Ethereum name service exposes privacy flaws, Vitalik Buterin proposes solution

According to Decrypto reported on April 1, Ethereum co-founder Vitalik Buterin proposed to find a solution to one of Ethereum's biggest privacy flaws.

Privacy

Image source: Pixabay

The flaw is related to the Ethereum Name Service (ENS). The service allows adding a user-friendly name to a complex Ethereum address, making sending cryptocurrency as easy as sending an email. However, as Decrypt revealed, people using these names may unknowingly expose their financial situation.

The problem with ENS is that these names are linked to public Ethereum addresses and anyone can view them. So if you attach your real name to your Ethereum address, then everyone can see all the transactions you are doing. It's like someone is peering into your bank account where you have cryptocurrencies. Buterin told Decrypt:

"I hope this will inspire more privacy efforts."

Ethereum's next privacy solution

On April 1, Buterin tweeted that addressing this issue is a top priority for Ethereum because it can improve privacy on the Ethereum network. He wrote:

"In addition to continuous improvements such as http://tornado.cash, the next step in improving Ethereum privacy is to adopt a pollution-free, easy-to-use, and privacy-friendly solution. When sending tokens to an ENS name, They will not disclose the tokens they receive. ".

The point here is to ensure that people can use ENS addresses without having to show people what they are doing with these tokens when accepting transactions.

Addressing Ethereum's privacy issues

Buterin's solution is to use cryptography to hide transaction data. He explained how this was done, but it was a bit complicated. He said:

"The private address is simple: the ENS name holder issues a public key P and a private key p. The sender generates a random number r and sends the token to the address rP (this is an elliptic curve dot product). The name holder can use rp Spend these tokens. The sender needs to send r to the name holder somehow. "

In short, the sender and receiver exchange cryptographic signatures to hide transaction details. It uses the encryption technology commonly used in blockchain to ensure that people cannot use other people's cryptocurrencies.

Its main challenge is how to send the generated random number called r to someone with the ENS name. Considering passing information out of the blockchain, Buterin added several possible ways to achieve this. But he did not find a clear solution. He thought about it and said:

"There may be some strange technologies we haven't thought of yet."

Privacy has been around for a long time, and it's time to add it to Ethereum's roadmap.

This article has been authorized for translation by decrypt.co.