A Privacy-Preserving Enforced Bill Collection System using Smart Contracts

Abstract

Maintaining a balance between anonymity and traceability is a fundamental issue in privacy-preserving systems. Isshiki et al. proposed an identity management system based on group signatures in which a service provider anonymously determines whether or not users of the service are legitimate members, and only a bill collector can identify users for the purposes of sending them invoices. It is particularly worth noting that, under the Isshiki system, the service provider is not required to manage personal information such as user lists, which allows the system to outperform other in terms of preserving user privacy and managing personal information leakage risk. It is also noteworthy that the Isshiki system only considers cases in which the bill collector identifies users who have used the service and that, in fact, identified users who ignore invoices can use the service for free. In this paper, we extended the Isshiki system by adding a smart contract-enabled enforcement bill collection functionality. Under this functionality, deposits made by users who do not pay a service fee are automatically transferred to the bill collector. Because of their centralized structure, group signatures are not suitable to blockchain systems, therefore, the proposed system employs accountable ring signatures as building blocks. The privacy-preserving enforced bill collection system is implemented using the accountable ring signature scheme developed by Bootle et al. and Ethereum smart contracts. To reduce the gas costs associated with running smart contracts, the smart contract is not run unless the user ignores an invoice, and basic procedures are run via an off-chain channel. To avoid the use of heavy cryptographic algorithms in carrying out the accountable ring signature scheme for running smart contracts, we employed standard elliptic curve digital signature algorithm (ECDSA) signatures without especially changing the state to be verified in smart contracts.