ENS exposes private data of thousands of Ethereum users

ENS exposes private data of Ethereum users

Data sovereignty and privacy have always been part of Ethereum’s selling points, yet a recent analysis has shown lapses in this claim. The Ethereum Name Service (ENS) makes it possible to link Ethereum users to their account balance, business deals, and other activities.

The ENS enables users to create human-readable names out of Ethereum addresses. For instance, if Jane wants to send Ether to John, she can simply input “johndoe.eth” instead of a lengthy alphanumeric-string-type address.

Its purpose is to simplify transactions and make it generally easier for anyone to send payments online. But apparently, this comes at the cost of user data privacy.

Decrypt analyzed 133,000 Ethereum names and was able to link high-profile crypto individuals to their funds. Their analysis also led them to gain more insights into the users’ business deals.

Ethereum billionaire linked to huge funds

Based on the report, the third-largest ETH address owns “metamask.eth,” “consensys.eth,” and “weifund.eth.”

These three companies can be linked to none other than Joe Lubin, the founder of ConsenSys and incubator of Weifund and Metamask.

Although Lubin hasn’t said a word about it, he might likely be the real owner of the address that contains worth US$8 million [AU$11.9 million] worth of Ether.

ENS exposes private data of Ethereum users

Circle and Poloniex potentially exposed

Another ENS domain name “netural.eth” contains nothing but eight cents worth of OmiseGo tokens. However, the address that registered the name holds 58,000 ETH – worth roughly $15 million – as well as an additional $2.5 million in Ethereum-based tokens.

Furthermore, it received sizeable funds from digital currency exchange Poloniex on a regular basis.

What’s uncanny about these transactions is the fact that the funds come from the exchange’s main wallet, while most payments are generally sent using its secondary wallets. Plus, Circle owned Poloniex at that time.

These payments also ended as soon as Circle removed trading fees for USD Coin (USDC).

All the data implies that the address that registered “netural.eth” may have been a company wallet.

CoinGecko founder future whereabouts identified prior

CoinGecko co-founder Bobby Ong, who owns the ENS domain “bobbyong.eth”, attended a DAI stablecoin-focused meetup in Osaka Japan on October 7, 2019.

This could be seen through the blockchain address that is used to create his Ethereum name.

What’s so alarming is that anyone who had wanted to snoop into his business would have been able to know his whereabouts 17 days prior. Nothing bad happened, thankfully.

But Micky has previously reported on several incidents of kidnapping and infiltration among users whose crypto wealth is known to the public.

Spying on business deals

By observing the public Ethereum blockchain, anyone can spy on other people’s business deals.

Ameen Soleimani, the CEO of SpankChain and owner of “ameen.eth” and “ameensol.eth” was unveiled to have sent 10 Ether to Global Block CEO James Kim, who sells domain names.

This implies that Ameen was buying domain names, which he later admitted to Decrypt.

The ENS may have made it easier for anyone to send and receive payments online, but it has also opened up more possibilities of privacy breaches.

Meanwhile, there might be worthwhile solutions right under our noses.

Applications like Tornado Cash enable users to easily transact privately in the Ethereum blockchain by severing the on-chain connection between the sender and receiver.

With cryptocurrencies, proper security measures are always imperative.

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers - you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.