I’m currently performing a security and privacy review of the not-yet-open source code of DarkSend+, the privacy technology implemented in the Darkcoin crypto-currency. This effort has been crowd-funded by the generous Darkcoin community.
In the coming weeks, I will be releasing information pertaining to this review. I’m kicking the process off with a diagram, explaining in broad terms how DarkSend+ works, aimed at those not already familiar with the technology.
DarkSend+, an iterative improvement on Darkcoin’s previous DarkSend technology, is a CoinJoin-based technology that allows Darkcoin users to mix funds with each other. This functionality is built directly into the reference Darkcoin wallet software. CoinJoin takes advantage of the fact that Bitcoin transactions are not limited to a single sender or receiver; in fact, DarkSend+ transactions often involve two or more senders. Previous CoinJoin implementations have been limited in that they require senders to meet at the same place and time on the Internet at the moment they are prepared to send other users money. DarkSend+ skirts around this limitation by mixing funds passively, according to user-specified parameters, in the background; when the user is ready to send anonymized funds to his recipient, the funds have long since been mixed and no further work is required. This approach provides Darkcoin clients a marketplace of funds to mix with at everyone’s leisure, rather than desperately seeking out (and waiting for) other willing and compatible clients at the last moment.
Users can select how many rounds of DarkSend they want their funds to go through in order to be considered “anonymized.” The more rounds, the more privacy the user will have, but more rounds will also expend more transaction fees and time. The user will also instruct the client about how much of their funds they wish to be anonymized. The Darkcoin wallet keeps track of how many rounds of DarkSend funds have gone through in order to meet the user’s standard, and will not allow the user to do an “anonymous” send before that qualification has been met.
The diagram below shows the flow of my funds (indicated in blue) as they go from a Darkcoin testnet faucet payout of 1000 DRK through a single round of DarkSend+ for 100 of those DRK. By the end, those DarkSent coins will be mixed with other users’ (indicated in red). Before that begins, there’s a “splitting” phase that takes place in which the 1000 DRK is broken down into smaller chunks more suitable for the denominations that are compatible with the DarkSend process.