Produced | Odaily (ID: o-daily)

Produced | Odaily (ID: o-daily)

At the Berlin web3.0 summit in August this year, Edward Snowden, the protagonist of the American Prism Gate, rarely appeared on the video connection screen. In 40 minutes, Bitcoin, freedom and privacy were the themes of this speech. On the same day, former Ethereum co-founder & Polkadot founder Gavin Wood exclaimed in his speech that "privacy is a core part of the Web3 movement."

In addition to the progress of Ethereum 2.0, zero-knowledge proof may be the most mentioned keyword in the second half of this year. He not only paid close attention to the progress of Ethereum in privacy solutions, but also praised Zk-SNARKs for "great progress in the past three weeks"; in addition, new privacy technologies are emerging in an endless stream.

Capital and public chains are also focusing on privacy. NuCypher, which focuses on the privacy layer of Ethereum, has completed the $10.7 million future token agreement SAFT investment led by Polychain Capital, becoming another star project; while mainstream cryptocurrencies represented by Ethereum, Litecoin, and BCH are The next deployment plan is being placed on the privacy agreement.

When the story of the impossible triangle has been "tired" by people, the menacing web3.0 and the developing privacy technology are pushing the proposition of privacy to a new outlet.

But at the same time, privacy-oriented coins are facing a regulatory crisis. Due to the risk of illegal financing and due to regulatory pressure, exchanges have delisted privacy coins. In August, Coinbase UK dropped support for Zcash. On September 10, OKEx Korea announced the delisting of six cryptocurrencies including Monero, Dash, Zcash, ZCache, Horizon and SuperBitcoin, and said that this was related to the FATF rules formulated in June.

secondary title

What is privacy?

Pavel Durov, the founder of the encrypted messaging software Telegram, once said in response to the Russian government's blockade: "I think privacy, and our right to privacy, is more important than the fear of terrorism, a bad thing. "

This sentence once attracted a lot of controversy, but Pavel Durov at least proved that he is an absolute cypherpunk: no privacy, no freedom.

The privacy pursued by the cypherpunks is the predecessor of the "trustless" and "resistance to censorship" ideas pursued by Bitcoin, which is one of the reasons why the blockchain world is considered to have encryption genes.

However, as we all know, cryptocurrencies are not equal to absolute anonymity. Most digital currencies represented by BTC are still regarded as transparent due to the transparency of transactions, that is, the sender, receiver, and specific transaction amount are open and transparent. Kan called it "Satoshi Nakamoto without clothes".

secondary title

The History of Privacy Technology

At this point, we can review the history of the development of mainstream privacy.

In December 2012, the CryptoNote protocol applied to the well-known anonymous currency Monero came out. This is also the first protocol for the privacy of digital tokens. The protocol introduces two technologies: privacy address technology and ring signature technology, which will send The party and the receiver are anonymized, but the disadvantage is that the transaction amount cannot be hidden.

For this reason, RING-CT (Ring Confidential Transaction Tool) came into being. As a supplement to CryptoNote, RING-CT has the ability to hide the transaction amount. The speed of token transactions has a strong anonymity effect and does not require any third-party participation.

But while improving the privacy of the Monero blockchain, RingCT sacrificed scalability. In order to improve the capabilities of Ring CT, a new efficient zero-knowledge proof protocol called Bulletproofs was introduced into Monero through a hard fork on October 18, 2018. According to Monero contributor Ehrenhofer, Bulletproofs technology has reduced Monero's transaction size and verification time by about 80%.

Bulletproofs were originally designed for Bitcoin by Jonathan Bootle of University College London and Benedikt Bunz of Stanford University. Its inspiration comes from the original zero-knowledge proof technology zk-SNARKs. Compared to zk-SNARKs, Bulletproofs do not require a trusted setup (the setup itself brings some potential security risks), but verifying Bulletproofs is more time-consuming than verifying zk-SNARKs proofs.

zk-SNARKs was proposed by Ben-Sasson et al. of the Israel Institute of Technology in the Zerocash paper in 2014. At present, zk-SNARKs is almost the most widely used privacy technology in the blockchain world. Well-known projects that deploy zk-SNARKs algorithms include Zcash, Loopring, etc. Ethereum is also expected to deploy zk-SNARKs. In January 2019, the Ethereum Foundation and the startup Matter jointly released a sidechain expansion plan using zk-SNARKs on the Ethereum test network. At the Ethereum conference held in Tel Aviv, Israel in the second half of this year, when asked about the latest developments in privacy technology, V God strongly praised the technology. "In the past three weeks, Zk-SNARKs has indeed made great progress, but A lot of people don't realize that."

On the basis or challenge of zk-SNARKs (improving privacy while reducing transaction capacity and increasing transaction costs), new zero-knowledge proofs including zk-STARKs, Bulletproofs, and MimbleWimble have been derived. Compared to zk-SNARKs, zk-STARKs are considered to be a faster and lower-cost technical implementation. But more importantly, zk-STARKs do not require an initial trusted setup; Mimblewimble/Grin improves upon Confidential Transactions and CoinJoin. Key features include no public addresses, complete privacy and a dense blockchain.

New privacy technology concepts are constantly being proposed. Many encryption technologies, including PLONK, Halo, Sonic, Supersonic, etc., were born this year.

In February, Sarah Meiklejohn of University College London, Markulf Kohlweiss of the University of Edinburgh, and Sean Bowe of Zcash proposed a zero-knowledge proof protocol called Sonic that still requires a trusted setup.

In August of this year, the AZTEC agreement led by ConsenSys announced PLONK. According to reports, this is a new efficient and general-purpose ZK-SNARK architecture. PLONK only needs one trusted setting, which can be reused by all programs and forwarded by V God.

In September, the Electric Coin Company, the developer of Zcash, released Halo. ECC CEO and Zcash founder Zooko Wilcox said the study discovered a "trustless" zero-knowledge proof recursive combination, a "long-standing breakthrough" in cryptography. .

secondary title

The "Darkest Hour" of Privacy Coins

Geeks are immersed in the privacy laboratory. While privacy technology is gradually developing, privacy coins are ushering in the "darkest moment".

In June, the Financial Action Task Force (FATF), an international intergovernmental cooperation body against money laundering, issued a final guidance for cryptocurrency businesses. The new regulation, dubbed the strongest regulation for digital currencies, offers an ultimatum on transaction privacy: Virtual currency service providers (VASPs), including cryptocurrency exchanges, must pass information about customers to Law enforcement.

In the view of regulators, the setting of anonymity is enough to arouse the regulator's concerns about the risks of money laundering and terrorist financing, and this is obviously an exclamation point before the storm for anonymous coins that are committed to concealing transactions.

In August this year, Coinbase announced that it would no longer provide Zcash trading services for UK users from August 26, 2019; in September, OKEx South Korea announced that it would delist six privacy tokens including Monero, Dash, Zcash, ZCache, Horizon and SuperBitcoin Korean exchange UpBit also announced on its website that it will delist 6 privacy coins, including Monero, Dash, and Zcash; Privacy coins such as Rocoin (XMR) and Zcash (ZEC).

People's pessimism about the prospects of privacy coins can be reflected in the performance of the encryption market. In three months (from July 25th), the market price of XMR dropped by 35%; the price of Zcash dropped by 53%. Grin, which led the hot spot at the beginning of this year, fell by more than 83%. However, it should be noted that Bitcoin also fell by more than 25% during the same period.

For this reason, Jeff Dorman, chief investment officer of Arca, an asset management company in Los Angeles, even expressed pessimistically, "It is very likely that many privacy coins will be delisted and their liquidity will dry up."

In fact, regulation has always been the sword of Damocles hanging over privacy coins.

According to public information, in May last year, under the pressure of the Japanese Financial Services Agency, the Japanese exchange Coincheck has confirmed the removal of several privacy coins; at the same time, Korbit, a large South Korean exchange, also announced that it will no longer support Dash , Monero, Zcash, Augur and Steem and other anonymous currency transactions; in July this year, several banks in South Korea implemented strict supervision on the accounts of cryptocurrency users, with the goal of completely abolishing anonymous cryptocurrency transactions in South Korea.

In order to "help himself", Dash Core CEO Ryan Taylor frequently spoke out in the second half of this year, clarifying that Dash has a Private Send option, which means that private transactions are only one option in Dash transactions; among them, privacy through this option The transactions accounted for less than 1 percent of transactions on the Dash network, adding that almost all of them were "for privacy reasons" without any illegal premises, according to Chain Analysis.

Ryan Taylor's defense gave Dash a temporary buffer time. In October this year, OKEx Korea announced that it would temporarily suspend the delisting plans of privacy coins Zcash and Dash, and said that after the compliance review, it would announce the final decision on Zcash and Dash.

But Ryan Taylor's defense also reveals the dilemma of privacy options "almost unused" on the other hand.

Having the same situation as Dash is Zcash. As a privacy coin that also provides anonymous transaction options, although it has existed for nearly 3 years, only about 5% of ZEC uses SNARKs, and about 95% of ZEC is stored in transparent addresses with almost no privacy.

The low usage rate of anonymous transactions may be attributed to two reasons.

One is that its technical threshold is too high. Snowden once expressed his concerns at the Web3 Summit, saying that private online payments are impossible for everyone except those who understand technology. Despite the growing popularity of privacy cryptocurrencies like Zcash and Monero, they are barely accessible to the vast majority of people.

Second, the original intention of privacy needs does not seem to be bought by most markets. According to PAnews research, Bitcoin is still the most-chosen cryptocurrency in darknet transactions where privacy needs are the greatest, followed by Monero and Litecoin. According to calculations, about 93% of the darknet surveyed by it accept bitcoin payment, and more than 44% of the sites provide exclusive support for bitcoin. In addition, the average number of cryptocurrencies supported by each market is about 2.4.

secondary title

"Mainstream Cryptocurrency + Privacy" is on the rise

Does the frustration of privacy coins mean that privacy is a false demand?

the answer is negative. But at least it proves that for tokens that want to go to the public, privacy is not suitable to be regarded as the core value proposition.

For privacy coins, Monero core technology developer Dr. Duncan S.Wong once said that absolute privacy tokens will no longer be popular, to achieve complete privacy for the public and individuals, and to be questionable to regulators and audit institutions. Encrypted tokens that guarantee privacy will gradually move towards the mainstream.

A broader solution is that mainstream digital currencies represented by BTC and ETH are incorporating privacy protection functions into their technology update schedules.

Taking BTC as an example, Coinjoin technology is the most widely used mixer (Mixers) service for hiding transaction information (through a third party, the connection between the address of the bitcoin sender and the address of the receiver is disrupted to hide the transaction information. This service) was proposed by BTC developer Gregory Maxwell in January 2013. Using multi-signature technology, traders need to complete signatures independently and separately. Only transactions that provide all signatures can be judged legal and accepted by the network.

As of April 2019, the transaction volume using Coinjoin in BTC transactions was three times that of a year ago, accounting for 4.09% of all BTC transactions (data from Longhash). Technologies such as Dandelion++ or MimbleWimble may be added to BTC to enhance its privacy.

In BCH's fork currency BCH, some developers have tried to add Schnorr signatures to it. In May of this year, BCH took the lead in adopting Schnorr signatures through protocol upgrades. Compared with the previous ECDSA signatures, the biggest advantages of Schnorr signatures are: smaller data, higher verification efficiency, and the ability to aggregate multiple signatures into a single signature. The volume of the transaction, and can improve the privacy characteristics of the transaction.

However, in addition to BTC, ETH is a blockchain platform more favored by crypto geeks.

At the Asia-Pacific Ethereum Technology Exchange Conference in 2017, Vitalik Buterin introduced four privacy and security solutions for the Ethereum blockchain: Channels, Mixers, Ring Signature (Ring Signature) and zero-knowledge proofs (Zero knowledge proofs), and emphasize that zero-knowledge proof is the "most powerful" solution. Although the technology is the most difficult to implement, it is effective in protecting the privacy and security of the Ethereum network. optimal.

This year, V God once again mentioned the progress of zero-knowledge proofs, and mentioned Plonk, a project supported by ConsenSys, which focused on introducing privacy technology to Ethereum in October. This technology will reduce the complexity of creating zero-knowledge proofs, making it easier for more people to use. V God said, "This means that thousands of people will easily participate."

Plonk isn't the only privacy solution out there. Another spontaneous privacy solution is Keep Network, which aims to provide users (mainly smart contracts) with secure privacy exchange, transmission, calculation and storage channels by using off-chain privacy data containers.

There are also prime examples of companies developing privacy solutions for Ethereum: notably Ernst & Young's Nightfall protocol. It is reported that Nightfall combines a set of smart contracts and microservices, and the Ethereum zk-snark toolbox ZoKrates, allowing ERC-20 and ERC-721 standard tokens to conduct "completely private" transactions on the Ethereum blockchain.

And JP Morgan's custom privacy protocol for the Ethereum smart contract platform: the Zether Protocol. The agreement was jointly proposed by Bulletproof developer Benedikt Bünz, Stanford University professor Dan Boneh, and Visa Research Department in March this year. It was deployed on Ethereum in the form of a smart contract Zether Smart Contract (ZSC), which contains a Zether Token (ZTH) token, which acts as the ElGamal public key in Zether. An operator that transfers between accounts and supports anonymous smart contract interactions.

For those who are more subdivided, the oracle machine Chainlink also released "Mixicles" on DevCon 5, which aims to provide privacy for DeFi smart contracts. Chainlink stated that Mixicles are DeFi tools with embedded oracles that mediate between data on/off the blockchain and include mixers that promote the privacy of financial instruments.

In February of this year, with the popularity of privacy coins such as Grin and Beam, LTC founder Li Qiwei also expressed his intention to adopt the Mimblewimble protocol in an interview. When asked whether Mimblewimble would replace the basic protocol, Li Qiwei said that his initial thoughts is to add the protocol as an extension block, similar to a sidechain, but will be appended to the main chain.

It can be seen that with the integration of privacy functions of mainstream cryptocurrencies, purely anonymous coins are facing more and more strong competitors; but looking at the future of privacy, the deployment of privacy functions by mainstream cryptocurrencies may become the ultimate trend in the privacy field .