Extending Blockchain Untraceability with Plausible Deniability

Computer Science > Cryptography and Security [Submitted on 13 May 2026] Extending Blockchain Untraceability with Plausible Deniability Eunchan Park, Kyonghwa Song, Won Hoi Kim, Wonho Song, Min Suk Kang Traditional blockchain untraceability schemes, such as mixers and privacy coins, obscure the sender-receiver relationship by placing transfers within an anonymity set. This paper studies a stronger goal: whether the transfer event itself can be made unobservable by blending into common decentralized-finance (DeFi) activity. We introduce Deniable Covert Asset Transfer (DCAT), a class of transfers that stage common loss-producing events, such as sandwich and arbitrage operations, so that a sender appears to suffer an ordinary loss while the receiver appears to profit from it. We design and validate two DCAT instantiations: a sandwich-based transfer on Ethereum and an arbitrage-based transfer on Arbitrum. Our experiments show that, under the evaluated settings, DCAT transfers are empirically unobservable on both chains. They are syntactically identical to corresponding maximal extractable value (MEV) activities, classified as ordinary extractions by standard MEV detection tools, and leave the sender and receiver unlinked under representative forensic tools. Since syntactic inspection cannot distinguish DCAT from ordinary MEV activity, we examine whether economic semantics provide useful forensic signals. Through a large-scale study of MEV losses on Ethereum and Arbitrum, we show that key semantic features follow power laws. Extreme losses and repeatedly exploited addresses occur in the wild, and thus are not by themselves definitive evidence of collusion. This gives staged transfers plausible deniability and makes fixed-threshold detection prone to false positives. We therefore develop a multivariate statistical method for forensic triage that ranks incidents by the joint rarity of their economic footprint. Applied to real-world DeFi activity, our method narrows a large search space to suspicious cases for manual investigation; we present three such cases to illustrate this prioritization. Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2605.13132 [cs.CR]   (or arXiv:2605.13132v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2605.13132 Focus to learn more Submission history From: Min Suk Kang [view email] [v1] Wed, 13 May 2026 08:02:15 UTC (728 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-05 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)