BITE: Bitcoin Lightweight Client Privacy using Trusted Execution

Authors: 

Sinisa Matetic, Karl Wüst, Moritz Schneider, and Kari Kostiainen, ETH Zurich; Ghassan Karame, NEC Labs; Srdjan Capkun, ETH Zurich

Abstract: 

Blockchains offer attractive advantages over traditional payments such as the ability to operate without a trusted authority and increased user privacy. However, the verification of blockchain payments requires the user to download and process the entire chain which can be infeasible for resource-constrained devices like mobile phones. To address this problem, most major blockchain systems support so called lightweight clients that outsource most of the computational and storage burden to full blockchain nodes. However, such verification leaks critical information about clients’ transactions, thus defeating user privacy that is often considered one of the main goals of decentralized cryptocurrencies.

In this paper, we propose a new approach to protect the privacy of light clients in Bitcoin. Our main idea is to leverage the trusted execution capabilities of commonly available SGX enclaves. We design and implement a system called BITE where enclaves on full nodes serve privacy-preserving requests from light clients. However, as we will show, naive processing of client requests from within SGX enclaves still leaks client’s addresses and transactions. BITE therefore integrates several private information retrieval and side-channel protection techniques at critical parts of the system. We show that BITE provides significantly improved privacy protection for light clients without compromising the performance of the assisting full nodes.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {235469,
author = {Sinisa Matetic and Karl W{\"u}st and Moritz Schneider and Kari Kostiainen and Ghassan Karame and Srdjan Capkun},
title = {{BITE}: Bitcoin Lightweight Client Privacy using Trusted Execution},
booktitle = {28th {USENIX} Security Symposium ({USENIX} Security 19)},
year = {2019},
isbn = {978-1-939133-06-9},
address = {Santa Clara, CA},
pages = {783--800},
url = {https://www.usenix.org/conference/usenixsecurity19/presentation/matetic},
publisher = {{USENIX} Association},
month = aug,
}