Tutela: An Open-Source Tool for Assessing User-Privacy on Ethereum and Tornado Cash (2201.06811v1)

Abstract: A common misconception among blockchain users is that pseudonymity guarantees privacy. The reality is almost the opposite. Every transaction one makes is recorded on a public ledger and reveals information about one's identity. Mixers, such as Tornado Cash, were developed to preserve privacy through "mixing" transactions with those of others in an anonymity pool, making it harder to link deposits and withdrawals from the pool. Unfortunately, it is still possible to reveal information about those in the anonymity pool if users are not careful. We introduce Tutela, an application built on expert heuristics to report the true anonymity of an Ethereum address. In particular, Tutela has three functionalities: first, it clusters together Ethereum addresses based on interaction history such that for an Ethereum address, we can identify other addresses likely owned by the same entity; second, it shows Ethereum users their potentially compromised transactions; third, Tutela computes the true size of the anonymity pool of each Tornado Cash mixer by excluding potentially compromised transactions. A public implementation of Tutela can be found at https://github.com/TutelaLabs/tutela-app. To use Tutela, visit https://www.tutela.xyz.

• The paper introduces Tutela, a tool that applies heuristic-based clustering using deposit address reuse and learned node embedding techniques to link Ethereum addresses.
• The methodology reveals that Tornado Cash users can face up to a 37% reduction in effective anonymity, highlighting significant privacy vulnerabilities.
• The study offers actionable insights for users to audit their privacy and guides improvements in mixer network security.

Analysis of "Tutela: An Open-Source Tool for Assessing User-Privacy on Ethereum and Tornado Cash"

The paper introduces "Tutela," a tool developed to provide insights into the privacy dynamics of Ethereum addresses, especially in relation to users of the Tornado Cash tumbler. At its core, Tutela applies a suite of expert heuristics to assess the degree of anonymity provided by Tornado Cash, as well as the broader privacy implications arising from the reuse of Ethereum addresses outside of the tumbler. The authors argue that while Tumblers attempt to obfuscate transaction histories, careless use can still lead to de-anonymization, and Tutela aims to quantify this risk.

The paper outlines several key functionalities of Tutela:

1. Address Clustering: Tutela can determine associations between Ethereum addresses based on transaction histories, which are then presented as clusters of addresses that likely belong to the same entity.
2. Anonymity Auditing: The application reveals potentially compromised transactions for Tornado Cash users and assesses the effective size of each pool's anonymity set after accounting for these compromises.

In doing so, Tutela underscores several significant claims and findings:

• Heuristic-Based Clustering: By implementing two heuristic methods—Deposit Address Reuse (DAR) and a learned node embedding approach (NODE)—the authors identify clusters of addresses likely controlled by the same user. The DAR technique exploits deposit address reuse patterns to link Ethereum addresses, whereas NODE relies on advanced machine learning techniques to generate graph-based similarity embeddings. These processes individually and jointly affirm that address clustering is achievable with tolerable certainty, delivering a substantial recall for clustering known Ethereum addresses.
• Effective Anonymity Sets: For Tornado Cash users, five primary heuristic methods are proposed to detect compromised transactions. Methods such as "Address Match" and "Unique Gas Price" provide fundamental indicators of transaction links, whereas more sophisticated approaches like "Linked ETH Addresses" and "TORN Mining" evaluate additional transaction relationships. The paper documents that substantial anonymity loss can occur, reducing Tornado Cash pools’ effective anonymity sets by an average factor of 37%. While useful for enhancing user privacy assessments, these heuristics simultaneously expose vulnerabilities in the apparent security of Tornado Cash's infrastructure.

The practical implications of Tutela are multi-faceted. Ethereum users can leverage this tool to self-audit their privacy levels, rectify leakages through mixers, and understand the extent of identity extrapolation possible from their blockchain interactions. Moreover, by publicizing methodologies to assess compromised anonymity directly, the research inadvertently provides mixer services like Tornado Cash with valuable feedback to improve their network privacy guarantees.

The paper makes strong cases for future extension into non-Ethereum and off-chain data, which could add layers of complexity that enable further evaluation of anonymity beyond what is achievable with transaction data alone. Even as the current system has highlighted certain limitations relating to heuristic precision and computational resource requirements, its foundational architecture sparks discussions on broader privacy considerations across blockchain ecosystems.

In conclusion, "Tutela: An Open-Source Tool for Assessing User-Privacy on Ethereum and Tornado Cash" elucidates critical features of transaction privacy, successfully employing a blend of heuristic and analytic techniques to bring transparency to privacy postures on Ethereum. The insights and mechanisms described hold promise for ongoing blockchain privacy research and operational enhancements, underlining the necessity for continual adjustments to maintain user privacy in increasingly complex and public digital financial landscapes.