SwapCT: Swap Confidential Transactions for Privacy-Preserving Multi-Token Exchanges

Authors: Felix Engelmann (Aarhus University, Denmark), Lukas Müller (Ulm University, Germany), Andreas Peter (University of Twente, The Netherlands), Frank Kargl (Ulm University, Germany), Christoph Bösch (Ulm University, Germany)

Volume: 2021
Issue: 4
Pages: 270–290
DOI: https://doi.org/10.2478/popets-2021-0070

artifact

Download PDF

Abstract: Decentralized token exchanges allow for secure trading of tokens without a trusted third party. However, decentralization is mostly achieved at the expense of transaction privacy. For a fair exchange, transactions must remain private to hide the participants and volumes while maintaining the possibility for noninteractive execution of trades. In this paper we present a swap confidential transaction system (SwapCT) which is related to ring confidential transactions (e.g. used in Monero) but supports multiple token types to trade among and enables secure, partial transactions for noninteractive swaps. We prove that SwapCT is secure in a strict, formal model and present its efficient performance in a prototype implementation with logarithmic signature sizes for large anonymity sets. For our construction we design an aggregatable signature scheme which might be of independent interest. Our SwapCT system thereby enables a secure and private exchange for tokens without a trusted third party.

Keywords: atomic swap, exchange, typed tokens

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution-NonCommercial-NoDerivs license.