How to Anonymize Ethereum
By Rachel-Rose O'Leary, Stellar Magnet
Ethereum is the most popular blockchain with smart contract functionality and has attracted a lot of users new to cryptocurrency due to the rise in popularity of NFTs. One thing new users might not understand is that Ethereum doesn't provide privacy features up front and that transacting on Web3, if you aren’t using privacy add-ons or specialized blockchains, is actually much less private than one is accustomed to when transacting on Web2, wherein only your bank and service providers know details of your financial transactions.
This guide exists to educate people on the transparency of Ethereum and to provide instructions on tools that can be used to achieve better anonymity on Ethereum.
Primer on Ethereum's Transparency
If you decide to mint an NFT and someone subsequently puchases the NFT from you, it's possible for anyone to now observe what you do with the ETH (or ERC-20 token) that you receive. For example, if you navigate to a profile on Foundation such as:
You can copy the Ethereum address,
0x0E5E9eC9DeDfbbD1cf97318a30831b008bd295C1 and then navigate to Ethereum's most popular block explorer, Etherscan, and paste in the address in the search bar. This will return this URL:
Now we are able to see how Gael Corboz has been spending cryptocurrency associated with their Foundation address. This behavior isn't limited to only Foundation, it's possible to determine the Ethereum address of anyone selling NFTs on OpenSea, Zora, Rarible, etc.
Being anonymous on Ethereum
In this guide, you can learn how to anonymize Ethereum using two different possible apps: zk.money and Tornado Cash. Both of these apps use zero-knowledge proof cryptography to anonymize your Ethereum. These types of apps are called mixers because they achieve privacy by pooling money into a common smart contract. Whenever you use one of these protocols to transfer ETH, the address showing up in the block explorer sending the ETH will be the zk.money or Tornado Cash smart contract, as opposed to your personal Ethereum address.
In the case of zk.money, wherein the app allows you to transact in variable amounts of ETH, how much money you are depositing into the pool, and how much you then withdraw from it, can potentially de-anonymize you.
For example, if you decide to deposit 12.454 ETH into zk.money and then you withdraw exactly that same amount of shielded ETH to another address, it is easy to de-anonymize yourself and have the transactions linked (if someone is looking closely at the smart contract, they can link the addresses together by matching the ETH deposit and withdrawal amounts as it may be very unlikely that another person besides you has transacted in that same amount of ETH).
To bypass this potential breach in privacy when you are sending ETH on zk.money, the app will provide an estimated size of the anonymity set for the transaction amount you'd like to send. You can play around with the number until you see something you're comfortable with.
Tornado Cash controls this more at the app level, only allowing specific denominations of ETH to be sent (0.1 ETH, 1 ETH, 10 ETH).
Whether you decide to use zk.money or Tornado Cash, you will need to start off by creating a fresh Ethereum address.