Token Based Services - Differences from Privacy Pass

Published: 12 December 2019

Technical Report: OPTR2019-01

An approach to allow anonymous peers to (pre-)purchase services from anonymous servers based on Privacy Pass


  • Erinn Atwater - Open Privacy Research Society
  • Sarah Jamie Lewis - Open Privacy Research Society


We outline an approach to allow anonymous peers to (pre-)purchase services (e.g. message hosting) from anonymous servers based on Privacy Pass.

Service providers offer the purchase of “tokens” that can be later redeemed for services in a similar way to how prepaid cards work.

Separating the act of purchasing tokens from using them provides several advantages over purchasing the services directly, even if we assume the purchasing method is completely metadata resistant. This separation allows us to amortize the latency and transaction fees associated with cryptocurrency transactions over several tokens, reducing friction after the initial investment. Also, because tokens are unlinkable and fungible, peers can share tokens across devices or even between group members, opening up the services to a wider audience while preserving the privacy of individual users.

When considering payment channels that do not offer strong privacy protections, separating acquisition and redemption provides another tool for enabling peers to manage risks to their anonymity.

This paper outlines the differences of our protocol from the original Privacy Pass paper and – except where specified – uses the same notation as that paper. It is prerequisite reading for understanding what follows.



	AUTHOR =      {Erinn Atwater and Sarah Jamie Lewis},
	TITLE =       {{Token Based Services - Differences from Privacy Pass}},
	NUMBER =      {OPTR2019-01},
	INSTITUTION = {Open Privacy Research Society},
	ADDRESS =     {Vancouver, Canada},
	MONTH =       {December},
	YEAR  =       {2019},
	URL   =       {},
	CONTACT =     {}