Dandelion: anonymity from the roots

It is often said that Bitcoin is anonymous. In many cases this is not the case, as we explained earlier. While there are a lot of privacy developments around the application protocol, this is less the case with the network protocol. Recently, a method was presented at Building on Bitcoin that is supposed to promote privacy at the protocol layer; Dandelion.


The peer-to-peer layer of Bitcoin ensures that all information, such as transaction and blocks, is sent to all nodes. This is done in such a structural way that the route of the data could be traced. In addition, a so-called “sybil attack” can be carried out to trace transactions. In such an attack, one party has a large number of nodes within the network, so there is a good chance that a node belonging to a wallet that sends a transaction communicates directly with a node of the sybil attacker. This allows information, such as an IP address, to be collected directly from the sender of the transaction. Dandelion does not completely prevent such a “sybil attack”, but it does reduce the chance of tracing the original node.


Dandelion, as the name suggests, looks a bit like a faded dandelion. There is a stem with seeds on top, which can be carried in any direction by the wind. Bitcoin is currently using “diffusion”, the spreading phase. Diffusion is the direct distribution of a transaction to all known nodes. This is just like the seeds of the dandelion that are blown in all directions by the wind. Dandelion adds an extra method before this stage. This new method is called the “strain phase”.

In this new phase, a node first chooses one Dandelion node from its own list of known nodes. This is the only node to which the transaction is sent. The receiving node then has a 90% chance of continuing the tribe and forwarding the transaction to another Dandelion node of its own choosing. When a receiving node decides not to continue the trunk in 10% of the cases, so on average after ten trunk steps, it will switch to the usual diffusion. For example, all other known nodes will not know who the original sender of the transaction is, as it has already been forwarded by an unknown number of other nodes.

It is not necessary that everyone cooperates with the Dandelion protocol. When a transaction arrives at a normal node, the stem phase will immediately go into diffusion. The more Dandelion nodes there are, the more effective the continuation of the stem phase becomes.

To prevent that the route of the tribe is always the same, and that routes can still be traced, the chosen Dandelion node is regularly changed. Because this applies to every Dandelion node, different routes are used for forwarding the transaction.


Because the bitcoin peer-to-peer layer has poor privacy protection, this simple application can still promote privacy. Possible de-anonymization attacks on a large scale can be prevented in this way. However, it is not a replacement for Tor, which keeps transaction broadcasting more discreet and more effective.

An initial design by Dandelion can be found on GitHub, which also has an implementation for Bitcoin.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2024 Cryptocoin Budisma.net