A Survey on Privacy Vulnerabilities in Permissionless Blockchains

Blockchain decentralization not only ensures transparency of transactions to eliminate need of trusting third party, but also makes the transactions of the network to be publicly accessible to all the participating peers in the network. As a result, data anonymity and confidentiality are compromised making several business enterprises and industrialists hesitant to adopt the technology. Although research community has proposed various privacy-preserving solutions for blockchain, however, they still lack in efficiency resulting in distrust of industries in opting for the technology. This study is conducted for contributing to the existing body of knowledge corresponding to privacy in blockchains. The fundamental goal of this study is to delve into privacy vulnerabilities of the blockchain network in a permissionless setting by identifying non-trivial roots of factors causing privacy breach in blockchain and presenting limitation of existing privacy preserving mechanisms. Studies with superficial comparison of privacy preserving techniques are available in literature but a detailed and in-depth analysis of their limitations and causes of privacy breach in blockchain is yet not done. Therefore, in this paper we first present comprehensive analysis of various privacy breaching factors of the blockchain networks. Next, we discuss existing cryptographic and noncryptographic solutions in literature. We found out that these existing privacy preserving mechanisms have their own set of limitations and hence are inefficient at current point of time. The existing privacy preserving mechanisms need further consideration of the research community before they’re widely adopted and benchmarked. Therefore, in the end, we identified some future directions that need to be addressed to model an efficient privacy preserving mechanism for wider adoption of the blockchain technology. Keywords—Blockchains; privacy vulnerabilities; cryptographic primitives; anonymity; confidentiality


I. INTRODUCTION
The Blockchain technology is one of the most promising technological trends in the world today. It is a horizontal innovation that has the potential to impact every area of human endeavor [1]. The first application of Blockchains, widely known as Bitcoin, was introduced around a decade ago in October 2008 by S. Nakamoto [2]. Succeeding it, various other cryptocurrencies have been introduced [3] [4] [5] [6]. Initially introduced for the financial transactions of the cryptocurrency, the blockchain technology gradually spread to other sectors as well due to its inherent features. Over the years, the technology has been profusely researched and experimented to bring its benefits to other application areas. The technology has eliminated the need of trusting third parties (i.e., banks) for authorization and record keeping of several transactions by providing transparency [7] and tamper resistance [8]. Transparency in Blockchain networks ensure the availability of the transactions to each node in a distributed network, whereas tamper-resistance makes each recorded transaction to be unmodifiable [9] or removable. Over the years, the technology has been profusely researched and experimented to bring its benefits to other application areas [10]. It is because of the decentralized, immutable and transparent nature of blockchain, that its applications have also been witnessed in non-financial areas like education, internet of things IoT, healthcare, big data, cloud computing, supply chain management, cyber security and so on. The blockchain ledger is written on a base and shared among the participating nodes for verification. This enables even the mutually distrusting nodes verify the data through consensus to achieve consistency and maintain the integrity of the blockchain network. Therefore, despite the fact that blockchain provides greater efficiency, reduced capital costs and greater data protection, it is still vulnerable to privacy issues. The data on the blockchain must be public because different nodes need to calculate and verify the same data so it must be accessible across the network. The transparency and credibility of the data is increased due to public availability of the data, however, it introduces the risk of privacy too as business enterprises and industrial organizations are not willing to make any business details public for adversaries to infer the personal information and extort the clients [11]. It is possible to set access control on the network using permissioned blockchains [12], however, the use of this type of blockchain makes the system more centralized and nullifies the purpose of using decentralized system, altogether. With the recent advancements in blockchain research and the eagerness of industries towards blockchain adoption makes privacy one of the key issues that need to be solved. The research in this paper has been carried out to highlight the issue of privacy in blockchain and the reasons behind it. This will help future researchers to solve the existing issues to get a better privacy protection in blockchain networks for a much wider adoption of this breakthrough technology.

A. Gap Analysis and Contribution
According to the best of our knowledge, various studies [13] [14] [15] have highlighted the importance of privacy preservation in blockchain networks. Although these studies have contrasted existing mechanisms of ensuring privacy, however, they lack comprehensive insight towards possible www.ijacsa.thesai.org factors resulting in privacy disclosure. The study in the paper, therefore, presents comprehensive discussion on root causes of privacy breach in a blockchain network. Based on existing body of knowledge in the domain, we have managed to deduce some meaningful insights that will help research community to design more private blockchain networks. This research study is a multifold: i) describes blockchain technology and its benefits over traditional transaction systems, ii) elaborates the concept and need of privacy in relation to blockchain networks, iii) discusses privacy threats to blockchain and deduces the causes of privacy breach with respect to these threats, iv) discusses existing privacy solution and their limitations, v) suggests future directions to overcome privacy vulnerabilities in blockchain.

B. Organization of the Paper
The organization of the paper is as follows: Section II gives an overview of blockchain and its working mechanism followed by Section III that describes the issue of privacy in various settings of blockchain networks. Section IV discusses various factors causing privacy breach in blockchains. Further, Section V elucidates the existing privacy preserving mechanisms in blockchains and their limitations. Discussion and proposed future directions are presented in Section VI and Section VII concludes the study.

II. INTRODUCTION TO BLOCKCHAIN TECHNOLOGY
In 1991, S. Haber and W. S. Stornetta introduced the concept of a cryptographically secured network of blocks [16]. This concept was adopted by Nick Szabo as he worked upon and introduced decentralized digital currency called Bitgold. A decade later, in 2008, the concept was brought into practical implementation by S. Nakomoto [17] in the form of a cryptocurrency that is widely known is Bitcoin. It was since 2008, that the blockchain has been used to implement different cryptocurrencies. Additionally, due to the decentralized, immutable and transparent nature of blockchain, its applications have also been witnessed in non-financial areas like education [18] [19], internet of things IoT [20] [21], healthcare [8] [22] [23], big data, cloud computing, supply chain management [24] [25], cyber security and so on.
Since blockchain networks are distributed, hence the record of transactions is not stored on a single centralized server instead in a case a transaction occurs in the blockchain, it is distributed among all participating nodes where each node maintains a copy of the ledger [26]. This means that there exists thousands and millions of copies of the same blockchain where each node has access to the transaction details. Spreading the information across the network to multiple computers makes the information difficult to be manipulated hence providing transaction record integrity. Fig. 1 depicts the working mechanism of a blockchain network. A user A initiates the transaction that meant for a user B. This transaction is stored on a block and hence the block is created. Once the block has been created it is broadcasted to all participating nodes, also referred as peers, for verification of the transaction. If the transaction is validated by majority of the network, the newly created block is added to the existing chain and a copy of the updated ledger is maintained at each peer for record keeping. This completes a typical blockchain transaction from user A to user B. The authenticity of transactions in a blockchain network is validated via asymmetric cryptography, also widely known as public key cryptography. It is one of the core components of blockchain technology [27]. More information on the types of cryptography can be found in [28] and is not discussed in detail as it is beyond the scope of this paper.

III. PRIVACY VULNERABILITY IN BLOCKCHAIN
The blockchain networks are fundamentally transparent and distributed in nature, due to which they are widely being adopted and experimented. However, this means that all the data on a blockchain network is readily available for anyone on the network to view, causing privacy breach.
Blockchain networks can broadly be classified into two categories i.e. permissioned and permissionless blockchains. In a permissionless blockchain, a user requires no permission to enter the network. These kind of blockchains are open for anyone to join and participate. These systems have gained the attention of research community due to their decentralized consensus system [29]. On the other hand, special permissions are required in order to join a permissioned blockchain network. In a permissioned blockchain, the owner has the authority to decide who can join and become a part of the network. This means the blockchain owner has the ability and control to dictate the structure of the network, issue updates of the software, and control whatever operation and process occurs on that blockchain network. (IJACSA) International Journal of Advanced Computer Science and Applications, Vol. 11, No. 9, 2020 132 | P a g e www.ijacsa.thesai.org Private and public blockchains can have either permissioned or permissionless setting. This is illustrated in Fig. 2. Public and Permissionless allow anyone to join, read, write and commit to the transactions in the network. This means, all our data, be it personal or not, will be accessible by anyone in the network. This is where the issue of privacy arises. Moreover, in public and permissioned blockchains anyone can join and read the transactions, however only authorized users can write or commit. This improves trust in the blockchain but still doesn't guarantee the privacy of our assets. Similar is the case in Private and Permissionless blockchains. Lastly, in private and permissioned blockchains, although all users are known to the authorities, but this still doesn't guarantee the privacy of the data being transacted. So whatever type of blockchain it is, it does require privacy guarantee.

IV. CAUSES OF PRIVACY BREACH IN BLOCKCHAIN
Blockchains provide efficiency, reduced costs, transparency and trust but is still prone to privacy breach. For wider adoption, the privacy of blockchain networks must be strengthened. This section covers several causes resulting in privacy disclosure in blockchain networks.

A. Anonymization Inefficiency
In blockchain networks, anonymization refers to hiding the identity of the user. Anonymity is achieved when:  Public address of the user cannot be mapped to his real identity.
 Blockchain transactions do not contain any personal identifiable information (PII).
Despite of blockchain claims of anonymity, it does not provide enough privacy. Several techniques are available in literature through which the anonymity of a blockchain network can be broken to identify the actual participants involved in a certain transaction. The phenomenon of disclosing user anonymity is known as deanonymization. In deanonymization, analysis of the network and network listening can help identify the blockchain user by unmasking him [13]. Further elaboration on deanonymizing blockchain users is presented in following subsections. Note that since cryptocurrencies are the first and widest applications of blockchain networks, hence the discussion carried out in following few sections will mainly focus cryptocurrencies to understand privacy mechanism and vulnerable areas of the technology. The same idea can further be applied to different applications.

1) Deanonymizing via network analysis:
Each successful transaction in blockchain is added to transaction network where every node represents a transaction, and every (directed) edge represents a flow of data from an output of one transaction to an input of another. Analyzing the network relationships can be used to deanonymize a user's identity, thereby compromising the privacy. Since blockchain is a P2P network, hence IP address of nodes can be leaked [13] while transaction broadcasting.
2) Deanonymizing via address clustering: It is possible for transaction contents, transactions relationship with other transactions and the way transaction is broadcasted, to unintentionally leak information about the parties involved in the transaction to interested third parties. It is in fact noticed that various interested third parties systematically gather this kind of information to analyze various user patterns for multiple reasons including market research, competitor analysis, compliance and law enforcement. This analysis can (though not easily) be carried out using address clustering. The idea is to partition the set of addresses involved in a transaction to as many numbers of subsets as possible. Each subset, known as address cluster, most likely corresponds to the same entity. By combining address clusters with address tagging and graph analysis [30], the activity in blockchain can be effectively analyzed.
3) Deanonymizing via transaction fingerprinting: Another threat to anonymity is transaction fingerprinting. Androulaki investigated Bitcoin privacy provisions in a university setting. A simulator to mimic Bitcoin system was used and the results depicted that about 40% of the users' identities can be recovered despite of using Bitcoin's privacy measures [31]. Table I shows various deanonymization attacks on blockchain based cryptocurrencies.

B. Transaction Pattern Linkability
Transaction information following through the public network can be used to reach out to statistical distributions on Cryptocurrencies revealing some new regulation within blockchain applications [13].
1) Threat of transaction graph analysis: M. Moser et al. [32] developed a framework based on transaction graph analysis to deanonymize the identities of users from publicly available transaction information in Bitcoin. Monero was taken as test case in the study and was empirically evaluated. Mix-ins used in Monero resulted in about 62% of the www.ijacsa.thesai.org transactions being unshielded to chain reaction i.e. deducing the actual input by elimination method. Moreover, The sampling of mix-ins in Monero is done in such a way that it gets easier to distinguish them from the real coins using their age distribution; in short, the real input is usually the -newest‖ input.
The authors estimated this phenomenon to guess the real input with around 80% accuracy. Further, each transaction in cryptocurrencies have some number of inputs and outputs that consume and create new coins respectively to conserve the total balance. Each input spends the new coins created in prior transaction and hence a transaction graph is formed. The public nature of blockchain data poses a potential privacy hazard to users. Since each transaction is publicly broadcast and widely replicated, any potentially identifying information can be determined for even years after a transaction is committed. The study depicted that a huge amount of data in Monero is traceable.
In another study [37] the authors focused on the typical behavior of users, the way they acquire spend their bitcoins, the balance of bitcoins they keep in their accounts, the way they move bitcoins between their various accounts in order to better protect their privacy. In addition, the research study isolated all the large transactions in the system, and discovered close relation of all these transactions to a single large transaction that took place in November 2010, even though the associated users apparently tried to hide this fact with many strange looking long chains and fork-merge structures in the transaction graph. Similarly, another study was carried out to test transaction linkability with the test case being Monero, again. In this study, three attack routines were developed to test against Monero's privacy guarantee. The results of the study depicted in 88% of the cases it was easy to determine the origin of funds transferred.
2) Web payment: When a user makes a payment through web or online wallets, the consumer identity is prone to be linked to his real identity via browser cookies. When the user pays with a cryptocurrency, the service provider can link the real identity to the token history in the blockchain which also states that the attack is resilient against mixing mechanisms like CoinJoin [14].
In [38], two attacks are presented. The first attack shows that web trackers can extract substantial amount of information for advertising and analytics purposes when the user makes purchases on shopping websites. This information is enough to identify the blockchain transaction uniquely for linking it with the web cookies of the user to further reveal user's identity. The second attack depicts that by linking even two purchases of the same user, the web tracker can identify his cluster of addresses even if anonymity techniques of blockchain such as CoinJoin are deployed. Moreover, it is possible to apply the attacks to past purchases as well. Thus, in the study, it is shown that third party web trackers have the ability of deanonymizing the cryptocurrency users.
A summary of studies carried out under this kind of privacy threats is given in Table II.

C. Crisis of Private Key Theft
Private keys in a blockchain network are very critical to ensure the security and privacy of the user because these keys are used for signing each transaction in the network. Participant's assets are controlled through private key in the blockchain systems. Hence, it is very important that proper key management systems [39] are enforced. If compromised, it can not only lead to privacy leakage but may also result in identity theft.
Although, private key allows a user to have sovereignty over his assets, however it comes under the responsibility of securing and managing one's own private keys. Currently, there are no efficient mechanisms for recovery of the keys in a case of loss. Table III summarizes some of private key theft incidences compromising the security and privacy in blockchain systems. Blockchain technology has two categories when it comes to preserving privacy. The first category involves protecting the identity of the user by assigning him complete anonymity while making transactions. The second category involves protecting the transaction data from unauthorized entities and hackers thus maintaining data confidentiality. The classification of various privacy preserving techniques surveyed in the literatures are depicted in Fig. 3 and detailed in the subsequent section. The classification is done based on which technique contributes towards achieving what kind of privacy in blockchains.
The privacy preserving frameworks, reviewed in literature can broadly be classified into two categories, i.e.:  Mixing Methods: Mixing methods or services are used to retain the transaction data privacy of the blockchain networks.
 Cryptographic Primitives: Cryptographic primitives are mathematical functions that are used in cryptography to verify data authenticity.

A. Privacy Vulnerability in Mixing Services
Link between sender and receiver in a blockchain network can be known by analyzing the publicly available content. Introduction to mixers provides a solution to the stated problem. The concept of mixing service was first presented in [41] by Chaum. It allows users to hide who a participant communicates with as well as the content of the communication.
In Fig. 4, the basic architecture of a mixer is depicted. There are two types of mixing services, i.e., centralized mixing and decentralized mixing. Both concepts are elaborated: 1) Centralized mixing: Multiple mixing websites are available for use. These offer mixing of the transactions anonymously on exchange of mixing fees. The websites swap the transactions among various users so that the relationship between incoming and outgoing transactions can be hidden. Centralized mixing suffers from various limitations (discussed in section 3.3) including the mixing server being prone to denial of service (DOS) attacks as the server remains a single point of failure. Resultantly, it becomes an obstruction of the distributed blockchain network 2) Decentralized mixing: Decentralized mixing overcomes the limitations of centralized mixing which makes it vulnerable to DOS attack. A decentralized mixing pattern is proposed to enable a set of mutually untrusted peers to publish their messages simultaneously and anonymously without the need of a third-party anonymity proxy. Moreover, decentralized mixing eliminates the need of paying mixing fees. CoinJoin [42] and MultiParty [43] Computation are only two methods in literature that has successfully implemented decentralized mixing services.
3) Critical analysis of mixing services: Although mixing services can provide a substantial amount of identity privacy, however, it has its own set of concerns which shall be taken into account before opting out for such a privacy preserving mechanism. These issues are discussed below: a) Waiting delay: In order to use mixing services, user must wait for other participants to swap their transactions in order to hide and relationships between a transaction inputs and outputs. This incurs high waiting delay for a transaction to be completed. b) Third party involvement: Since mixing servers are usually websites or other third-party software, hence they're not an appropriate solution to the privacy vulnerability of blockchain networks. c) Malicious mixing services: Although mixing services hide the relationship between a user's transaction's input and output from an adversary, however, the server itself knows about all the input-output pairs and hence, the privacy in this scenario solely relies on how honest the intermediary is and becomes prone to breaches. d) Mixing fees: Mixing services usually incur cost of hiding the identities of the users via mixing.

B. Privacy Vulnerability in Cryptographic Primitives
There are two categories of cryptographic algorithms when it comes to blockchain networks. The first ones are primary, which are important for data transaction and communication in blockchain networks, the second ones are optional which are used for preserving and enhancing user and transaction data privacy [44] in blockchain networks.  In permissionless blockchain networks, any peer is able to join the network as participant at any point in time. No centralized authority manages or supervises that who joins the network or who should be banned from the network in permissionless scenario. This results in the content of the blockchain to be readable by any peer in the network. However, using optional cryptographic primitives, a permissionless blockchain network can be designed in such a way that privacy of the network in enhanced and each peer gets only relevant information [44]. Currently, the most widely used technologies to achieve blockchain privacy are ring signatures and zero-knowledge proofs.
1) Ring signature: In cryptography various kinds signatures, such as blind signature, ring signature, group signature and DC-nets, from which only ring signature and its variants are used to achieve anonymity in blockchains [44].
Ring signature was introduced in 2001 by Rivest et al. [45]. The concept behind ring signature is that a user chooses a set of participants to create a ring, including himself. Each participant in the ring has a public key. The user initiating the ring signs the message with his/her private key and public keys of all participants. Verifying node knows that one of the members signed the message but can't tell who actually signed it. Hence, anonymity is achieved.
The working mechanism of ring signature is illustrated in Fig. 5. The signature is analogous to the signature for a cheque in joint bank account where all participants sign the transaction with their public keys along with the originator's private key. After each participant of the ring has signed the transaction, it goes further for validation and verification. Two basic advantages provided by ring signatures include unforgeability and anonymity [46]. Anonymity can further be sub divided into two properties i.e. unlikability and untraceability [44]. Unlinkability refers to the verifier not being able to decide the link between two transactions whereas untraceability refers to the signer not being identified. These properties have led to development of several ring based privacy preserving protocols [47] [48] [49] [50] [51] which are widely used blockchain networks.
A signature scheme known as linkable spontaneous anonymous group (LSAG) was proposed in 2004 [47]. It is a variant of linkable ring signature in which groups are formed spontaneously without any group manager. The concept of ring signature was extended in [48] into traceable ring signature where an issue related tag was added to the signature. This idea was further adopted in [49] for the design on Ring-Coin with improved efficiency. In this case, anyone in the ring, pretending to be another person to sign the same message, would face the risk of revealing his/her identity immediately. This idea was further adopted for preventing double-spending attack in blockchain and became the basis of CryptoNote [50] with a slight modification.
Furthermore, a concept of confidential transaction, using homomorphic commitment protocol, was proposed [51] for hiding transaction amounts. Later, three techniques i.e. ring signature, confidential transaction and multilayered linkable spontaneous anonymous group signature (MLSAG) [52] were combined to form Ring Confidential Transactions (RingCT), with its implementation being in Monero. Besides these, onetime signature [53], borrowmean signature and multisignatures are also used for preserving privacy in blockchain networks [44].
2) Critical analysis of ring signature: Monero [50], based on ring signature is considered to be the most efficiently privacy preserving cryptocurrency, however, Monero (due to vulnerabilities in the architecture of ring signature) also faces privacy issues. Some issues with ring signature include: a) Large ring size: The size of the ring is directly proportional to the number of participants involved in the ring; this increases the ring size. To keep the ring size limited, usually the no. of participants that can take a part in ring formation is limited. This reduces the anonymity set size, hence increasing the risk of deanonymization.
b) Lack of scalability: Transaction size in ring signature is largealmost thousands of bytes per transaction. This will require more storage space to keep the records of the entire blockchain, hence compromising the scalability of blockchains.
c) Transaction timing attack: When a user creates the ring for his transaction, he usually collects other transactions of the same denomination available in the blockchain. Since each transaction in blockchain is time stamped, hence the newest created transaction in the anonymity set is considered to be the one to be redeemed. A study [40] depicts that 98% of the transactions are prone to time attack for traceability.
3) Zero-knowledge proof: Zero-knowledge protocols, introduced in 1980s [54], are one of the most widely used cryptographic techniques to enable the transfer of assets across a distributed, peer-to-peer blockchain network with improved privacy. The goal of zero-knowledge proofs is to prove the validity of a transaction with zero knowledge provided to the verifier about the transaction. The concept involves the certifier to formulate a formal proof to prove that a certain assertion is true without the need of providing any additional and useful information to the verifier [15]. A variant of ZKP, known as Non-Interactive Zero-knowledge Proof (NIZK proof), is widely used in blockchains as it eliminates the need of to and fro communication between the prover and the verifier and instead, requires only one time message to be sent from prover to the verifier. It is important to remark that not all ZKP schemes are non-interactive. Most of the ZKP protocols available in literature are interactive. Usually, in  The amount of transactions, or other metadata is not hidden.
To overcome the limitations of Zerocoin, zerocash was introduced [56]. Identity and transaction privacy were simultaneously provided in Zerocash to overcome the limitations of Zerocoin. It uses anonymous coins to provide privacy in blockchains. Further, size of transaction and time of verification of transactions were also significantly reduced. Zerocash uses ZK-SNARKS. However, the NIZK protocol incurs high computation overheads, especially in the proof generation phase of zk-SNARKs protocol used in Zcash.

4) Critical analysis of zero knowledge proof:
Despite of providing both identity privacy and data privacy, ZKPs still have not perfected at preserving privacy in blockchain networks. A few issues with ZKPs include: a) Trusted Setup Problem: The working of ZKPs involve a parameter generator that can issue prover and verifier keys to verify a transaction. This is where vulnerability to privacy breach arises as it is very significant to consider who to trust for parameter generation and how to ensure no record keeping at the generator. If compromised, this may result in forgery of the data. b) High Computation Overhead: Theoretically, ZKPs achieve the highest level of anonymity and transaction privacy protection for the blockchain but at the expense of high computational costs it requires when it generates the transaction proofs. c) Prone to deanonymization: A study [57] empirically shows that 98% transactions in Zcash are linkable.

VI. DISCUSSION FOR WAY FORWARD
Maintaining privacy in blockchain based networks is very significant for its wide acceptance and adoption as shown in the literature. Besides the actual data, metadata also flows through the blockchain network. This metadata can be used to infer additional information about the users participating in the transaction. Additional information inferred may include the identity of the user and this identity unmasking can further reveal all the transactions related to the user. In other words, even with the most powerful privacy preserving mechanisms, this metadata still flows through the network. This is one of the biggest challenges for any privacy protecting approach that might be used in public permissionless blockchain networks. Adding mix-ins to transactions do not have an impactful effect either. Temporal analysis makes it evident that timing plays a major role in analysis of user identity thereby nullifying the effect of mix-ins. Analyzing transaction relationships, patterns, time and links, it becomes easier to trackback the headnode and determine the identity of a person. Once the identity of an individual is leaked, all the corresponding transaction information of the individual also gets prone to leakage.
In certain organizations, it is not desirable to make the confidential data publicly available, for instance patient records in healthcare, sensor data in IoT devices, private goods' information on supply chain management systems, business transactions in financial sector and so on. Hence, keeping privacy intact when blockchains are deployed for those applications, has a great significance. If privacy is not ensured, the integration of blockchain in such application areas may not progress and soon come to a halt. Setting access control is possible by permissioned blockchain, however, using those kinds of blockchains nullifies the purpose of using a decentralized system altogether.
Privacy in a blockchain network can be preserved in various ways but the most prominent one in literature is preserving privacy through the use of efficient cryptographic primitives. A brief summary of type of privacy offered and limitations of existing privacy protecting mechanisms' implementations is presented in Table IV.
It can clearly be seen from the table that existing approaches have a number of limitations and thus need further research for reduction of the privacy risk in blockchain systems. Hence, a few research directions are presented that can be investigated further.

A. Transparency vs. Privacy
Blockchain is transparent by virtue of its design. Transparency, however, can be a double-edged sword when it comes to blockchain transactions. On one hand, blockchain is trusted for its transparency whereas on the other hand, this results in serious privacy concerns for a variety of potential application domains. The desire of stronger privacy in some applications leads to limited usage of the technology. Hence, the biggest challenge to achieve privacy in blockchain systems is finding the correct balance between the degree of transparency and the degree of privacy leveraged.

B. Scalability
Some privacy preserving techniques provide a sufficient amount of privacy for a wide variety of applications. In addition, advanced versions of some of the existing techniques i.e. ring signatures and zero-knowledge proofs (ZKP) provide both user privacy and data content privacy. However, this privacy protection is done at the cost of scalability of the network. Scalability, itself, is one of the major concerns in the technology of blockchain these days, hence, industrialists do not opt for the privacy solutions that further increase the issue. The need of scalable solutions make it another significant challenge in terms of privacy protection of user and user assets. Therefore, researchers should delve further into the cryptography of these techniques to find out the loopholes in existing techniques. The identified loopholes will further help the researchers to model scalable privacy preserving mechanisms.

C. Private Key Management Systems
Loss or theft of private is another major issue that may result in privacy breach of the user and loss of user assets associated with the key. Proper private key management systems should, therefore, be incorporated. Moreover, mechanisms to recover or report the lost keys should be brought into practical implementation.

VII. CONCLUSION
Invention of blockchain eliminated the need of trusting a third party for record keeping and transaction verification. Blockchains promote transparency by introducing publicly verifiable transactions. However, this transparency has led the blockchain community to an emerging issue of privacy. Privacy in blockchain refers to safeguarding the identity of the user involved in a transaction and protecting the secrecy of transaction data. Although researchers and industrialists have proposed some privacy preserving mechanisms over the years, however, these mechanisms are still prone to privacy breaches and do not provide complete privacy. For instance, mixing services and ring signatures can provide user identity privacy only and does not provide transaction data privacy. Similarly, homomorphic cryptosystems aim at providing transaction data privacy but does not provide user identity privacy. Moreover, although ZKPs provide both kinds of privacy in blockchains but it does so at the cost of system performance. Poor www.ijacsa.thesai.org performance of the techniques restricts universal adoption of blockchain technology. Hence, the need for a more efficient privacy preservation framework that doesn't only retain user identity and transaction data privacy, but also ensures the performance of the system doesn't lag arises. For development of an effective solution to problem of privacy in blockchain, understanding the root cause of the issue is important. Therefore, in this study we have highlighted some privacy breaching causes by the virtue of blockchain design. These causes include (i) additional information flowing through the network that aids in deanonymizing a blockchain user; (ii) linking the time and pattern of transactions; and (iii) absence of effective private key management systems in the case of private key thefts. In order to be completely benefitted by the variety of features that blockchain has to offer, it is essential that the privacy in blockchain systems shall be strengthened.