DeFi’s Missing link
A historical perspective on the link between Privacy and Blockchains
The relationship between blockchain applications and privacy has always been a complicated one. Bitcoin as the pioneering blockchain application allowed fully pseudonymous accounts and transactions, while at the same time making all transactions visible to anyone. This could (and did) expose a wealth of information on any entity whose pseudo-anonymity was blown. This de-anonymization can be surprisingly easy through correlating other sources as has been demonstrated on other data records such as medical data, search requests or location data in the past. The fundamental openness of decentralized public ledgers thus can also expose a weakness in the way privacy is often perceived.
DeFi as a Privacy Booster
Traditional Web2 models for privacy are commonly implemented through data protection. Data is gathered where needed or allowed, and then protected through access control mechanisms, a method of guaranteeing that users are who they say they are and that they have the appropriate access to company data.
This is a flawed model for privacy and has resulted in an abundance of abuses and breaches. The early builders of the internet have long advocated for more sophisticated privacy solutions, yet this model of access control mechanisms is the easiest to implement and widely adopted by most organizations dealing with private data – from financial services to healthcare and identity. More advanced concepts have been considered niche and impractical, but decentralized systems, especially DeFi, finally stand to upend this approach.
Due to the open and transparent nature of decentralized systems, protecting data through access control is no longer an option. The open and permissionless nature of the applications make access control untenable. Thus, the only way to achieve privacy is to prevent data from being gathered in the first place, and to architect designs that yield the desired results without ever storing personal data in unencrypted form.
The basic technologies to accomplish this vision of privacy have been readily available for decades through the advent of Zero-knowledge tech. The concept of Zero-knowledge proofs goes back to 1985 when researchers at MIT began creating mathematical methods used to verify things without sharing or revealing underlying data. Think of a payment app checking whether you have enough money in your bank account to complete a transaction without finding out anything else about your balance.
The concept has evolved substantially since. This idea of being able to prove “honest behavior" while maintaining confidentiality has led to algorithms that generate shared and reliable randomness, anonymous attestation schemes where someone can prove a property without revealing any additional information (e.g., proving someone is over 18 years of age), or search algorithms that can search a database without revealing the search term.
Multiparty computation, where multiple parties can make calculations using their combined data– without revealing their individual inputs, has evolved from safely sharing a secret between nodes in 1979 to those nodes making complex shared computations, without individual nodes learning the inputs or being able to sabotage the output. The arrival of DeFi has energized research in this area and pushed the possibilities of zero knowledge proofs to a whole new level. Take ZKSnarks which has demonstrated how both the practicality and the usability of privacy preserving technologies has made massive leaps, enabling many projects to add privacy features to their products, in DeFi and beyond.
Another potential privacy booster through Web3 technology is the attempt to change the data ownership model, and allow users to keep control over their own data through wallets and data unions. This enhances the market for privacy preserving technologies, as such providers differentiate primarily on privacy protection, rather than - as in the big data model of Web2 - on consumer applications such as social media that builds on such data.
The missing link
One privacy issue that blockchain technology has yet to solve by itself is the link to the ‘real’ world. Bitcoin pseudonyms can remain completely safe until wallets are used to purchase an actual product or turn crypto assets into fiat currencies– both of which create linkability and can compromise pseudo-anonymity. The complexity of these kinds of privacy issues will continue to grow as DeFi becomes more sophisticated.
Take compliance for example— regulators put pressure on platforms to capture information about their customers such as nationality or employment status. Even though the technology exists to do so in an anonymous way, the initial link between a person and their credentials needs to be provided manually. For platforms to be compliant, this process would need to meet the standards set in place by regulators. This is the undefined space we’re in today where regulation and privacy seem to be mutually exclusive. DeFi is grappling with how to balance the risks of opposing forces – how to uphold the distributed nature of a well-decentralized system while accepting a certain level of concessions to meet regulatory standards, all while navigating the complicated dynamic between the justified request— ie. rightful expectation– for privacy, which could also be used for nefarious activity.
What the original Crypto Wars taught us
The issue of privacy versus abuse potential— the idea that privacy can be used illicitly— goes back to around 1991 during the early days of publicly available cryptography initiated by the distribution of PGP (pretty good privacy). This was the first time cryptographic tools where made available on a large scale for private purposes. This decisive event has been aptly named the crypto-wars; an attempt by the US and fellow allies to limit public and foreign nations' access to cryptography that is strong enough to thwart decryption by national intelligence agencies like the NSA. The crypto community does appear to have won those battles - we moved from a setting where early cryptographers where facing censorship or jail to encryption being everywhere and government organizations being supportive of open research. However, as we have seen at the latest with the Snowden revelations this also has caused a move to compromising devices, which has in the end made everybody less secure. Also, through encryption is now broadly available, the overall level of personal privacy can be argued to have drastically decreased, as useability and free services turned out to be greater differentiators than privacy.
Thus, we can draw two warnings from the crypto wars:
1. Ensuring privacy should be initiated by the thech community, not by the regulators.
This has been an ongoing (and rather painful) debate around the noble pursuits for privacy technologies and the idea that privacy can be used for nefarious motives. Though these abuses are often exaggerated when weighed against the benefits of the tech, we cannot ignore issues that endanger DeFi systems if bad actors are able to exploit privacy. We know what this looks like when it happens— take the frequent Sybil attacks on token sales or NFT drops where standard KYC approaches often prove insufficient, or the ongoing ransomware wave which is causing billions of dollars of damage each year. Finding the right balance can be challenging and divisive, but it’s vital that it is tackled by the DeFi community rather than regulatory bodies. Even privacy friendly regulation supports this point. The GDPR, a major regulatory step towards more privacy, is rightfully seen as a milestone. Born out of necessity as the tech community did not manage to solve some basic privacy problems, it is also cumbersome to implement and has the potential to stifle smaller organizations that struggle to be compliant with complex regulation. Much better solutions would have been possible had the deterioration of privacy not forced the regulators hands.
2. ‘Code-is-law’ can have serious backlash.
When it became impossible to keep strong encryption out of the public’s hand (and consequently, end-to-end encryption became a required feature in many products), surveillance shifted towards compromising end devices. This left us in a situation where government agencies have an interest in maintaining security holes, and the gray market for exploits is now bigger than ever. Though the code-is-law approach has gotten incredible technology into the users’ hands, this technology has also caused its opposition to evolve, and the price - especially that it increased the interest of (some) government organizations to maintain security vulnerabilities - is also high. Another factor we have seen that there is a strong motivation in a new area such as Web3 to get a product out fast, which has in the past often led to features like privacy being of secondary concern. In the Web3 setting, this can be especially dangerous, as unprotected data is immutable. Adding zero knowledge features (such as proving ownership of a token without revealing one’s wallet identity) later on in such a setting is difficult, and design choices made in the beginning to speed up deployment can be with us for a long time. Thus, there is a real danger that even on Web3, a well-meaning project trying to empower the user may well end up being the next privacy problem if not carefully deployed, and there is a willingness to put in the effort to offer services while employing privacy by design right on.
Those issues should not distract from the great opportunity that is created by the new boost DeFi gives privacy technologies, or curb the enthusiasm for pushing the possibilities of these technologies further. They should rather serve as a reminder that it is important to also consider the wider context, and make sure we can turn the technical opportunities into the societal ones they deserve.
About the Author
Dr Klaus Kursawe is a Blockchain Researcher at Vega Protocol. He has been active in applied security research, training and advisory since 2001, working e.g. for IBM, Philips, KU Leuven and Radboud University. He is a cofounder of the ENCS and is now involved in several Startup companies. He began his career working on Byzantine Fault Tolerance.