SPCEX: Secure and Privacy-Preserving Cryptocurrency Exchange

The prosperity of blockchain technique has spawned numerous types of cryptocurrencies. However, a secure and privacy-preserving cryptocurrency exchange protocol that can support atomicity and unlinkability, and effectively resist various attacks is still missed in the literature. This article proposes SPCEX, a secure and privacy-preserving cryptocurrency exchange protocol, which supports atomicity and unlinkability, as well as resists collusion attacks, front-running attacks and Sybil attacks without relying on any trust execution environments (TEEs). SPCEX employs a mixing protocol to conceal trader involvement and preserve their identity privacy. It applies a privacy-preserving comparison algorithm based on an improved homomorphic re-encryption scheme to match buy and sell orders secretly, thus resisting front-running attacks. In addition, we construct atomic transactions with smart contracts to protect tokens of honest traders. A collateral deposit mechanism is employed to deter collusive parties and penalize abnormal behaviors, which discourages collusion attacks and Sybil attacks. We analyze the security and privacy of SPCEX, and formally prove the security of the improved homomorphic re-encryption scheme. Through proof-of-concept implementation, we demonstrate its validity and reliability, and show its advanced performance by comparing it with a cutting-edge scheme.