Communications of the ACM

Cryptocurrencies, Blockchains,
and Smart Contracts
By Arvind Narayanan
and Andrew Miller

Research into cryptocurrencies has a decades-long pedigree in academia, but decentralized cryptocurrencies (starting with Bitcoin in 2009) have taken the world by storm. Aside from being a payment mechanism “native to the Internet,” the underlying blockchain technology is touted as a way to store and transact everything from property records to certificates for art and jewelry. Much of this innovation happens in the broader hobbyist and entrepreneurial communities (with increasing interest from established industry players); Bitcoin itself came from outside academia. Researchers, however, have embraced cryptocurrencies with gusto and have contributed important insights.

Here we have selected three prominent areas of inquiry from this young field. Our selections of research papers within each area focus on relevance to practitioners and avoid such areas as scalability that are of interest primarily to cryptocurrency designers. Overall, the research not only exposes important limitations and pitfalls of the technology, but also suggests ways to overcome them.

Anonymity, Privacy,
and Confidentiality

Meiklejohn, S. et al.

A fistful of Bitcoins: Characterizing payments among men with no names. In Proceedings of the Internet Measurement Conference, 2012,

127–140. https://www.usenix.org/system/files/ login/articles/03_meiklejohn-online.pdf.

Bitcoin exists in a state of tension be-
tween anonymity (in the sense that real
identities are not required to use the sys-
tem) and traceability (in that all transac-
tions are recorded on the blockchain,
which is a public, immutable, and
global ledger). In practice, the privacy
of vanilla Bitcoin comes from obscurity:
users may create as many addresses as
they like and shuffle their coins around,
Anonymity in cryptocurrencies is a
matter of not just personal privacy, but
also confidentiality for enterprises. Giv-
en advanced transaction graph analysis
techniques, without precautions, the
blockchain could easily reveal cash flow
and other financial details.

Sasson, E.B. et al.

Zerocash: Decentralized anonymous payments from Bitcoin. In Proceedings of the IEEE Symposium on Security and Privacy, 2014. http://zerocash-project.org/media/pdf/ zerocash-extended-20140518.pdf.

There are many different proposals for improving the privacy of cryptocurrencies. These range from Bitcoin-compatible methods of “mixing” (or “joining”) coins with each other, to designs for entirely new cryptocurrency protocols that build in privacy from the beginning. Perhaps the most radical proposal is Zerocash, an alternative cryptocurrency design that uses cut-ting-edge cryptography to hide all information from the blockchain except for the existence of transactions; each transaction is accompanied by a cryptographic, publicly verifiable proof of its own validity. Roughly, the proof ensures that the amount being spent is no more than the amount available to spend from that address. The paper is long and intricate, and the underlying mathematical assumptions are fairly new by cryptographic standards. But this fact itself is food for thought: to what extent does the security of a cryptocurrency depend on the ability to comprehend its workings?

Endpoint Security

The Achilles’ heel of cryptocurrencies has been the security of endpoints, or the devices that store the private keys that control one’s coins. The cryptocurrency ecosystem has been plagued by thefts and losses resulting from lost devices, corrupted hard drives, malware, and targeted intrusions. Unlike fiat currencies, cryptocurrency theft is instantaneous, irreversible, and typically anonymous.