Understand the Dandelion Bitcoin privacy project

The Dandelion privacy project is a BIP that is based on an idea that has been under public discussion since June 2017. It was submitted as a BIP in May 2018 and since then it has gathered a lot of attention from the Bitcoin community.

The purpose of Dandelion is to obscure the IP source for a Bitcoin transaction. As you know, the P2P Bitcoin client will broadcast the signed transaction to its nearest peers. These peers are able to see the source IP, which makes it possible for them to know where a Bitcoin transaction stemmed from. Eavesdroppers can thus spread random nodes around the Internet, listening for inbound transactions while recording source IPs for these transactions.

A Dandelion is a flower where its petals have a straight stem and then they suddenly widen up into a fluffy chaotic structure that resembles cotton. This is the exact analogy behind the Dandelion BIP: initially a transaction will not be broadcast to several peers, but to a single peer which will relay the transaction to a single next hop and so on, until enough single hops have been made to obscure the initial source of the TX. At this point the transaction is then broadcast to the general network just as it is today.

By sending the initial transaction to exactly one peer, the probability that it will reach one of the eavesdroppers is reduced greatly. By forwarding the initial transaction to one single next hope for a few iterations, the idea is to make it look like the transaction came from the node before, since there will be no distinction between a transaction originated from one node to a transaction forwarded by that node.

The idea for Dandelion came from 3 researchers at the Univestity of Illinois at Urbana-Champaign and was published on a peer reviewed paper dated early 2017.

There are legal concerns about the Dandelion scheme. In some jurisdictions it does not matter whether a host did not originate a transaction, if its purpose is illegal then authorities can go after the last hop seen and accuse them of originating the transaction. It would then shift the responsibility of not forwarding unknown transactions to individual nodes who, because of this kind of legal implication, could start to refuse to run Dandelion-enabled nodes. It is worthy of note that this risk exists with broadcast transactions as well. The difference being that Dandelion would single out one hop for scrutiny, rather than a group of nodes.

Technical concerns have also been raised. For instance, what if the one of the initial stem phase nodes drop out of the network just as a transaction was received? In the broadcast model, several nodes receive the initial transaction, making it less likely that the data is lost. But in a Dandelion transaction, there is a stream of single nodes in the path before the transaction is broadcast. If any of these nodes drop the transactions, it is lost for good until the client times out and retransmits.

Comments and ideas may be sent to the Univestity of Illinois at Urbana-Champaign team who are actively researching and developing Dandelion. You may contact them via these email addresses:

  • Giulia Fanti <gfanti at andrew.cmu.edu>
  • Andrew Miller <soc1024 at illinois.edu>
  • Surya Bakshi <sbakshi3 at illinois.edu>
  • Shaileshh Bojja Venkatakrishnan <bjjvnkt2 at illinois.edu>
  • Pramod Viswanath <pramodv at illinois.edu>

Dandelion is part of the community efforts to increase privacy in Bitcoin. There is a tendency in the community to embrace ideas related to privacy since Bitcoin users want better protection for their transactions. Concerns about revealing the source wallet balance, source IP’s for transactions among others are top priority for Bitcoin users.


Dandelion BIP

BIP 0156 at Bitcoin Wiki

Bitcoin Privacy

Dandelion privacy protocol