Avoiding the gaze of unwanted intruders has long been part of the allure of cryptocurrencies, but the reality is that privacy isn’t necessarily any more of a guarantee in Web3 than it is anywhere else. Last year, Worldcoin’s brazen approach to biometric data collection – followed by a very public backlash – put the issue firmly back into the spotlight.
A survey subsequently carried out by ConsenSys, which polled over 15,000 people in 15 countries, found that privacy was top of mind for 83% of respondents, while 79% also said they wanted more control of their online identity.
The Weaknesses of Pseudonymity
The lack of true privacy afforded by public blockchains, which offer pseudonymity as opposed to full anonymity, is generally well understood. Last year, analytics provider Arkham came under serious fire after launching a so-called “dox-to-earn” program that offered bounties to those who could identify users behind a given crypto address.
Of course, due to the public nature of blockchain data, once a person can be tied to a blockchain address, it’s also possible to see all transactions and activity associated with that address. In a segment like DeFi, this level of transparency can reveal a huge amount of sensitive financial data.
Yet, necessity is the mother of invention, and the gaps in privacy combined with the increasing concern of the user community are driving investment and innovation. For instance, blockchain development firm COTI, which recently pivoted to developing a privacy-centric Ethereum (ETH-USD) Layer 2, has announced a $25 million ecosystem fund to drive the development of privacy-focused initiatives.
The first grant from the fund is being made to Soda Labs, an up-and-coming startup in the cryptographic discipline of Multi-Party Computation (MPC), which enables multiple parties to jointly compute a function without revealing their own inputs to the function. Soda will work with COTI on the development of a technology called garbling, a form of MPC.
Other solutions are also already in development, focusing on better privacy over blockchain transaction data while maintaining its integrity. However, many of these solutions are based on zero-knowledge technology, which requires moving data off-chain to process. This involves decryption and re-encryption, thus not offering an end-to-end privacy guarantee.
Fhenix, a seed startup that secured $7 million in funding last year, is developing a confidential Layer-2 blockchain that uses fully homomorphic encryption (FHE) so that data remains fully encrypted throughout its entire journey.
What’s Really at Stake When You Stake?
Even blockchain power users may not be aware that there are other points of vulnerability where their privacy could be compromised. For example, staking has become the single most popular way to generate returns, but participating in a network as a staker could also inadvertently reveal highly sensitive data such as physical location.
Last year, a researcher from the Ethereum Foundation confirmed that the IP addresses of validators, which contain location data, are monitored as part of a larger set of metadata. So unless a staker actively takes steps to protect their IP address, the chances are anyone on the network can identify their location.
One workaround could be a solution like SSV, a decentralized infrastructure network that acts as a kind of staking layer atop Ethereum. It enables distributed control of an Ethereum validator node by splitting the validator key across the entire SSV network. It’s more inclusive and user-friendly than the Ethereum network, enabling anyone to participate in staking without meeting the high 32 ETH minimum validator threshold and without the risk of being slashed or having their IP address monitored.
A Fresh Approach?
Blockchain researchers are now beginning to differentiate between “on-chain” privacy, which focuses on the ability to link transactions to a wallet address, and “off-chain,” which ensures that real-world identities can’t be tied to anything done online. With this in mind, a change of approach is also required, from the concept of using privacy-centric services and assets to having privacy baked into services as standard.
Namada is a new Layer-1 protocol operated by Anoma, which offers so-called “composable privacy,” enabling blockchains, dApps, or tokens to integrate privacy elements without changing anything about their underlying code structure.
Anoma is one of the projects leveraging the novel idea of “intents,” which is rapidly becoming the hottest new concept in the blockchain sphere. Intent-centric services allow the user to specify what they want from the transaction – for instance, the highest profits or the lowest fees – and the protocol will match them with the best counterparty to meet their aim. However, with Anoma, transaction details and user identities remain confidential.
Web3 may not always have delivered on its promise to prioritize user privacy, and high-profile flops like Worldcoin haven’t helped to improve perceptions among users. However, there is a demonstrable commitment to investment and creativity that’s now beginning to bear fruit, giving users hope that they don’t have to worry about who might be watching each time they open their wallets.
