need to comply with
regulatory standards is an ongoing and developing area.
Therefore, the road ahead should concentrate on creating
advanced methods to protect privacy in ways that meet
legal requirements, improve the security of smart contracts,
and promote better understanding and knowledge about
these complex issues. Achieving a balance between trans-
parency, privacy, and adherence to regulatory frameworks
in Ethereum goes beyond technology alone; it also involves
legal and ethical considerations. This necessitates a collabo-
rative effort across various disciplines to ensure blockchain
technology’s responsible and sustainable growth.
References
[1] Abowd, J.M., 2018. The us census bureau adopts differential privacy,
in: Proceedings of the 24th ACM SIGKDD international conference
on knowledge discovery & data mining, pp. 2867–2867.
[2] Al Jawaheri, H., Al Sabah, M., Boshmaf, Y., Erbad, A., 2020.
Deanonymizing tor hidden service users through bitcoin transactions
analysis. Computers & Security 89, 101684.
[3] Alberto Torres, W.A., Steinfeld, R., Sakzad, A., Liu, J.K., Kuchta,
V., Bhattacharjee, N., Au, M.H., Cheng, J., 2018. Post-quantum
one-time linkable ring signature and application to ring confidential
transactions in blockchain (lattice ringct v1. 0), in: Information
Security and Privacy: 23rd Australasian Conference, ACISP 2018,
Wollongong, NSW, Australia, July 11-13, 2018, Proceedings 23,
Springer. pp. 558–576.
[4] Androulaki, E., Karame, G.O., Roeschlin, M., Scherer, T., Cap-
kun, S., 2013. Evaluating user privacy in bitcoin, in: Financial
Cryptography and Data Security: 17th International Conference, FC
Jamwal et al.: Preprint submitted to Elsevier
2013, Okinawa, Japan, April 1-5, 2013, Revised Selected Papers 17,
Springer. pp. 34–51.
[5] Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, Ł.,
2016. Secure multiparty computations on bitcoin. Communications
of the ACM 59, 76–84.
[6] Antonopoulos, A.M., Wood, G., 2018. Mastering ethereum: building
smart contracts and dapps. O’reilly Media.
[7] Armstrong, M., 2021. Ethereum, smart contracts and the optimistic
roll-up. BSc Dissertation: University of Dublin, Trinity College .
[8] Asplund, A., Hartvigsen, P.F., 2015. Reclaiming data ownership:
Differential privacy in a decentralized setting. URL: https://api.
semanticscholar.org/CorpusID:55245471.
[9] Aspnes, J., Attiya, H., Censor, K., 2010. Combining shared-coin
algorithms. Journal of Parallel and Distributed Computing 70, 317–
322.
[10] Atzei, N., Bartoletti, M., Cimoli, T., 2017. A survey of attacks on
ethereum smart contracts (sok). Principles of Security and Trust
10204, 164–186.
[11] Bai, Q., Zhang, C., Liu, N., Chen, X., Xu, Y., Wang, X., 2021.
Evolution of transaction pattern in ethereum: A temporal graph
perspective. IEEE Transactions on Computational Social Systems
9, 851–866.
[12] Banerjee, S., Das, D., Biswas, M., Biswas, U., 2020. Study and
survey on blockchain privacy and security issues, in: Cross-industry
use of Blockchain Technology and Opportunities for the Future. IGI
Global, pp. 80–102.
[13] Baria, N., Parmar, D., Panchal, V., 2022. Blockchain user, network
and system-level attacks and mitigation, in: The Auditor’s Guide to
Blockchain Technology. CRC Press, pp. 223–243.
[14] Baum, C., David, B., Frederiksen, T.K., 2021. P2dex: privacy-
preserving decentralized cryptocurrency exchange, in: Interna-
tional Conference on Applied Cryptography and Network Security,
Springer. pp. 163–194.
[15] Benabdallah, A., Audras, A., Coudert, L., El Madhoun, N., Badra,
M., 2022. Analysis of blockchain solutions for e-voting: A system-
atic literature review. IEEE Access .
[16] Benet, J., 2014. Ipfs-content addressed, versioned, p2p file system.
arXiv preprint arXiv:1407.3561 .
[17] Benhamouda, F., Halevi, S., Halevi, T., 2019. Supporting private
data on hyperledger fabric with secure multiparty computation. IBM
Journal of Research and Development 63, 3–1.
[18] Béres, F., Seres, I.A., Benczúr, A.A., Quintyne-Collins, M., 2021.
Blockchain is watching you: Profiling and deanonymizing ethereum
users, in: 2021 IEEE international conference on decentralized ap-
plications and infrastructures (DAPPS), IEEE. pp. 69–78.
[19] Bernabe, J.B., Canovas, J.L., Hernandez-Ramos, J.L., Moreno, R.T.,
Skarmeta, A., 2019. Privacy-preserving solutions for blockchain:
Review and challenges. IEEE Access 7, 164908–164940.
[20] Bertino, E., Kundu, A., Sura, Z., 2019. Data transparency with
blockchain and ai ethics. Journal of Data and Information Quality
(JDIQ) 11, 1–8.
[21] Bethencourt, J., Sahai, A., Waters, B., 2007. Ciphertext-policy
attribute-based encryption, in: 2007 IEEE symposium on security
and privacy (SP’07), IEEE. pp. 321–334.
[22] Bhargavan, K., Delignat-Lavaud, A., Fournet, C., Gollamudi, A.,
Gonthier, G., Kobeissi, N., Rastogi, A., Sibut-Pinote, T., Swamy, N.,
Zanella-Béguelin, S., 2016. Formal verification of smart contracts:
Short paper, in: Proceedings of the 2016 ACM Workshop on Pro-
gramming Languages and Analysis for Security, ACM. pp. 91–96.
[23] Biryukov, A., Tikhomirov, S., 2019a. Deanonymization and link-
ability of cryptocurrency transactions based on network analysis,
in: 2019 IEEE European symposium on security and privacy (Eu-
roS&P), IEEE. pp. 172–184.
[24] Biryukov, A., Tikhomirov, S., 2019b. Security and privacy of mobile
wallet users in bitcoin, dash, monero, and zcash. Pervasive and
Mobile Computing 59, 101030.
[25] Biryukov, A., Tikhomirov, S., 2019c. Transaction clustering using
network traffic analysis for bitcoin and derived blockchains, in: IEEE
Page 20 of 26
 Survey on Ethereum Pseudonymity
INFOCOM 2019-IEEE Conference on Computer Communications
Workshops (INFOCOM WKSHPS), IEEE. pp. 204–209.
[26] Bitansky, N., Canetti, R., Chiesa, A., Tromer, E., 2013. Recursive
composition and bootstrapping for snarks and proof-carrying data,
in: Proceedings of the forty-fifth annual ACM symposium on Theory
of computing, pp. 111–120.
[27] Blum, M., De Santis, A., Micali, S., Persiano, G., 1991. Noninterac-
tive zero-knowledge. SIAM Journal on Computing 20, 1084–1118.
[28] Bobba, R., Khurana, H., Prabhakaran, M., 2009. Attribute-sets: A
practically motivated enhancement to attribute-based encryption, in:
Computer Security–ESORICS 2009: 14th European Symposium on
Research in Computer Security, Saint-Malo, France, September 21-
23, 2009. Proceedings 14, Springer. pp. 587–604.
[29] Bonneau, J., Narayanan, A., Miller, A., Clark, J., Kroll, J.A., Felten,
E.W., 2014. Mixcoin: Anonymity for bitcoin with accountable
mixes, in: International Conference on Financial Cryptography and
Data Security, Springer. pp. 486–504.
[30] Boyle, E., Gilboa, N., Ishai, Y., Nof, A., 2019. Practical fully secure
three-party computation via sublinear distributed zero-knowledge
proofs, in: Proceedings of the 2019 ACM SIGSAC Conference on
Computer and Communications Security, pp. 869–886.
[31] Bünz, B., Agrawal, S., Zamani, M., Boneh, D., 2020. Zether: To-
wards privacy in a smart contract world, in: International Conference
on Financial Cryptography and Data Security, Springer. pp. 423–
443.
[32] Buterin, V., 2014. A next-generation smart contract and decentral-
ized application platform. white paper .
[33] Buterin, V., 2016. Ethereum: platform review. Opportunities and
Challenges for Private and Consortium Blockchains 45.
[34] Čapko, D., Vukmirović, S., Nedić, N., 2022. State of the art of zero-
knowledge proofs in blockchain, in: 2022 30th Telecommunications
Forum (TELFOR), IEEE. pp. 1–4.
[35] Chan, W., Olmsted, A., 2017. Ethereum transaction graph analysis,
in: 2017 12th international conference for internet technology and
secured transactions (ICITST), IEEE. pp. 498–500.
[36] Chase, M., 2007. Multi-authority attribute based encryption, in:
Theory of Cryptography: 4th Theory of Cryptography Conference,
TCC 2007, Amsterdam, The Netherlands, February 21-24, 2007.
Proceedings 4, Springer. pp. 515–534.
[37] Chase, M., Chow, S.S., 2009. Improving privacy and security in
multi-authority attribute-based encryption, in: Proceedings of the
16th ACM conference on Computer and communications security,
pp. 121–130.
[38] Chaum, D.L., 1981. Untraceable electronic mail, return addresses,
and digital pseudonyms. Communications of the ACM 24, 84–90.
[39] Chawathe, S.S., 2019. Clustering blockchain data. Clustering Meth-
ods for Big Data Analytics: Techniques, Toolboxes and Applications
, 43–72.
[40] Chen, C., Asoni, D.E., Barrera, D., Danezis, G., Perrig, A., 2015.
Hornet: High-speed onion routing at the network layer, in: Pro-
ceedings of the 22nd ACM SIGSAC Conference on Computer and
Communications Security, pp. 1441–1454.
[41] Chen, T., Li, Z., Luo, X., 2017. Understanding ethereum via graph
analysis, in: 2018 IEEE European Symposium on Security and
Privacy (EuroS&P), IEEE. pp. 137–152.
[42] Chen, T., Li, Z., Zhu, Y., Chen, J., Luo, X., Lui, J.C.S., Lin, X.,
Zhang, X., 2020. Understanding ethereum via graph analysis. ACM
Transactions on Internet Technology (TOIT) 20, 1–32.
[43] Christensen, S., 2018. A comparative study of privacy-preserving
cryptocurrencies: Monero and zcash. School of Computer Science
University of Birmingham .
[44] Christidis, K., Devetsikiotis, M., 2016. Blockchains and smart
contracts for the internet of things. Ieee Access 4, 2292–2303.
[45] Clack, C.D., Bakshi, V.A., Braine, L., 2016. Smart contract tem-
plates: foundations, design landscape and research directions. arXiv
preprint arXiv:1608.00771 .
[46] Conti, M., Kumar, E.S., Lal, C., Ruj, S., 2018. A survey on security
and privacy issues of bitcoin. IEEE Communications Surveys &
Jamwal et al.: Preprint submitted to Elsevier
Tutorials 20, 3416–3452.
[47] Courtois, N.T., Mercer, R., 2017. Stealth address and key
management techniques in blockchain systems, in: ICISSP 2017-
Proceedings of the 3rd International Conference on Information
Systems Security and Privacy, pp. 559–566.
[48] Cramer, R., Damgård, I., Maurer, U., 2000. General secure multi-
party computation from any linear secret-sharing scheme, in: In-
ternational Conference on the Theory and Applications of Crypto-
graphic Techniques, Springer. pp. 316–334.
[49] Dannen, C., 2017. Introducing Ethereum and solidity. volume 1.
Springer.
[50] De Angelis, S., Aniello, L., Baldoni, R., Lombardi, F., Margheri,
A., Sassone, V., et al., 2018. Pbft vs proof-of-authority: Applying
the cap theorem to permissioned blockchain, in: CEUR workshop
proceedings, CEUR-WS. pp. 1–11.
[51] De Filippi, P., Wright, A., 2018. Blockchain and the law: The rule
of code. Harvard University Press.
[52] Deuber, D., Schröder, D., 2021. Coinjoin in the wild: An empirical
analysis in dash, in: Computer Security–ESORICS 2021: 26th Eu-
ropean Symposium on Research in Computer Security, Darmstadt,
Germany, October 4–8, 2021, Proceedings, Part II 26, Springer. pp.
461–480.
[53] Dijk, M.v., Gentry, C., Halevi, S., Vaikuntanathan, V., 2010. Fully
homomorphic encryption over the integers, in: Annual international
conference on the theory and applications of cryptographic tech-
niques, Springer. pp. 24–43.
[54] Dorri, A., Steger, M., Kanhere, S.S., Jurdak, R., 2017. Blockchain:
A distributed solution to automotive security and privacy. IEEE
Communications Magazine 55, 119–125.
[55] Du, W., Atallah, M.J., 2001. Secure multi-party computation
problems and their applications: a review and open problems, in:
Proceedings of the 2001 workshop on New security paradigms, pp.
13–22.
[56] Duffield, E., Diaz, D., 2015. Dash: A privacycentric cryptocurrency.
[57] Dwork, C., 2006. Differential privacy, in: International colloquium
on automata, languages, and programming, Springer. pp. 1–12.
[58] Dwork, C., 2008. Differential privacy: A survey of results, in:
International conference on theory and applications of models of
computation, Springer. pp. 1–19.
[59] Dwork, C., Roth, A., 2014. The algorithmic foundations of differen-
tial privacy. Found. Trends Theor. Comput. Sci. 9, 211–407. URL:
https://doi.org/10.1561/0400000042, doi:10.1561/0400000042.
[60] Dwork, C., Roth, A., et al., 2014. The algorithmic foundations
of differential privacy. Foundations and Trends® in Theoretical
Computer Science 9, 211–407.
[61] Dziembowski, S., Faust, S., Hostáková, K., 2018. General state chan-
nel networks, in: Proceedings of the 2018 ACM SIGSAC Conference
on Computer and Communications Security, pp. 949–966.
[62] Ermilov, D., Panov, M., Yanovich, Y., 2017a. Automatic bitcoin
address clustering, in: 2017 16th IEEE International Conference
on Machine Learning and Applications (ICMLA), pp. 461–466.
doi:10.1109/ICMLA.2017.0-118.
[63] Ermilov, D., Panov, M., Yanovich, Y., 2017b. Automatic bitcoin
address clustering, in: 2017 16th IEEE International Conference on
Machine Learning and Applications (ICMLA), IEEE. pp. 461–466.
[64] European Parliament and EU Council, 2016. Regulation (eu)
2016/679 of the european parliament and of the council. Official
Journal of the European Union 679, 2016. URL: https://eur-lex.
europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679.
[65] Eyal, I., Sirer, E.G., 2018. Majority is not enough: Bitcoin mining
is vulnerable. Association for Computing Machinery 61, 95–102.
URL: https://doi.org/10.1145/3212998, doi:10.1145/3212998.
[66] Fang, W., Chen, W., Zhang, W., Pei, J., Gao, W., Wang, G.,
2020. Digital signature scheme for information non-repudiation in
blockchain: a state of the art review. EURASIP Journal on Wireless
Communications and Networking 2020, 1–15.
Page 21 of 26
 Survey on Ethereum Pseudonymity
[67] Feige, U., Lapidot, D., Shamir, A., 1990. Multiple non-interactive
zero knowledge proofs based on a single random string, in: Proceed-
ings [1990] 31st Annual Symposium on Foundations of Computer
Science, IEEE. pp. 308–317.
[68] Fekete, D.L., Kiss, A., 2024. Trust-minimized optimistic cross-
rollup arbitrary message bridge. Journal of Network and Computer
Applications 221, 103771.
[69] Feng, Q., He, D., Zeadally, S., Khan, M.K., Kumar, N., 2019. A
survey on privacy protection in blockchain system. Journal of
Network and Computer Applications 126, 45–58.
[70] Fiege, U., Fiat, A., Shamir, A., 1987. Zero knowledge proofs of
identity, in: Proceedings of the nineteenth annual ACM symposium
on Theory of computing, pp. 210–217.
[71] Finck, M., 2018. Blockchains and data protection in the european
union. Eur. Data Prot. L. Rev. 4, 17.
[72] Fleder, M., Kester, M.S., Pillai, S., 2015. Bitcoin transaction graph
analysis. arXiv preprint arXiv:1502.01657 .
[73] Gai, K., Wu, Y., Zhu, L., Zhang, Z., Qiu, M., 2019. Differential
privacy-based blockchain for industrial internet-of-things. IEEE
Transactions on Industrial Informatics 16, 4156–4165.
[74] Gaihre, A., Luo, Y., Liu, H., 2018. Do bitcoin users really care
about anonymity? an analysis of the bitcoin transaction graph, in:
2018 ieee international conference on big data (big data), IEEE. pp.
1198–1207.
[75] Gaihre, A., Pandey, S., Liu, H., 2019. Deanonymizing cryptocur-
rency with graph learning: The promises and challenges, in: 2019
IEEE Conference on Communications and Network Security (CNS),
IEEE. pp. 1–3.
[76] Gamage, C., Gras, B., Crispo, B., Tanenbaum, A.S., 2006. An
identity-based ring signature scheme with enhanced privacy, in:
2006 Securecomm and Workshops, IEEE. pp. 1–5.
[77] Gao, Y., Shi, J., Wang, X., Shi, R., Yin, Z., Yang, Y., 2021. Practical
deanonymization attack in ethereum based on p2p network anal-
ysis, in: 2021 IEEE Intl Conf on Parallel & Distributed Process-
ing with Applications, Big Data & Cloud Computing, Sustainable
Computing & Communications, Social Computing & Networking
(ISPA/BDCloud/SocialCom/SustainCom), IEEE. pp. 1402–1409.
[78] Garfinkel, S.L., Abowd, J.M., Powazek, S., 2018. Issues encountered
deploying differential privacy, in: Proceedings of the 2018 Workshop
on Privacy in the Electronic Society, pp. 133–137.
[79] Gentry, C., 2009. A fully homomorphic encryption scheme. Stan-
ford university.
[80] Godyn, M., Kedziora, M., Ren, Y., Liu, Y., Song, H., 2022. Analysis
of solutions for a blockchain compliance with gdpr. Scientific
Reports 12, 15021. doi:10.1038/s41598-022-19341-y.
[81] Goldfeder, S., Kalodner, H., Reisman, D., Narayanan, A., 2018.
When the cookie meets the blockchain: Privacy risks of web pay-
ments via cryptocurrencies. Proceedings on Privacy Enhancing
Technologies 4, 179–199.
[82] Goldreich, O., Oren, Y., 1994. Definitions and properties of zero-
knowledge proof systems. Journal of Cryptology 7, 1–32.
[83] Goldwasser, S., Micali, S., Rackoff, C., 2019. The knowledge
complexity of interactive proof-systems, in: Providing Sound Foun-
dations for Cryptography: On the Work of Shafi Goldwasser and
Silvio Micali, pp. 203–225.
[84] Goyal, V., Pandey, O., Sahai, A., Waters, B., 2006. Attribute-
based encryption for fine-grained access control of encrypted data,
in: Proceedings of the 13th ACM conference on Computer and
communications security, pp. 89–98.
[85] Guan, Z., Wan, Z., Yang, Y., Zhou, Y., Huang, B., 2020. Blockmaze:
An efficient privacy-preserving account-model blockchain based on
zk-snarks. IEEE Transactions on Dependable and Secure Computing
19, 1446–1463.
[86] Halpin, H., Piekarska, M., 2017. Introduction to security and privacy
on the blockchain, in: 2017 IEEE European Symposium on Security
and Privacy Workshops, IEEE. pp. 1–3.
[87] Han, J., Susilo, W., Mu, Y., Yan, J., 2012. Privacy-preserving decen-
tralized key-policy attribute-based encryption. IEEE transactions on
Jamwal et al.: Preprint submitted to Elsevier
parallel and distributed systems 23, 2150–2162.
[88] Han, S., Park, S., 2022. A gap between blockchain and general data
protection regulation: A systematic review. IEEE Access .
[89] Harrigan, M., Fretter, C., 2016. The unreasonable effectiveness
of address clustering, in: 2016 Intl IEEE Conferences on Ubiq-
uitous Intelligence & Computing, Advanced and Trusted Com-
puting, Scalable Computing and Communications, Cloud and Big
Data Computing, Internet of People, and Smart World Congress
(UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), IEEE. pp. 368–
373.
[90] Hassan, M.U., Rehmani, M.H., Chen, J., 2020. Differential privacy
in blockchain technology: A futuristic approach. Journal of Parallel
and Distributed Computing 145, 50–74.
[91] Hasselgren, A., Wan, P.K., Horn, M., Kralevska, K., Gligoroski, D.,
Faxvaag, A., 2020. Gdpr compliance for blockchain applications in
healthcare. Computer Science & Information Technology .
[92] Henry, R., Herzberg, A., Kate, A., 2018. Blockchain access privacy:
Challenges and directions. IEEE Security & Privacy 16, 38–45.
[93] Hopwood, D., Bowe, S., Hornby, T., Wilcox, N., 2016. Zcash
protocol specification. GitHub: San Francisco, CA, USA , 1.
[94] Humbeeck, A.V., et al., 2019. The blockchain-gdpr paradox. Journal
of Data Protection & Privacy 2, 208–212.
[95] Hur, J., 2011. Improving security and efficiency in attribute-based
data sharing. IEEE transactions on knowledge and data engineering
25, 2271–2282.
[96] Javed, L., Anjum, A., Yakubu, B.M., Iqbal, M., Moqurrab, S.A.,
Srivastava, G., 2023. Sharechain: Blockchain-enabled model for
sharing patient data using federated learning and differential privacy.
Expert Systems 40, e13131.
[97] Jia, B., Zhang, X., Liu, J., Zhang, Y., Huang, K., Liang, Y., 2021.
Blockchain-enabled federated learning data protection aggregation
scheme with differential privacy and homomorphic encryption in
iiot. IEEE Transactions on Industrial Informatics 18, 4049–4058.
[98] Jiang, Y., Xu, X., Xiao, F., 2022. Attribute-based encryption with
blockchain protection scheme for electronic health records. IEEE
Transactions on Network and Service Management 19, 3884–3895.
[99] Johnson, D., Menezes, A., Vanstone, S., 2001. The elliptic curve dig-
ital signature algorithm (ecdsa). International journal of information
security 1, 36–63.
[100] Kabla, A.H.H., Anbar, M., Manickam, S., Al-Amiedy, T.A., Cruspe,
P.B., Al-Ani, A.K., Karuppayah, S., 2022. Applicability of intrusion
detection system on ethereum attacks: A comprehensive review.
IEEE Access 10, 71632–71655.
[101] Kalra, S., Goel, S., Dhawan, M., Sharma, S., 2018. Zeus: Analyzing
safety of smart contracts, in: Network and Distributed Systems
Security (NDSS) Symposium, pp. 1–12.
[102] Kang, C., Lee, C., Ko, K., Woo, J., Hong, J.W.K., 2020. De-
anonymization of the bitcoin network using address clustering, in:
Blockchain and Trustworthy Systems: Second International Con-
ference, BlockSys 2020, Dali, China, August 6–7, 2020, Revised
Selected Papers 2, Springer. pp. 489–501.
[103] Kappos, G., Yousaf, H., Maller, M., Meiklejohn, S., 2018. An
empirical analysis of anonymity in zcash, in: 27th USENIX Security
Symposium (USENIX Security 18), pp. 463–477.
[104] Kelen, D.M., Seres, I.A., Béres, F., Benczúr, A.A., 2023. In-
tegrated onion routing for peer-to-peer validator privacy in the
ethereum network. URL: https://info.ilab.sztaki.hu/~kdomokos/
OnionRoutingP2PEthereumPrivacy.pdf.
[105] Kenthapadi, K., Mironov, I., Thakurta, A.G., 2019. Privacy-
preserving data mining in industry, in: Proceedings of the Twelfth
ACM International Conference on Web Search and Data Mining,
pp. 840–841.
[106] Kerber, T., Kiayias, A., Kohlweiss, M., 2021. Kachina – foundations
of private smart contracts, in: 2021 IEEE 34th Computer Security
Foundations Symposium (CSF), pp. 1–16. doi:10.1109/CSF51468.
2021.00002.
[107] Khan, A., 2022. Graph analysis of the ethereum blockchain data:
A survey of datasets, methods, and future work, in: 2022 IEEE
Page 22 of 26
 Survey on Ethereum Pseudonymity
International Conference on Blockchain (Blockchain), IEEE. pp.
250–257.
[108] Khan, S.N., Loukil, F., Ghedira-Guegan, C., Benkhelifa, E., Bani-
Hani, A., 2021. Blockchain smart contracts: Applications, chal-
lenges, and future trends. Peer-to-peer Networking and Applications
14, 2901–2925.
[109] Khovratovich, D., Vladimirov, M., 2019. Tornado privacy solution:
Cryptographic review. version 1.1. ABDK Consulting, November
29.
[110] Kılıç, B., Özturan, C., Sen, A., 2022. Parallel analysis of ethereum
blockchain transaction data using cluster computing. Cluster Com-
puting 25, 1885–1898.
[111] Killer, C., Eck, M., Rodrigues, B., von der Assen, J., Staubli, R.,
Stiller, B., 2022. Provotumn: Decentralized, mix-net-based, and
receipt-free voting system, in: 2022 IEEE International Conference
on Blockchain and Cryptocurrency (ICBC), IEEE. pp. 1–9.
[112] Kim, S., Kwon, Y., Cho, S., 2018. A survey of scalability solutions
on blockchain, in: 2018 International Conference on Information and
Communication Technology Convergence (ICTC), IEEE. pp. 1204–
1207.
[113] Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.,
2016. Hawk: The blockchain model of cryptography and privacy-
preserving smart contracts, in: 2016 IEEE symposium on security
and privacy (SP), IEEE. pp. 839–858.
[114] Kus, M.C., Levi, A., 2022. Investigation and application of differen-
tial privacy in bitcoin. IEEE Access 10, 25534–25554. doi:10.1109/
ACCESS.2022.3151784.
[115] Kushwaha, S.S., Joshi, S., Singh, D., Kaur, M., Lee, H.N., 2022.
Systematic review of security vulnerabilities in ethereum blockchain
smart contract. IEEE Access 10, 6605–6621.
[116] Lapets, A., Albab, K.D., Issa, R., Qin, L., Varia, M., Bestavros, A.,
Jansen, F., 2019. Role-based ecosystem for the design, development,
and deployment of secure multi-party data analytics applications, in:
2019 IEEE Cybersecurity Development (SecDev), IEEE. pp. 129–
140.
[117] Lavaur, T., Lacan, J., Chanel, C.P., 2022. Enabling blockchain
services for ioe with zk-rollups. Sensors 22, 6493.
[118] Li, X., Mei, Y., Gong, J., Xiang, F., Sun, Z., 2020a. A blockchain
privacy protection scheme based on ring signature. IEEE Access 8,
76765–76772.
[119] Li, Y., Islambekov, U., Akcora, C., Smirnova, E., Gel, Y.R., Kantar-
cioglu, M., 2020b. Dissecting ethereum blockchain analytics: What
we learn from topology and geometry of the ethereum graph?, in:
Proceedings of the 2020 SIAM international conference on data
mining, SIAM. pp. 523–531.
[120] Lima, C., 2018. Blockchain gdpr privacy by design. IEEE
blockchain group 4.
[121] Liu, Jiangyan, Cai, Zhiyuan, Liu, Dunnan, Jin, Tianyi, 2021.
Research on distributed energy transaction technology based on
blockchain. E3S Web Conf. 236, 02011. URL: https://doi.org/
10.1051/e3sconf/202123602011, doi:10.1051/e3sconf/202123602011.
[122] Lotti, L., 2016. Contemporary art, capitalization and the blockchain:
On the autonomy and automation of art’s value. Finance and Society
2, 96–110.
[123] Lu, H., Yu, R., Zhu, Y., He, X., Liang, K., Chu, W.C.C.,
2022. Policy-driven data sharing over attribute-based
encryption supporting dual membership. Journal of
Systems and Software 188, 111271. URL: https://www.
sciencedirect.com/science/article/pii/S0164121222000346,
doi:https://doi.org/10.1016/j.jss.2022.111271.
[124] Maurer, F.K., Neudecker, T., Florian, M., 2017. Anonymous
coinjoin transactions with arbitrary values, in: 2017 ieee trust-
com/bigdatase/icess, IEEE. pp. 522–529.
[125] McSherry, F., Talwar, K., 2007. Mechanism design via differential
privacy, in: 48th Annual IEEE Symposium on Foundations of Com-
puter Science (FOCS’07), IEEE. pp. 94–103.
Jamwal et al.: Preprint submitted to Elsevier
[126] Meiklejohn, S., Mercer, R., 2018. Möbius: Trustless tumbling for
transaction privacy. Proceedings on Privacy Enhancing Technolo-
gies 2018. doi:10.1515/popets-2018-0015.
[127] Meiklejohn, S., Pomarole, M., Jordan, G., Levchenko, K., McCoy,
D., Voelker, G.M., Savage, S., 2013. A fistful of bitcoins: character-
izing payments among men with no names, in: Proceedings of the
2013 conference on Internet measurement conference, pp. 127–140.
[128] Merani, M.L., Croce, D., Tinnirello, I., 2021. Rings for privacy: an
architecture for large scale privacy-preserving data mining. IEEE
Transactions on Parallel and Distributed Systems 32, 1340–1352.
[129] Mercer, R., 2016. Privacy on the blockchain: Unique ring signatures.
arXiv:1612.01188.
[130] Messias, J., Pahari, V., Chandrasekaran, B., Gummadi, K.P.,
Loiseau, P., 2023. Dissecting bitcoin and ethereum transactions: On
the lack of transaction contention and prioritization transparency in
blockchains. arXiv preprint arXiv:2302.06962 .
[131] Moralis, . Breaking down eth 2.0 - zk-snarks and zk-
rollups. https://academy.moralis.io/blog/breaking-down-eth-2-0-zk-
snarks-and-zk-rollups. Accessed: 2023-12-01.
[132] Müller, S., Katzenbeisser, S., Eckert, C., 2009. Distributed attribute-
based encryption, in: Information Security and Cryptology–ICISC
2008: 11th International Conference, Seoul, Korea, December 3-5,
2008, Revised Selected Papers 11, Springer. pp. 20–36.
[133] Naehrig, M., Lauter, K., Vaikuntanathan, V., 2011. Can homo-
morphic encryption be practical?, in: Proceedings of the 3rd ACM
workshop on Cloud computing security workshop, pp. 113–124.
[134] Nakamoto, S., 2008. Bitcoin: A peer-to-peer electronic cash system.
Decentralized Business Review , 21260.
[135] Neiheiser, R., Inácio, G., Rech, L., Montez, C., Matos, M., Ro-
drigues, L., 2023. Practical limitations of ethereum’s layer-2. IEEE
Access 11, 8651–8662.
[136] Neudecker, T., Andelfinger, P., Hartenstein, H., 2016. Tim-
ing analysis for inferring the topology of the bitcoin peer-
to-peer network, in: 2016 Intl IEEE Conferences on Ubiqui-
tous Intelligence & Computing, Advanced and Trusted Comput-
ing, Scalable Computing and Communications, Cloud and Big
Data Computing, Internet of People, and Smart World Congress
(UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), IEEE. pp. 358–
367.
[137] Nguyen, C.T., Hoang, D.T., Nguyen, D.N., Niyato, D., Nguyen,
H.T., Dutkiewicz, E., 2019. Proof-of-stake consensus mechanisms
for future blockchain networks: Fundamentals, applications and
opportunities. IEEE Access 7, 85727–85745. doi:10.1109/ACCESS.
2019.2925010.
[138] Nikolakis, W., John, L., Krishnan, H., 2018. How blockchain can
shape sustainable global value chains: An evidence, verifiability, and
enforceability (eve) framework. Sustainability 10, 3926.
[139] Niranjanamurthy, M., Nithya, B., Jagannatha, S., 2019. Analysis of
blockchain technology: pros, cons and swot. Cluster Computing 22,
14743–14757.
[140] Noether, S., Mackenzie, A., et al., 2016. Ring confidential transac-
tions. Ledger 1, 1–18.
[141] Sáez de Ocáriz Borde, H., 2022. An overview of trees in blockchain
technology: Merkle trees and merkle patricia tries. Department of
Engineering, University of Cambridge .
[142] Omar, I.A., Jayaraman, R., Salah, K., Simsekler, M.C.E., Yaqoob,
I., Ellahham, S., 2020. Ensuring protocol compliance and data
transparency in clinical trials using blockchain smart contracts.
BMC Medical Research Methodology 20, 1–17.
[143] Ouaddah, A., Elkalam, A.A., Ouahman, A.A., 2017. Towards a
novel privacy-preserving access control model based on blockchain
technology in iot, in: Rocha, Á., Serrhini, M., Felgueiras, C. (Eds.),
Europe and MENA Cooperation Advances in Information and Com-
munication Technologies, Springer International Publishing, Cham.
pp. 523–533.
[144] Panait, A.E., Olimid, R.F., 2021. On using zk-snarks and zk-
starks in blockchain-based identity management, in: Innovative Se-
curity Solutions for Information Technology and Communications:
Page 23 of 26
 Survey on Ethereum Pseudonymity
13th International Conference, SecITC 2020, Bucharest, Romania,
November 19–20, 2020, Revised Selected Papers 13, Springer. pp.
130–145.
[145] Park, Y.H., Kim, Y., Shim, J., 2021. Blockchain-based privacy-
preserving system for genomic data management using local dif-
ferential privacy. Electronics 10. URL: https://www.mdpi.com/
2079-9292/10/23/3019, doi:10.3390/electronics10233019.
[146] Partala, J., Nguyen, T.H., Pirttikangas, S., 2020. Non-interactive
zero-knowledge for blockchain: A survey. IEEE Access 8, 227945–
227961.
[147] Pertsev, A., Semenov, R., Storm, R., 2019. Tornado cash privacy
solution version 1.4. Tornado cash privacy solution version 1.
[148] Petrov, S., Kendzierskyj, S., Jahankhani, H., 2020. Protecting
privacy and security using tor and blockchain and de-anonymization
risks. Cyber Defence in the Age of AI, Smart Societies and
Augmented Humanity , 199–232.
[149] Pinto, A.M., 2020. An introduction to the use of zk-snarks in
blockchains, in: Mathematical Research for Blockchain Economy.
Springer, pp. 233–249.
[150] Politou, E., Casino, F., Alepis, E., Patsakis, C., 2019. Blockchain
mutability: Challenges and proposed solutions. IEEE Transactions
on Emerging Topics in Computing 9, 1972–1986.
[151] Poon, J., Buterin, V., 2017. Plasma: Scalable autonomous smart
contracts. White paper , 1–47.
[152] Rackoff, C., Simon, D.R., 1991. Non-interactive zero-knowledge
proof of knowledge and chosen ciphertext attack, in: Annual inter-
national cryptology conference, Springer. pp. 433–444.
[153] Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S., Kon-
doz, A., 2017. Privacy-preserving blockchain based iot ecosystem
using attribute-based encryption, in: 2017 IEEE International Con-
ference on Advanced Networks and Telecommunications Systems
(ANTS), IEEE. pp. 1–6.
[154] Rao, U.P., Shukla, P.K., Trivedi, C., Gupta, S., Shibeshi, Z.S., 2021.
Blockchain for Information Security and Privacy. CRC Press.
[155] Reynolds, P., Irwin, A.S., 2017. Tracking digital footprints:
anonymity within the bitcoin system. Journal of Money Laundering
Control 20, 172–189.
[156] Rivest, R.L., Shamir, A., Tauman, Y., 2006. How to leak a secret:
Theory and applications of ring signatures. Theoretical Computer
Science: Essays in Memory of Shimon Even , 164–186.
[157] Ron, D., Shamir, A., 2013a. Quantitative analysis of the full bitcoin
transaction graph, in: Sadeghi, A.R. (Ed.), Financial Cryptography
and Data Security, Springer Berlin Heidelberg, Berlin, Heidelberg.
pp. 6–24. doi:10.1007/978-3-642-39884-1\_2.
[158] Ron, D., Shamir, A., 2013b. Quantitative analysis of the full bitcoin
transaction graph, in: Financial Cryptography and Data Security:
17th International Conference, FC 2013, Okinawa, Japan, April 1-5,
2013, Revised Selected Papers 17, Springer. pp. 6–24.
[159] Sabry, F., Labda, W., Erbad, A., Malluhi, Q., 2020. Cryptocurrencies
and artificial intelligence: Challenges and opportunities. IEEE
Access 8, 175840–175858. doi:10.1109/ACCESS.2020.3025211.
[160] Sahai, A., Waters, B., 2005. Fuzzy identity-based encryption, in:
Annual international conference on the theory and applications of
cryptographic techniques, Springer. pp. 457–473.
[161] Sahu, N., Gajera, M., Chaudhary, A., 2023. zkfi: Privacy-preserving
and regulation compliant transactions using zero knowledge proofs.
arXiv preprint arXiv:2307.00521 .
[162] Satybaldy, A., Nowostawski, M., 2020. Review of techniques for
privacy-preserving blockchain systems, in: Proceedings of the 2nd
ACM International Symposium on Blockchain and Secure Critical
Infrastructure, pp. 1–9.
[163] Schaffner, T., 2021. Scaling public blockchains: A comprehensive
analysis of optimistic and zero-knowledge rollups. Master Thesis:
University of Basel .
[164] Schmitz, A., Rule, C., 2019. Online dispute resolution for smart
contracts. J. Disp. Resol. , 103.
[165] Schulz, K.A., Gstrein, O.J., Zwitter, A.J., 2020. Exploring the gov-
ernance and implementation of sustainable development initiatives
Jamwal et al.: Preprint submitted to Elsevier
through blockchain technology. Futures 122, 102611.
[166] Seres, I.A., Nagy, D.A., Buckland, C., Burcsi, P., 2019. Mixeth:
efficient, trustless coin mixing service for ethereum. Cryptology
ePrint Archive doi:10.4230/OASIcs.Tokenomics.2019.13.
[167] Shi, Y., Cao, K., Yao, J., Ge, X., 2023. A semi-homomorphic privacy
computing solution based on sm2 and blockchain, in: International
Conference on Cryptography, Network Security, and Communica-
tion Technology (CNSCT 2023), SPIE. pp. 29–38.
[168] Shojaeinasab, A., Motamed, A.P., Bahrak, B., 2023. Mixing detec-
tion on bitcoin transactions using statistical patterns. IET Blockchain
3, 136–148.
[169] Singh, K., Heulot, N., Hamida, E.B., 2018. Towards anonymous,
unlinkable, and confidential transactions in blockchain, in: 2018
IEEE International Conference on Internet of Things (iThings) and
IEEE Green Computing and Communications (GreenCom) and
IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE
Smart Data (SmartData), IEEE. pp. 1642–1649.
[170] Singh, N.P., 2021. Regulating Cross Border Data Flows: An Assess-
ment of India’s Data Localisation Framework. Ph.D. thesis. National
Law School of India University, Bangalore.
[171] Stevens, R., 2022. What are ethereum rollups? a scaling solution
to cut transaction costs. URL: https://decrypt.co/resources/
what-are-ethereum-rollups-scaling-solution-cut-transaction-costs.
[172] Suma, V., 2019. Security and privacy mechanism using blockchain.
Journal of Ubiquitous Computing and Communication Technologies
(UCCT) 1, 45–54.
[173] Sun, H., Ruan, N., Liu, H., 2019. Ethereum analysis via node
clustering, in: Network and System Security: 13th International
Conference, NSS 2019, Sapporo, Japan, December 15–18, 2019,
Proceedings 13, Springer. pp. 114–129.
[174] Sun, S.F., Au, M.H., Liu, J.K., Yuen, T.H., 2017. Ringct 2.0: A
compact accumulator-based (linkable ring signature) protocol for
blockchain cryptocurrency monero, in: European Symposium on
Research in Computer Security, Springer. pp. 456–474.
[175] Sun, X., Yu, F.R., Zhang, P., Sun, Z., Xie, W., Peng, X., 2021. A
survey on zero-knowledge proof in blockchain. IEEE network 35,
198–205.
[176] Suripeddi, M.K.S., Purandare, P., 2021. Blockchain and gdpr – a
study on compatibility issues of the distributed ledger technology
with gdpr data processing. Journal of Physics: Conference Series
1964. URL: https://api.semanticscholar.org/CorpusID:236205971.
[177] Szabo, N., 1997. Formalizing and securing relationships on public
networks. First monday .
[178] Tang, Y., Xu, C., Zhang, C., Wu, Y., Zhu, L., 2021. Analysis of
address linkability in tornado cash on ethereum. ieee , 39–50.
[179] Team, E., 2024. Republic protocol (ren) review: Complete be-
ginners guide to ren. URL: https://www.coinbureau.com/review/
republic-protocol-ren/.
[180] Thibault, L.T., Sarry, T., Hafid, A.S., 2022. Blockchain scaling using
rollups: A comprehensive survey. IEEE Access .
[181] Thyagarajan, S.A., Malavolta, G., Moreno-Sanchez, P., 2022.
Universal atomic swaps: Secure exchange of coins across all
blockchains, in: 2022 IEEE Symposium on Security and Privacy
(SP), IEEE. pp. 1299–1316.
[182] Tovanich, N., Cazabet, R., 2023. Fingerprinting bitcoin entities
using money flow representation learning. Applied Network Science
8, 63.
[183] Truong, N.B., Sun, K., Lee, G.M., Guo, Y., 2020. Gdpr-
compliant personal data management: A blockchain-based solu-
tion. IEEE Transactions on Information Forensics and Security
15, 1746–1761. URL: https://doi.org/10.1109/TIFS.2019.2948287,
doi:10.1109/TIFS.2019.2948287.
[184] Valdeolmillos, D., Mezquita, Y., González-Briones, A., Prieto, J.,
Corchado, J.M., 2020. Blockchain technology: a review of the cur-
rent challenges of cryptocurrency, in: Blockchain and Applications:
International Congress, Springer. pp. 153–160.
[185] Van Saberhagen, N., 2013. Cryptonote v2.0. URL: https://
cryptonote.org/whitepaper.pdf.
Page 24 of 26
 Survey on Ethereum Pseudonymity
[186] Varghese, H.M., Nagoree, D.A., Jayapandian, N., et al., 2021. Cryp-
tocurrency security and privacy issues: A research perspective, in:
2021 6th International Conference on Communication and Electron-
ics Systems (ICCES), IEEE. pp. 902–907.
[187] Victor, F., 2020. Address clustering heuristics for ethereum, in:
Financial Cryptography and Data Security: 24th International Con-
ference, FC 2020, Kota Kinabalu, Malaysia, February 10–14, 2020
Revised Selected Papers 24, Springer. pp. 617–633.
[188] Vo, H.T., Kundu, A., Mohania, M.K., 2018. Research directions in
blockchain data management and analytics., in: EDBT, pp. 445–448.
[189] Wang, B., Li, H., Guo, Y., Wang, J., 2023. Ppflhe: A privacy-
preserving federated learning scheme with homomorphic encryption
for healthcare data. Applied Soft Computing 146, 110677.
[190] Wang, G., Liu, Q., Wu, J., 2010. Hierarchical attribute-based
encryption for fine-grained access control in cloud storage services,
in: Proceedings of the 17th ACM conference on Computer and
communications security, pp. 735–737.
[191] Wang, Q., Zhang, Y., Bao, Z., Shi, W., Lei, H., Liu, H., Chen,
B., 2022. Sortee: Service-oriented routing for payment channel
networks with scalability and privacy protection. IEEE Transactions
on Network and Service Management 19, 3764–3780. doi:10.1109/
TNSM.2022.3213559.
[192] Wang, W., Hoang, D.T., Hu, P., Xiong, Z., Niyato, D., Wang, P.,
Wen, Y., Kim, D.I., 2019. A survey on consensus mechanisms and
mining strategy management in blockchain networks. Ieee Access
7, 22328–22370.
[193] Wang, Y., Tan, M., 2023. Defense against sybil attack in blockchain
based on improved consensus algorithm, in: 2023 IEEE International
Conference on Control, Electronics and Computer Technology (IC-
CECT), pp. 986–989. doi:10.1109/ICCECT57938.2023.10140278.
[194] Werbach, K., 2018. The blockchain and the new architecture of trust.
MIT Press .
[195] Wilkinson, S., Lowry, J., Boshevski, T., 2014. Metadisk a
blockchain-based decentralized file storage application. Storj Labs
Inc., Technical Report, hal 1.
[196] Wind, P., 2021. Vitalik buterin is optimistic on rollups and other
layer 2 solutions to bring sufficient scaling to ethereum. URL:
https://shorturl.at/oFGK8.
[197] Wohrer, M., Zdun, U., 2018. Smart contracts: security patterns in the
ethereum ecosystem and solidity, in: 2018 International Workshop
on Blockchain Oriented Software Engineering (IWBOSE), IEEE.
pp. 2–8.
[198] Wu, A., Zhang, Y., Zheng, X., Guo, R., Zhao, Q., Zheng, D.,
2019. Efficient and privacy-preserving traceable attribute-based
encryption in blockchain. Annals of Telecommunications 74, 401–
411.
[199] Wu, J., Liu, J., Chen, W., Huang, H., Zheng, Z., Zhang, Y., 2021a.
Detecting mixing services via mining bitcoin transaction network
with hybrid motifs. IEEE Transactions on Systems, Man, and
Cybernetics: Systems 52, 2237–2249.
[200] Wu, J., Liu, J., Zhao, Y., Zheng, Z., 2021b. Analysis of cryptocur-
rency transactions from a network perspective: An overview. Journal
of Network and Computer Applications 190, 103139.
[201] Wu, L., Hu, Y., Zhou, Y., Wang, H., Luo, X., Wang, Z., Zhang, F.,
Ren, K., 2021c. Towards understanding and demystifying bitcoin
mixing services, in: Proceedings of the Web Conference 2021, pp.
33–44.
[202] Xu, Z., Sun, Q., Han, H., Dong, X., Yan, Z., Zheng, Z., Tian,
W., 2022. Bmtac: a decentralized, auditable, time-limited,
multi-authority attribute access control scheme in blockchain en-
vironment, in: 2022 IEEE Smartworld, Ubiquitous Intelligence
& Computing, Scalable Computing & Communications, Digital
Twin, Privacy Computing, Metaverse, Autonomous & Trusted
Vehicles (SmartWorld/UIC/ScalCom/DigitalTwin/PriComp/Meta),
IEEE. pp. 1997–2002.
[203] Xue, L., Yu, Y., Li, Y., Au, M.H., Du, X., Yang, B., 2019. Efficient
attribute-based encryption with attribute revocation for assured data
deletion. Information Sciences 479, 640–650.
Jamwal et al.: Preprint submitted to Elsevier
[204] Yakovenko, A., 2018. Solana: A new architecture for a high
performance blockchain v0. 8.13. Whitepaper .
[205] Yan, Y., Shao, G., Song, D., Song, M., Jin, Y., 2023. He-dksap:
Privacy-preserving stealth address protocol via additively homomor-
phic encryption. arXiv:2312.10698.
[206] Yang, K., Jia, X., 2012. Attributed-based access control for multi-
authority systems in cloud storage, in: 2012 IEEE 32nd International
Conference on Distributed Computing Systems, IEEE. pp. 536–545.
[207] Yao, A.C., 1982. Protocols for secure computations, in: 23rd annual
symposium on foundations of computer science (sfcs 1982), IEEE.
pp. 160–164.
[208] Ye, C., Li, G., Cai, H., Gu, Y., Fukuda, A., 2018. Analysis
of security in blockchain: Case study in 51%-attack detecting, in:
2018 5th International conference on dependable systems and their
applications (DSA), IEEE. pp. 15–24.
[209] Zhang, J., Bai, W., Jiang, Z., 2020a. On the security of a practical
constant-size ring signature scheme. Int. J. Netw. Secur. 22, 392–
396.
[210] Zhang, M., Zhang, X., Zhang, Y., Lin, Z., 2020b. {TXSPECTOR}:
Uncovering attacks in ethereum from transactions, in: 29th USENIX
Security Symposium (USENIX Security 20), pp. 2775–2792.
[211] Zhang, R., Xue, R., Liu, L., 2019. Security and privacy on
blockchain. ACM Computing Surveys (CSUR) 52, 1–34.
[212] Zhang, Y., Deng, R.H., Xu, S., Sun, J., Li, Q., Zheng, D., 2020c.
Attribute-based encryption for cloud computing access control: A
survey. ACM Computing Surveys (CSUR) 53, 1–41.
[213] Zhao, C., Zhao, S., Zhao, M., Chen, Z., Gao, C.Z., Li, H., Tan,
Y.a., 2019. Secure multi-party computation: theory, practice and
applications. Information Sciences 476, 357–372.
[214] Zhao, H., Bai, X., Zheng, S., Wang, L., 2020. Rzcoin: Ethereum-
based decentralized payment with optional privacy service. Entropy
22, 712.
[215] Zheng, Z., Xie, S., Dai, H., Chen, X., Wang, H., 2017. An
overview of blockchain technology: Architecture, consensus, and
future trends, in: 2017 IEEE international congress on big data
(BigData congress), Ieee. pp. 557–564.
[216] Zhong, H., Sang, Y., Zhang, Y., Xi, Z., 2020. Secure multi-party
computation on blockchain: An overview, in: Parallel Architec-
tures, Algorithms and Programming: 10th International Symposium,
PAAP 2019, Guangzhou, China, December 12–14, 2019, Revised
Selected Papers 10, Springer. pp. 452–460.
[217] Zhou, J., Lam, K.Y., 1999. Securing digital signatures for non-
repudiation. Computer Communications 22, 710–716.
[218] Zou, W., Lo, D., Kochhar, P.S., Le, X.B.D., Xia, X., Feng, Y.,
Chen, Z., Xu, B., 2019. Smart contract development: Challenges
and opportunities. IEEE Transactions on Software Engineering 47,
2084–2106.
[219] Zwitter, A., Hazenberg, J., 2020. Decentralized network governance:
blockchain technology and the future of regulation. Frontiers in
Blockchain 3, 12.
[220] Zyskind, G., Nathan, O., Pentland, A., 2015. Enigma: Decentralized
computation platform with guaranteed privacy. arXiv preprint
arXiv:1506.03471 .
Page 25 of 26
 Survey on Ethereum Pseudonymity

Shivani Jamwal is a M.Sc. Research student at the
School of Computing Science, the University of
Glasgow, UK. Prior to her current research de-
gree, she holds a M.Sc. and B.Tech degrees from
the University of Glasgow and Amity University
Dubai in 2018 and 2016 respectively. She has
worked as a Graduate Teaching Assistant at the
University of Glasgow. Her research interests are in
the domain of Information Security, Data Privacy,
GDPR, and Blockchain technology.
José Cano is an Associate Professor in the School
of Computing Science at the University of Glas-
gow, UK, where he leads the Intelligent Computing
Laboratory (gicLAB) and is deputy head of the
Systems research section. His research interests are
in the broad areas of Computer Architecture, Com-
puter Systems, Compilers, Machine Learning and
Security. José received the MS and PhD degrees
in Computer Science from Universitat Politècnica
de València (UPV), Spain, in 2004 and 2012, re-
spectively. He was a postdoctoral researcher at Uni-
versitat Politècnica de Catalunya, Spain, between
2012 and 2013, and at the University of Edinburgh,
UK, between 2014 and 2018. He has authored over
45 refereed publications, and has served as co-
organizer, chair and TPC in numerous conferences
and workshops. He was a member of the IEEE
TPDS Review Board between 2020 and 2021, and
is currently associate editor of ACM TACO. He is
a senior member of IEEE and ACM, and a member
of HiPEAC.
and Networking (2016-2020), IEEE Journal of Se-
lected Areas in Communications, and IEEE Trans-
actions on Machine Learning in Communications
Networking.
Dr. Nguyen Truong is a Lecturer (i.e., Assistant
Professor) at School of Computing Science, the
University of Glasgow, UK. Previously, he was a
Research Associate at Data Science Institute, De-
partment of Computing, Imperial College London,
UK in 2018-2022. He received his Ph.D, MSc,
and BSc degrees from Liverpool John Moores
University, UK, Pohang University of Science and
Technology, Korea, and Hanoi University of Sci-
ence and Technology, Vietnam in 2018, 2013, and
2008, respectively. He was a Software Engineer
at DASAN Networks, a leading company on Net-
working Products and Services in South Korea
in 2012-2015. His research interests are includ-
ing, but are not limited to, Data Privacy, Security,
and Trust, Data Management, Distributed Systems,
Blockchain, and Federated Learning.

Dr. Gyu Myoung Lee received his BS degree from

Hong Ik University and MS, and PhD degrees
from the Korea Advanced Institute of Science and
Technology (KAIST), Korea, in 1999, 2000 and
2007, respectively. He is a Professor at Depart-
ment of Computer Science, Liverpool John Moores
University, UK. He is also with KAIST as an
adjunct professor. His research interests include
Future Networks, IoT, and multimedia services. He
has actively contributed to standardization in ITU-
T as a Rapporteur, oneM2M and IETF. He is chair
of the ITU-T Focus Group on data processing and
management to support IoT and Smart Cities &
Communities.

Nguyen H. Tran is an Associate Professor at the

School of Computer Science, the University of
Sydney. He was an Assistant Professor with De-
partment of Computer Science and Engineering,
Kyung Hee University, from 2012 to 2017. He
received BS and PhD degrees from HCMC Uni-
versity of Technology and Kyung Hee University
in 2005 and 2011, respectively. His research group
has special interests in Distributed compUting, op-
timizAtion, and machine Learning (DUAL group).
He received several best paper awards, including
IEEE ICC 2016 and ACM MSWiM 2019. He
receives the Korea NRF Funding for Basic Sci-
ence and Research 2016-2023, ARC Discovery
Project 2020-2023, and SOAR award 2022-2023.
He serves as an Editor for several journals such
as IEEE Transactions on Green Communications

Jamwal et al.: Preprint submitted to Elsevier Page 26 of 26