Highlighting poor anonymity and security practice in the blockchain of Bitcoin

ABSTRACTWe highlight how Bitcoin addresses are reused in transactions (implicitly or explicitly), despite recommendations and best practice strongly advise to avoid this. We analyse the blockchain with the purpose to find and count highly reused Bitcoin addresses, starting from the birth of the protocol in 2009. In this study we also include hidden addresses: these addresses are not the explicit endpoints of a transaction, but they are somehow contained in it (e.g., in the script of a Pay to Script Hash transaction). Finally, we try to de-anonymise the top-100 reused addresses, grouping and linking them to their wallet owner. This work shows that such a misuse in reusing the address often corresponds to malicious activities in the bitcoin ecosystem. These results push towards a mandatory single usage, which mitigates dangerous consequences.