ShadowCash is a cryptocurrency of the very ambitious Shadow Project which claims to provide “near-instant, untraceable, unlinkable and trustless transactions”.
A user that goes by “shnoe” who is a part of the Monero Research Lab, awaits a bounty payment ($1500 according to the bounty page) after applying for a bounty for finding a bug that reveals ShadowCash is mathematically broken. Through his detailed blog post, it is shown that an adversary can find out who signed a transaction and thus deanonymize them.
ShadowCash implemented ring signatures for signature obfuscation, but apparently the implementation was done incorrectly. Documentation for the ShadowCore API says that “The ring signatures are a crucial part to anonymize the sender of a transaction.” A proof of concept that exploits this bug, along with a text file of the results of the proof of concept can be found on shnoe’s Github repository. This would mean that all ShadowCash transactions are not really anonymous.
The Shadow Project denies these deanonymization claims in a