don’t reveal your data to the world

Privacy is a feature needed to some extent for most transactions in life. Whether it be to keep your bank account information from the eyes and hands of others or your authorship hidden from an oppressive government that would punish you for your words. In the world of blockchain and cryptocurrencies, these features are built into the protocols underlying the network itself but what level and type of privacy is necessary?

Usable Currency

Not all coins are created equal. Not all coins have the purpose of a mainstream currency. Privacy must be a feature of any currency that is used as common spendable money. It is not safe nor is it wise to have all financial data about yourself posted to the public domain. With blockchain technology, transactions and data on the network are typically available for all to see and verify, which has it’s advantages but full transparency is not acceptable for a currency. There may be certain times when certain transactions don’t have any need for privacy but at no time would any individual be served well to always have their entire financial situation, history, and transactions published for all to see.

Fungibility

A usable currency must also have the characteristic of being fungible. This means that one unit always has the same value as any other unit. A certain level of privacy is required for this to be possible. If there was no privacy and a coin’s history could be tracked throughout it’s life cycle then any transactions it was involved in would be tied to said coin.

If a criminal went to Bob’s house, tortured him, and stole his funds, those funds could be tracked. Let’s say the criminal immediately liquidated Bob’s holdings, converted it all into bitcoin, and transferred this to his own account. He then spends the next week spending this bitcoin on many purchases while the cops track him down and finally arrest him. At this point, the remaining bitcoin can be confiscated and returned to Bob but what about the bitcoin he already spent? That bitcoin could be traced but it is now held by other individuals. Maybe the government seizes this bitcoin that rightfully belongs to Bob or put’s it on a list as tainted money which limits who would accept it and if they would accept it at full value.

Maybe a similar scenario occurs through a large scale hack and millions worth of coins are stolen and distributed. The same issue remains. Do you lock up said coins even though many are now in the possession of innocent individuals? Do you take them back from said individuals? Do you blacklist all coins stolen? It’s a legitimate dilemma because some or most or all of the coins are in the possession of the criminal and no one wants them to get away with the stolen funds but there’s no way to tell which are in their possession and which are in the possession of others. Should the government start an inquisition and trace every coin? This would become impossible as the coins would continue to change hands and split up. If transactions are private, than these situations don’t exist. Criminals can be tracked down and prosecuted and punished through detective work outside of monetary omnisciency without impacting other innocent people who unknowingly were involved on the fringes of their activity.

Which Aspects Should Be Private?

Privacy in a currency can take many forms. One option is to make everything related to transacting with said currency hidden. This covers all the bases from the accounts involved to transaction amounts. Even IP addresses that the transactions go through can be masked. Although this sounds extreme and borderline criminal, it’s actually just good management of personal data. Most payment processing companies who deal in USD are trying to tackle these issues by creating systems, software, and hardware that work together to provide these features. Visa hides your transactions from everyone but you and the company or person you transact with. Square provides hardware to businesses that allows them to accept payments without risking or revealing the information of said transaction or allowing for interception of data. Your bank performs similar tasks to keep your money and data “safe”, or in other words, to provide you with a layer of “privacy” for your own protection.

A simple method of privacy with a currency would be to only mask the users involved in a transaction. Why hide the amounts, the times, and other arbitrary information if the users themselves aren’t identified? This is situationally acceptable but with today’s advancements in AI and analytical software, often times someone with enough resources can decipher the users involved. If they know what they are looking for and have some outside information about a user or transaction, they can leverage this information to uncover the users involved through analyzing the transaction times, amounts, repeat occurrences, etc. For a currency, this doesn’t seem to be enough privacy protection.

Maybe the amounts transacted should be hidden. This would solve the issue of having enough public information available to backtrack and discover user identities. If all that is seen on the public network are that transactions are occurring and the blockchain is valid, then no private information is exposed. Maybe some small connections can be made that Bob has a Monero wallet or someone on Alice’s computer made a transaction with Zcash, or some other trivial piece of data. Even this wouldn’t be readily available though and would be difficult to impossible to extrapolate these tiny threads into anything coherent.

Maybe it would be best to give privacy as an optional option. This is a common belief and popular for good reason. There are times, as with a non profit or government agency or to keep records, that one may want transactions posted publicly. Sometimes this is a very useful and needed feature. More generally though, some layer or layers of privacy are required. Giving users an option to transact either way could give the best of both worlds. The main issue projects that have gone this route have run into is a lack of participation in the privacy option. If most transactions on the network are public then the private ones can often be unmasked by tracing all the public information that they have interacted with. For a currency to succeed with an optional privacy model, it is best, if not required, for a substantial percentage of transactions on the network to be private.

Privacy Platforms

There are more use cases for privacy in blockchain technology than just cryptocurrency. Transactions aren’t always in currency nor is all activity one participates in always clearly transactional. At times transactions with cryptocurrencies need more privacy that that provided by the coin. There are times when the network itself needs privacy features.

An internet browser is a good example of a use case outside of cryptocurrencies. There are times when it is best to have your internet activity private. This can be for hiding a secret bad habit or for surprising your spouse with an anniversary gift. It is needed for those who don’t trust Google and Facebook with the data on all their activity. Maybe someone doesn’t want to be profiled and targeted by their oppressive government or maybe they just don’t find it morally acceptable for a company to be making money off their personal information without them having control over said data in the process.

Communication is another case where privacy is very important. If someone sent a message over a public blockchain, anyone in the world with internet access could read all their messages and follow all their communications. Even within internal networks such as Microsoft, Facebook, and Verizon, control over your communication records and data is in their hands. It would be better if that information was only in the hands of the individuals communicating. This can apply to emails, calls, text messages, video messages, etc.

There are times when property ownership would ideally be private. Maybe Bob owns some very valuable items with proof or “deeds” stored as digital assets on a blockchain. If it were public information that he has these items, someone may want to steal them from him or harass him. If Alice wants to give a car to single parent she knows at her church who is struggling personally and financially but doesn’t want that person to know who gave them such a grandiose gift, it would be perfect to transfer ownership of that vehicle privately without Alice’s information available to the new owner. Maybe Bob owns a large tract of land just outside a major city with the intentions of keeping the land from being developed. He thinks it is best to leave the large plot natural as a refuge to the local flora and fauna. Bob does not want to hassled by investors, intimidated by corporations, or known by anyone as the owner of the property but still needs to be able to own it provably. A blockchain with specific privacy features accomplishes these goals.

Corporations aren’t always evil and aren’t always secretive due to corrupt dealings. Sometimes they need some of their information private for legitimate business reasons. They can’t have all of their proprietary information available to the public or their customer lists or the transactions they are associated with. They need privacy layers just to operate effectively.

For example, a bank needs to keep the transactions of their costumers private. It needs the names of these clients private as well. They need to store costumer data privately and need internal communications and records to be shielded too. Sometimes the privacy needs for a company lead them to transact their business on a private blockchain. They trust themselves so they don’t need the completely decentralized and distributed structure that public chains need. Just like companies use intranets for internal use and the internet for public interaction, so do some use private blockchains for their private transactions and storage then public blockchains to interact with the “outside world”.

Popular Privacy Projects and Protocols

Bitcoin

Bitcoin is generally not considered a privacy coin although it does hold some privacy features. Most importantly, bitcoin addresses are not linked to an individual. Anyone can create an address and there is no need to attach an identity to that address. With this being the case, even though transactions are all public record, it is not readily clear who these transactions are coming from and going to. The problem is that once enough identities were linked to specific addresses, there have been successful endeavors to connect other addresses to identities through analyzing the bitcoin blockchain with this new information and any outside information available. This risk is alleviated greatly by creating a new address for each transaction but the risk of being identified through chain analysis still exists. There are options to use Coin Join privacy protocols through certain wallets but that isn’t a mainstream feature.

Monero

Monero is known as the king of privacy coins. With this coin, privacy options are used as the default. Some public send options exist but aren’t used by most of the network. Monero uses Ring Signatures to mask user’s identities. Put simply, when Bob sends Alice 5 monero, this transaction is signed by a group of other random users with equal likeliness of any of them being the sender. In addition, a new “stealth address” is created and used for every transaction making the tracking of accounts impossible. Added to this is their RingCT or Ring Confidential Transactions protocol which hides transaction amounts by grouping the amount in a transaction with a pool of other transaction values and only posting the total. Monero is currently working on I2P implementation which would mask IP data as well.

Dash

Dash is a privacy coin with some controversy surrounding it. When it was created, as a fork of Bitcoin, a large amount of coins were “instamined” which created about 25% of the supply in a much more centralized fashion than many people in the space agree with. Private Send is optional with Dash and isn’t common on the network compared to public transactions. The privacy protocol used by Dash is Coin Join which would take Bob’s transaction, add an arbitrary amount of extra dash, split the total amount into many smaller units, send these to a masternode, pool these together with other transactions similarly divided, then from this joined pool send small denominations out to all parties with Bob and other senders getting back some change and the recipients receiving their due. With this method, it is nearly impossible to track the funds from Bob to anyone due to all the mixing and pooling.

Some people infer that this system could still be analyzed and break the privacy barrier while other skeptics point to the instamined coins and the masternode system as questionable security points. The masternode system requires 1,000 dash to set up and is much more centralized than other cryptocurrency mining systems since there are much fewer of these masternodes than there are processing nodes in many other networks. The advantage to masternodes is the ability to have instant verified transactions even with full privacy implemented. Dash is governed as a DAO, Decentralized Autonomous Organization.

Zcash

Zcash is a cryptocurrency with optional privacy as well. It was a fork of Bitcoin as well and uses a form of zero knowledge proofs called zk SNARKs, zero-knoledge succinct non-interactive arguments of knowledge, to hide sender and receiver addresses as well as the amount and any memo message included. A zero knowledge proof allows for the transaction details to be verified without actually revealing what those details are.

The problem is that most transactions on the Zcash network are public and not shielded. Currently just over 10% are shielded transactions. Even many sheilded transactions are made between a private party and a public party so it isn’t impossible to fill in blanks and analyze the blockchain to break the privacy of some shielded transactions. It still isn’t easy and the encryption itself wouldn’t be broken but similar to Bitcoin, through analysis it is possible to discover some of the missing information when so much is public. Maybe this will change over time. Also, zk SNARKs are relatively new encryption type and haven’t been tested to the same extent as some others. The final criticism of Zcash is that there were some questions with it’s original creation due to the “trusted setup” required.

Pivx

Pivx is a project that forked from Dash. Pivx stands for Private Instant Verified Transactions. It has a masternode system similar to Dash but with a much lower starting cost. Pivx is the only coin mentioned here that is Proof of Stake instead of Proof of Work and currently is the only cryptocurrency with a private staking mechanic. When staking coins, users are incentavized to convert their Piv to ZPiv (their public coins to private coins) by giving larger rewards to those staking in ZPiv. Currently over 20% of the currency is in the form of the private ZPiv which is one of the best rates in optional privacy coins. Pivx also instamined a large supply at it’s creation to get the network started but burned that whole supply later once the network was running well. The project is ran by a DAO like Dash.

Pivx uses Zerocoin protocol which also uses zero knowledge proofs to hide sender and receiver data but also mints “zero coins” for transfers. When Bob wants to privately send Alice Piv, he converts his Piv to Zpiv (the zero coin) which creates a new set of coins with no history while burning (eliminating) the Piv he had converted from. That Zpiv is pooled and mixed with other Zpiv transactions and through zero knowledge proof cryptography is sent to Alice while masking addresses and information at all steps. Alice can then convert the Zpiv back to Piv if she wants or anyone can hold Zpiv and keep their privacy even within their own account so their account balances are private too.

Horizen

Horizen, formerly Zen Cash, was a fork of Zclassic which had split off of Zcash. It uses similar privacy structure to Zcash through Zk SNARKs. The uniqueness of Horizen is that it is built to be platform, not just a currency with a few added features. This platform includes ZENNODES, decentralized secure node infrastructure to run the network, ZEN, the cryptocurrency with Zk SNARK enabled privacy, ZENDAO, the Decentralized Autonomous Organization that functions as the governance layer, ZENHIDE, a completely private platform for web traffic, ZENCHAT, “the most secure messaging app”, ZENPUB to anonymously publish data, documents, and media, ZENGRID, computational power available for rent, and INSTAZEN for zero delay payments.

Grin

The final listing for a privacy protocol is Mimble Wimble. This is the newest of all protocols mentioned and is currently only in development with one project, Grin. The beauty of this protocol is it’s simplicity. Instead of having all the information about a transaction stored in the blocks of a blockchain, the Mimble Wimble protocol only verifies that the total value within the blockchain hasn’t changed due to each transaction.

Basically, when Bob sends Alice 10 units, the blockchain doesn’t store anything about Bob or Alice or the amount but only the fact that after the transaction, the same amount of value exists in the blockchain as before and therefor the transaction simply occurred and was valid. It doesn’t matter who the users are or what the amounts are, only that if some amount is transferred into an account then the same value was taken out of another account thus balancing the values. The biggest upside to this protocol is how small these proofs are and therefore how fast and cheap transactions can occur on this network. From a privacy standpoint, all transactions are inherently private and no breaches are even possible because there is no stored data to breach.

If you are interested in an audio format, the podcast Our Foundations did a series on blockchain and cryptocurrencies (Episodes 41–46) that hits on similar topics. It can be found on any podcast player or through the website: https://ourfoundations.podbean.com/

TLDR; Conclusion

Privacy is a necessary feature for transactions of all kinds. No currency can be used wisely and freely without it. No individual can get through life unscathed without using privacy features often and in a wide variety of ways. There are many offerings in the crypto sphere for privacy solutions. Maybe all of the projects in the space will flourish, maybe only one will reign. The only clear conclusion is that privacy is necessary and it will exist in some form as the space expands and gains mass adoption.