Privacy is the future, but the privacy currency is not

Text | Aloe

Produced | Odaily Planet Daily (ID: o-daily)

In addition to the defunct Defi, "privacy" is being revisited.

At the web3.0 summit in Berlin in August this year, Edward Snowden, the protagonist of the American prism, rarely appeared on the video connection screen. In 40 minutes, Bitcoin, freedom and privacy were the subject of this speech. On the same day, former Ethereum co-founder & Poca founder Gavin Wood screamed in the speech that "privacy is a core part of the Web3 movement."

In addition to the progress of Ethereum 2.0, zero-knowledge proof may be the key word that V God mentioned most in the second half of this year. He not only pays close attention to Ethereum's progress in privacy resolution, but also strongly praises Zk-SNARKs for "great progress in the past three weeks"; in addition, new privacy technologies are emerging.

Capital and public chains are also focusing on privacy. NuCypher, which focuses on Ethereum's privacy layer, completed the $10.7 million future token agreement SAFT investment led by Polychain Capital, becoming another star project; and the mainstream cryptocurrency represented by Ethereum, Litecoin and BCH The next deployment plan is being placed on the privacy agreement.

When the impossible triangle story has been “speaking tired”, the savvy web3.0 and the developing privacy technology are pushing the proposition of privacy to a new entanglement.

But at the same time, anonymous currency characterized by privacy is experiencing a regulatory crisis. Due to the risk of illegal financing, the exchange has voluntarily removed the privacy currency due to regulatory pressures. In August of this year, Coinbase UK gave up support for Zcash. On September 10th, OKEx Korea announced the release of six cryptocurrencies, Monero, Dash, Zcash, ZCache, Horizon and SuperBitcoin, and said this was related to the FATF rules enacted in June.

This is a "two-day" in the privacy field: the innovative privacy technology, the scope of deployment is moving from the privacy currency to the mainstream cryptocurrency; and the privacy currency (anonymous currency) is in the midst of regulatory storms and false claims. .

What is privacy?

Pavel Durov, founder of the encrypted communication software Telegram, said in response to the Russian government’s ban:

“I think privacy and our privacy are more important than the fear of terrorism.”

This sentence once attracted a lot of controversy, but Pavel Durov proved at least that he is an absolute password punk: no privacy, no freedom.

The privacy pursued by password punks is the predecessor of the "de-trust" and "anti-censorship" pursued by Bitcoin. This is one of the reasons why the blockchain world is considered to have encrypted genes.

However, as we all know, cryptocurrency and absolute anonymity are not equal. Most digital currencies represented by BTC are still transparent because of the transparency of the transaction, that is, the sender, receiver and specific transaction amount of the transaction. Known as "Nakamoto Satoshi who is not wearing clothes."

Privacy is only a branch of the blockchain world, and privacy ecosystems including privacy technologies and privacy products (privacy coins) have been developed to date. The former is understood in a narrow sense and can be understood as a technical solution that allows data to be exposed by third-party “stealing”, such as a Layer 2 protocol; the latter is a native privacy product under the birth of privacy technology, and they bring privacy to The highest priority, represented by the old anonymous currency Zcash, Monero, and the emerging dark horses Grin, Beam, etc., the relationship between the two is a blend of privacy technology, making anonymous coins emerge in an endless stream, which is also the development of anonymous coins, but also promote The continuous advancement of privacy technology.

History of privacy technology

At this point, we can review the history of mainstream privacy.

In December 2012, the CryptoNote protocol, applied to the well-known anonymous coin Monroe, was released. This is the first protocol for digital pass privacy issues. The protocol introduces two technologies: privacy address technology and ring signature technology, which will be sent separately. The party and the receiver are anonymized, but the disadvantage is that the transaction amount cannot be hidden.

To this end, RING-CT (ring confidential trading tool) came into being. As a supplement to CryptoNote, RING-CT has the ability to hide the transaction amount, while RING-CT optimizes the ring signature technology and improves the number using ring signature technology. The speed of the pass is anonymized and does not require any third party involvement.

But while improving the privacy of the Monroe blockchain, RingCT has made sacrifices in terms of scalability. In order to improve the capabilities of Ring CT, a new efficient zero-knowledge proof protocol called Bulletproofs was introduced to Monroe on October 18, 2018 through hard forks. Monroe contributor Ehrenhofer said that Bulletproofs technology reduced Monroe's transaction size and verification time by approximately 80%.

Bulletproofs was originally designed for Bitcoin by Jonathan Bootle of University College London and Benedikt Bunz of Stanford University. It was inspired by the original zero-knowledge proof technique zk-SNARKs. Compared to zk-SNARKs, Bulletproofs does not require trusted settings (the setup itself poses some potential security risks), but verifying Bulletproofs is more time consuming than verifying zk-SNARKs.

zk-SNARKs, presented by Ben-Sasson et al. at the Israel Institute of Technology in the 2014 Zelocash paper. At present, zk-SNARKs is almost the most widely used privacy technology in the blockchain world. The well-known projects deploying the zk-SNARKs algorithm are Zcash, Loopring and so on. Ethereum is also expected to deploy zk-SNARKs. In January 2019, the Ethereum Foundation and start-up Matter jointly released a sidechain expansion solution using zk-SNARKs on the Ethereum test network. At the Ethereum conference in Tel Aviv, Israel, in the second half of this year, when asked about the latest developments in privacy technology, V God strongly praised the technology. "In the past three weeks, Zk-SNARKs has indeed made great progress, but Many people still don't realize this."

On the basis or challenge of zk-SNARKs (increasing privacy while reducing transaction capacity and increasing transaction costs), new zero-knowledge proofs including zk-STARKs, Bulletproofs, and MimbleWimble were derived. Compared to zk-SNARKs, zk-STARKs is considered a faster, lower cost technology implementation. But more importantly, zk-STARK does not require an initial trusted setting; Mimblewimble/Grin has improved on confidential transactions and CoinJoin. Key features include no public address, full privacy, and a dense blockchain.

New privacy technology concepts are still being proposed. Many encryption technologies, including PLONK, Halo, Sonic, and Supersonic, were born this year.

In February of this year, Sarah Meiklejohn of University College London, Markulf Kohlweiss of the University of Edinburgh and Sean Bowe of Zcash proposed a zero-knowledge proof protocol called Sonic, which still requires trusted settings.

In August of this year, PLONK was announced by the AZTEC agreement led by ConsenSys. According to reports, this is a new and efficient universal ZK-SNARK architecture. PLONK only needs a trusted setting, and all programs can reuse this setting and be forwarded by V God.

In September, Zcash's development company Electric Coin Company released Halo, and ECC CEO and Zcash founder Zooko Wilcox said the study found a "trust-free" zero-knowledge proof recursive combination, a "long-term breakthrough" in cryptography. .

In the same month, at the blockchain week in Shanghai, Benedikt Bünz, the founder of Bulletproofs algorithm, introduced a new SNARK technology, Supersonic. According to the introduction, this technology combines Sonic and DARK to prove that it is the first without trusted settings. The short proof, 1 million logic gates can compress the proof size to 10 to 20KB, and even the optimization space, the technology will be applied to the financial public chain Findora for the first time.

Anonymous currency "to the dark moment"

Geeks are immersed in privacy labs, and while privacy technology is evolving, privacy coins are welcoming the "dark moments."

In June of this year, the International Intergovernmental Cooperation Agency's Anti-Money Laundering Financial Action Task Force (FATF) issued a final guidance on the cryptocurrency business. The new regulation, known as the strongest regulation of digital currency, issued an ultimatum for transaction privacy: Virtual Money Service Providers (VASPs), including cryptocurrency exchanges, must pass information about customers when it comes to fund transfers. Law enforcement.

In the eyes of regulators, anonymity is enough to trigger regulators' concerns about the risks of money laundering and terrorist financing, which is clearly an exclamation point before the storm, for anonymous coins that are committed to concealing transactions.

In August of this year, Coinbase announced that it will no longer offer Zcash trading services to UK users since August 26, 2019. In September, OKEx Korea announced the release of six privacys: Monero, Dash, Zcash, ZCache, Horizon and SuperBitcoin. The Korean exchange's UpBit also announced on its website that it will remove six kinds of privacy coins, including Monero, Dash and Zcash. In addition, in the Binance.US list, there is no door. Privacy coins such as Luo (XMR) and Zcash (ZEC).

People's pessimism about the prospects of privacy coins can be reflected in the performance of the encryption market. Within three months (since July 25), the XMR market price fell by 35%; the Zcash price fell by 53%. At the beginning of this year, Grin, who led the hot spot, fell more than 83%. However, it should be noted that Bitcoin has also fallen by more than 25% during the same period.

To this end, Jeff Dorman, chief investment officer of Los Angeles asset management company Arca, even pessimistically said, "It is very likely that many privacy currencies will be delisted and their liquidity will be exhausted."

In fact, regulation has always been the sword of Damocles hanging above the privacy coin.

According to public information, in May last year, under the pressure of the Japan Financial Services Agency, the Japanese exchange Coincheck had confirmed the removal of several privacy coins; at the same time, Korbit, a large Korean exchange, announced that it would no longer support Dash. Anonymous currency transactions such as Monroe, Big Coin, Augur and Steem; in July this year, a number of banks in South Korea imposed strict supervision on the accounts of cryptocurrency users, with the goal of completely abolishing anonymous cryptocurrency transactions in Korea.

In order to "self-help", Rash Taylor, CEO of Dash Core, frequently voiced in the second half of this year to clarify that Dash has the Private Send option, which means that privacy transactions are only an option in Dash transactions; among them, privacy through this option The transaction only accounts for less than 1% of the Dash network, and adds that according to Chain Analysis, almost all of these transactions are “for privacy reasons” without any illegal premise.

Ryan Taylor's argument made Dash temporarily buffered. In October of this year, OKEx Korea announced that it would temporarily suspend the offline program of Zcash and Dash, and said that after the compliance review, the final decision on Zcash and Dash will be announced.

But Ryan Taylor's argument, on the other hand, reveals the dilemma of the privacy option "nearly used."

The same situation with Dash is Zcash. As a privacy currency that also provides anonymous trading options, although it has been around for three years, only about 5% of ZECs use SNARKs, and about 95% of ZECs are stored in transparent addresses with little privacy.

The use of anonymous transactions is not high and may be attributed to two reasons.

First, its technical threshold is too high. Snowden once expressed his concern at the Web3 summit. He said that in addition to those who understand technology, private online payment is impossible for everyone. Although privacy cryptocurrencies such as Zcash and Monero are becoming more popular, most people have little access to them.

Second, the original intention of privacy requirements does not seem to buy for most markets. According to PAnews research, Bitcoin is still the most cryptocurrency in the darkest transactions with the most privacy requirements, followed by Monroe and Litecoin. According to calculations, about 93% of the websites surveyed accept bitcoin payments, and more than 44% of websites offer exclusive support for Bitcoin. In addition, the average number of cryptocurrencies supported by each market is approximately 2.4.

According to statistics, the respondents who accounted for 28% of the total sample were holding anonymous coins because they were optimistic about the future development of anonymous coins. This is also the main reason for the currency held in this survey. The second reason for holding the currency is to protect data privacy, trade profits and fresh and fun, with 24%, 21% and 16% respectively choosing.

"Mainstream cryptocurrency + privacy"

The frustration of the privacy currency can mean that privacy is a pseudo-demand?

the answer is negative. But at least it proves that for tokens that want to go to the public, privacy is not suitable for being regarded as a core value proposition.

For the privacy of the currency, Monero core technology developer Dr. Duncan S. Wong has said that the absolute privacy certificate will no longer be welcome, full privacy for the public and individuals, and a question for the regulatory and auditing agencies. The encryption pass that blames privacy will gradually move toward the mainstream.

A broader solution is that mainstream digital currencies, represented by BTC and ETH, are incorporating privacy protection into their technology update schedule.

Taking BTC as an example, Coinjoin technology is the most widely used Mixers service for hiding transaction information (by third parties, the link between the Bitcoin sender address and the recipient address is disrupted to hide the transaction information. Service), which was proposed by BTC developer Gregory Maxwell in January 2013. Using multi-signature technology, traders need to independently disperse their signatures. Only transactions that provide all signatures can be legally determined and received by the network.

As of April 2019, the volume of transactions using Coinjoin in BTC transactions was three times that of a year ago, accounting for 4.09% of all BTC transactions (data from Longhash). According to the certificate of the Institute, the Schnorr signature, Technologies such as Dandelion++ or MimbleWimble may join BTC to enhance their privacy.

In BTC's forked currency BCH, there are attempts by developers to add a Schnorr signature to it. In May of this year, BCH took the lead in adopting the Schnorr signature through protocol upgrade. Compared with the previous ECDSA signature, the biggest advantage of Schnorr signature is that the data is small, the verification efficiency is high, and multiple signatures can be aggregated into a single signature. The volume of the transaction, and can enhance the privacy characteristics of the transaction.

But in addition to BTC, ETH is a blockchain platform that is preferred by password geeks.

At the 2017 Asia Pacific Ethereum Technology Exchange, Vitalik Buterin introduced four privacy and security solutions for the Ethereum blockchain: Channels, Mixers, Ring Signatures (Ring Signature) and Zero knowledge proofs, and emphasize that zero-knowledge proof is the “most powerful” solution. Although the technology is the most difficult to implement, it protects the privacy and security of the Ethereum network. optimal.

This year, V God once again mentioned the progress of zero-knowledge proof, and mentioned Plonk, a project supported by ConsenSys, which focused on introducing privacy technology into Ethereum in October. This technology will reduce the complexity of creating zero-knowledge proofs, making it easier for more people to use it. V God said, “This means that thousands of people will be easy to get involved.”

Plonk is not the only privacy solution. Another spontaneous privacy solution, Keep Network, aims to provide secure privacy switching, transport, computing and storage for users (primarily smart contracts) by adopting a chain of private data containers.

There are also major examples of companies developing privacy solutions for Ethereum: mainly embodied in Ernst & Young's Nightfall agreement. It is reported that Nightfall combines a set of smart contracts and micro-services, as well as the Ethereum zk-snark toolbox ZoKrates, allowing ERC-20 and ERC-721 standard tokens to be “completely private” on the Ethereum blockchain.

And JP Morgan is the custom privacy protocol for the Ethereum smart contract platform: the Zether protocol. The agreement was launched in March of this year by Bulletproof developer Benedikt Bünz, Stanford University professor Dan Boneh and Visa Research, and deployed on the Ethereum in the form of a smart contract Zether Smart Contract (ZSC), which contains a name called Zether Token. (ZTH) token, which is used as the ElGamal public key in Zether. An operator that transfers between accounts and supports anonymous smart contract interactions.

More segmented, the predictor Chainlink also released "Mixicles" on DevCon 5 to provide privacy for DeFi smart contracts. According to Chainlink, Mixicles is a DeFi tool embedded in Oracle that mediates data on/off the blockchain and includes a mixer that promotes the privacy of financial instruments.

In February of this year, with the fiery hotspots such as Grin and Beam, LTC founder Li Qiwei also said in an interview that he would intentionally adopt the Mimblewimble agreement. When asked if Mimblewimble would replace the basic agreement, Li Qiwei said that his initial thoughts were expressed. The protocol is added as an extension block, similar to the sidechain, but will be attached to the main chain.

It can be seen that with the integration of mainstream cryptocurrencies for privacy functions, pure anonymous currency is facing more and more strong competitors; but in the future of privacy, the mainstream cryptocurrency deployment of privacy features may become the ultimate trend in the privacy field. .