Standard ECDSA signature schemes are vulnerable to public key recovery attacks that allow an adversary to recover the signer's public verification key from any signature, linking all pseudonymous messages authored under different one-time pseudonyms back to a single user identity. This attack succeeds without any side-channel — it operates solely on the message and its ECDSA signature.

In a 600-node simulation on a 25×25 grid representing a city-wide blackout environment, Anix messages reached over 90% of users within 23 simulation steps (~23 hours) even when adversarial Sybil nodes composing 2% of the network refused to forward messages authored by legitimate users. The simulation modeled a 5-day blackout with 120 one-hour steps.

Abstract; §5.2; §6 evaluation

Anix provides two cryptographically distinct identity revocation primitives: soft revocation rotates a user's identity key pair and re-notifies only the retained subset of trusted contacts via encrypted unicast, silently excluding the revoked party; hard revocation broadcasts a signed certificate containing the compromised public key components, instructing all contacts to reject both the revoked identity and any downstream identities produced through subsequent soft revocations.

§4.3 defense

Bridgefy included both sender and receiver long-term identifiers on every message; Albrecht et al. found this unsafe and the deployed security upgrades proved insufficient, leaving Bridgefy unable to provide anonymity. Firechat similarly transmits long-term public user IDs with every message, uniquely identifying accounts to every recipient in the mesh.

§2.2 evaluation

Rangzen's transitive trust scheme suffers from two structural defects: diminishing trust (each relay hop multiplicatively reduces a message's trust score, degrading trustworthy messages from distant authors) and path dependency (the same message accrues different trust scores depending on which route it traveled, making scores incomparable across recipients). These defects prevent any user from gauging network-wide endorsement of a message.

§2.3 evaluation