The Different Approaches to Privacy On-Chain

Intermediate1/7/2024, 12:27:12 PM
This article introduces various privacy protocols in different blockchains, employing diverse methods to achieve privacy for blockchain users.

Public blockchains are transparent by default at the protocol level, where transactions are permanently visible and immutable to anyone via the blockchain ledger. With only pseudonymous public key addresses, discerning users’ identities from these addresses and on-chain activity is relatively straightforward for blockchain analysis companies like Chainalysis or deanonymizing protocols like Arkham. That is why privacy preservation is vital to protect users and secure applications built on public ledgers.

Due to their decentralized nature, enabling user privacy guarantees on blockchains is more complex than Web 2.0 predecessors, where proprietary data centers are trusted to ensure user data remains secure. However, as we know, this model comes with many pitfalls and feeds pervasive phenomena like surveillance capitalism and data exploitation. So, how does privacy come to fruition in blockchain, where networks and applications run on distributed network nodes?

Throughout this article, we will break down several types of privacy-preserving protocols, utilizing various methods to achieve privacy for blockchain users. It does not delve into the cryptographic primitives that will enable privacy within these systems, which we explain in other articles.

Different approaches to privacy on blockchains

There are various ways of achieving privacy for users using public blockchains — from privacy coins to shielded pools and private execution virtual machines. Each mode comes with different considerations that are essential to understand when using these privacy-enhancing tools or implementing them into new or existing applications.

Asset-specific privacy

Asset-specific privacy is the earliest form of privacy preservation on-chain. This includes privacy coins like ZCash or Monero, where privacy guarantees are tied to a specific asset, ZEC, and XMR respectively. These chains were built for only one monetary unit (ZEC for ZCash and XMR for Monero) and transfer use case. Although there are nuances here, like ZCash being found in both shielded and transparent forms, the general limitation of this approach is that privacy guarantees are tied to specific assets. That is, privacy is only available for the native token. This inherently limits usability, as users can’t access privacy for any other asset type. Although ZCash and Monero are viable options for use cases where users want to send or receive ZEC or XMR privately, interacting with other blockchain ecosystems and their respective applications becomes arduous. Ecosystems like Ethereum and Solana have hundreds of different asset types, including non-fungible ones like Soulbound Tokens and NFTs. As these ecosystems mature, privacy preservation must extend to support a diverse range of assets, allowing users to access privacy guarantees for the asset(s) they choose to transact with.

Shielded pools

Shielded pools, sometimes called anonymity sets or privacy pools, refer to solutions that break the link between a user’s public key and the assets they hold, enabling them to transact privately. On a high level, users can deposit an asset into a pool, an account operated by a smart contract. Through various cryptographic techniques, each user’s deposit is indistinguishable from another within the shielded pool. After depositing, users can initiate a transaction by proving (usually via zero-knowledge proof) their spending power over the deposited assets. This allows them to utilize these assets without links to their public keys, effectively preserving their privacy. The critical caveat of shielded pools is that privacy guarantees are stronger the more unique deposits exist within a given pool. Simply put, more users means better privacy.

Private execution virtual machines

Private execution Virtual Machines (VMs) are an up-and-coming form for preserving privacy on blockchains. This approach enables off-chain computation to be verified on-chain since currently there isn’t an efficient way to verify the correctness of private data directly on-chain. Although FHE could change this in the future, an off-chain execution, on-chain verification model using ZKPs is currently used. This allows apps/users not to have to publish any revealing or sensitive data on-chain. Utilizing zero-knowledge proofs for privacy, they eliminate the need to publish data on-chain while retaining the correctness of state transitions. This approach powers “private by default” Layer 1’s like

Aleo

or private execution Layer 2’s like

Aztec Labs

, where privacy can be implemented at the protocol level. Private VMs expand the scope of solutions that can be built by bringing more arbitrary private applications on-chain like private gaming. However, privacy guarantees in this architecture are not bound to privacy set but by state interactivity, as it establishes what data users must show to other users involved in an interaction that results in a state transition. In addition, this approach has some limitations for existing applications as it would require entirely new logic.

Each approach to privacy on blockchains has advantages and disadvantages depending on the use case and application. Privacy coins like ZEC and XMR are great for basic sending but are limited by their usability. Shielded pools bring more flexibility to privacy preservation but have their effectiveness dependent on the number of deposits within the pool. Private execution VMs establish the possibility for default privacy but still come with the possibility of leaking information and burdensome development overhead. Although each use case and application needs to reason through the ideal design approach for enhancing privacy, many ecosystems and applications need privacy now.

A closer look at shielded pools

Shielded pools provide one of the most flexible and potent forms of account-level privacy enhancement. Let’s take a deeper look at some of the nuances of this approach and how Elusiv extends this design with robust and comprehensive privacy solutions that can expand across ecosystems.

Measuring privacy guarantees for different shielded pools

Privacy protocols take different approaches when deploying the shielded pool design, each coming with different tradeoffs. Tornado Cash, one of the most well-known privacy protocols based on Ethereum, utilizes this approach to obfuscate on-chain transactions. Although the Tornado Cash application accepts a variety of assets, Tornado Cash pools are divided by asset type. For example, Pool A may only consist of Ethereum cryptocurrency (ETH) deposits and Pool B of digital dollar stablecoin (USDC) deposits. Aztec, another leading privacy protocol on Ethereum, leveraged a similar approach in their zk.money application before it was sunsetted in March 2023.

)

Fragmented shielded pools based on asset type

This fundamental division decreases privacy guarantees since the pools are fragmented. Privacy efficacy is bound to the amount of deposits in a specific pool. As a result, pools that correlate to assets with a higher market cap, like USDC, will have strictly better privacy guarantees than those with lower market cap assets. The fewer deposits within a pool, the easier it is to associate public keys and their interactions, leading to possible identification.

Although, from a user’s perspective, these applications enable privacy for various assets, the inherent fragmentation of the shielded pools limits the underlying privacy guarantees. Removing this limitation would drastically increase the anonymity set, bringing better privacy to all users.

Elusiv’s Multi-Asset Shielded Pool

Elusiv is utilizing a more flexible shielded pool implementation in its V2 upgrade, enabling arbitrary assets to share the same privacy set in a Multi-Asset Shielded Pool (MASP). It lets users privately hold and transfer ownership of generic on-chain assets while retaining composability with smart contracts on the underlying general-purpose chain. This means that users can hold and interact with any asset or application supported by the Elusiv smart contract while enjoying the privacy benefits of a much larger shielded set. Privacy guarantees are thus a consolidated function of:

  • Total number of private transactions (private sending and receiving)
  • Total number of Private DeFi actions (via the Elusiv SDK)
  • Total value locked in the Elusiv smart contract

Universal shielded pool for any asset type

Elusiv’s MASP can provide a universal shielded pool for entire ecosystems, where users of Elusiv or any app that has integrated the Elusiv SDK share the same anonymity set. This is extremely powerful for privacy preservation, which is now a holistic and non-exclusive privacy tool.

A note on compliance

Although shielded pools provide adequate privacy for users, the lack of compliance measures to filter out illicit activity and dissociate honest users from malicious actors significantly hinders usability, leading to Tornado Cash’s sanctioning in 2022. Elusiv takes a comprehensive approach to privacy by implementing Zero-Knowledge Encrypted User Safeguarding (ZEUS). ZEUS is a decentralized privacy-preserving compliance solution to mitigate any illicit use of Elusiv’s MASP. Not only does this secure Elusiv and its users, it establishes regulatory alignment and ultimately provides scalability to privacy-preservation on-chain.

The Elusiv Stack

Elusiv will redefine privacy for blockchains

Privacy in blockchain has yet to come to usable fruition and general adoption. Why? Beyond compliance, the privacy landscape in its current stage is fragmented. Depending on the privacy protocol one uses, underlying limitations affect privacy guarantees, UX, or both. Elusiv aims to provide compliant, composable, and modular privacy for blockchains. Wallets, DEXs, lending protocols, and more can integrate Elusiv and utilize the universal shielded pool that supplies entire ecosystems like Solana. Imagine the privacy guarantees that come from a shielded pool that extends across all applications! This introduces a mighty new paradigm catalyzing privacy enhancement that is flexible and community-driven, merging users and applications to preserve this essential human right.

Disclaimer:

  1. This article is reprinted from [@elusivprivac">medium]. All copyrights belong to the original author [Elusiv Privacy]. If there are objections to this reprint, please contact the Gate Learn team, and they will handle it promptly.
  2. Liability Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.
  3. Translations of the article into other languages are done by the Gate Learn team. Unless mentioned, copying, distributing, or plagiarizing the translated articles is prohibited.

The Different Approaches to Privacy On-Chain

Intermediate1/7/2024, 12:27:12 PM
This article introduces various privacy protocols in different blockchains, employing diverse methods to achieve privacy for blockchain users.

Public blockchains are transparent by default at the protocol level, where transactions are permanently visible and immutable to anyone via the blockchain ledger. With only pseudonymous public key addresses, discerning users’ identities from these addresses and on-chain activity is relatively straightforward for blockchain analysis companies like Chainalysis or deanonymizing protocols like Arkham. That is why privacy preservation is vital to protect users and secure applications built on public ledgers.

Due to their decentralized nature, enabling user privacy guarantees on blockchains is more complex than Web 2.0 predecessors, where proprietary data centers are trusted to ensure user data remains secure. However, as we know, this model comes with many pitfalls and feeds pervasive phenomena like surveillance capitalism and data exploitation. So, how does privacy come to fruition in blockchain, where networks and applications run on distributed network nodes?

Throughout this article, we will break down several types of privacy-preserving protocols, utilizing various methods to achieve privacy for blockchain users. It does not delve into the cryptographic primitives that will enable privacy within these systems, which we explain in other articles.

Different approaches to privacy on blockchains

There are various ways of achieving privacy for users using public blockchains — from privacy coins to shielded pools and private execution virtual machines. Each mode comes with different considerations that are essential to understand when using these privacy-enhancing tools or implementing them into new or existing applications.

Asset-specific privacy

Asset-specific privacy is the earliest form of privacy preservation on-chain. This includes privacy coins like ZCash or Monero, where privacy guarantees are tied to a specific asset, ZEC, and XMR respectively. These chains were built for only one monetary unit (ZEC for ZCash and XMR for Monero) and transfer use case. Although there are nuances here, like ZCash being found in both shielded and transparent forms, the general limitation of this approach is that privacy guarantees are tied to specific assets. That is, privacy is only available for the native token. This inherently limits usability, as users can’t access privacy for any other asset type. Although ZCash and Monero are viable options for use cases where users want to send or receive ZEC or XMR privately, interacting with other blockchain ecosystems and their respective applications becomes arduous. Ecosystems like Ethereum and Solana have hundreds of different asset types, including non-fungible ones like Soulbound Tokens and NFTs. As these ecosystems mature, privacy preservation must extend to support a diverse range of assets, allowing users to access privacy guarantees for the asset(s) they choose to transact with.

Shielded pools

Shielded pools, sometimes called anonymity sets or privacy pools, refer to solutions that break the link between a user’s public key and the assets they hold, enabling them to transact privately. On a high level, users can deposit an asset into a pool, an account operated by a smart contract. Through various cryptographic techniques, each user’s deposit is indistinguishable from another within the shielded pool. After depositing, users can initiate a transaction by proving (usually via zero-knowledge proof) their spending power over the deposited assets. This allows them to utilize these assets without links to their public keys, effectively preserving their privacy. The critical caveat of shielded pools is that privacy guarantees are stronger the more unique deposits exist within a given pool. Simply put, more users means better privacy.

Private execution virtual machines

Private execution Virtual Machines (VMs) are an up-and-coming form for preserving privacy on blockchains. This approach enables off-chain computation to be verified on-chain since currently there isn’t an efficient way to verify the correctness of private data directly on-chain. Although FHE could change this in the future, an off-chain execution, on-chain verification model using ZKPs is currently used. This allows apps/users not to have to publish any revealing or sensitive data on-chain. Utilizing zero-knowledge proofs for privacy, they eliminate the need to publish data on-chain while retaining the correctness of state transitions. This approach powers “private by default” Layer 1’s like

Aleo

or private execution Layer 2’s like

Aztec Labs

, where privacy can be implemented at the protocol level. Private VMs expand the scope of solutions that can be built by bringing more arbitrary private applications on-chain like private gaming. However, privacy guarantees in this architecture are not bound to privacy set but by state interactivity, as it establishes what data users must show to other users involved in an interaction that results in a state transition. In addition, this approach has some limitations for existing applications as it would require entirely new logic.

Each approach to privacy on blockchains has advantages and disadvantages depending on the use case and application. Privacy coins like ZEC and XMR are great for basic sending but are limited by their usability. Shielded pools bring more flexibility to privacy preservation but have their effectiveness dependent on the number of deposits within the pool. Private execution VMs establish the possibility for default privacy but still come with the possibility of leaking information and burdensome development overhead. Although each use case and application needs to reason through the ideal design approach for enhancing privacy, many ecosystems and applications need privacy now.

A closer look at shielded pools

Shielded pools provide one of the most flexible and potent forms of account-level privacy enhancement. Let’s take a deeper look at some of the nuances of this approach and how Elusiv extends this design with robust and comprehensive privacy solutions that can expand across ecosystems.

Measuring privacy guarantees for different shielded pools

Privacy protocols take different approaches when deploying the shielded pool design, each coming with different tradeoffs. Tornado Cash, one of the most well-known privacy protocols based on Ethereum, utilizes this approach to obfuscate on-chain transactions. Although the Tornado Cash application accepts a variety of assets, Tornado Cash pools are divided by asset type. For example, Pool A may only consist of Ethereum cryptocurrency (ETH) deposits and Pool B of digital dollar stablecoin (USDC) deposits. Aztec, another leading privacy protocol on Ethereum, leveraged a similar approach in their zk.money application before it was sunsetted in March 2023.

)

Fragmented shielded pools based on asset type

This fundamental division decreases privacy guarantees since the pools are fragmented. Privacy efficacy is bound to the amount of deposits in a specific pool. As a result, pools that correlate to assets with a higher market cap, like USDC, will have strictly better privacy guarantees than those with lower market cap assets. The fewer deposits within a pool, the easier it is to associate public keys and their interactions, leading to possible identification.

Although, from a user’s perspective, these applications enable privacy for various assets, the inherent fragmentation of the shielded pools limits the underlying privacy guarantees. Removing this limitation would drastically increase the anonymity set, bringing better privacy to all users.

Elusiv’s Multi-Asset Shielded Pool

Elusiv is utilizing a more flexible shielded pool implementation in its V2 upgrade, enabling arbitrary assets to share the same privacy set in a Multi-Asset Shielded Pool (MASP). It lets users privately hold and transfer ownership of generic on-chain assets while retaining composability with smart contracts on the underlying general-purpose chain. This means that users can hold and interact with any asset or application supported by the Elusiv smart contract while enjoying the privacy benefits of a much larger shielded set. Privacy guarantees are thus a consolidated function of:

  • Total number of private transactions (private sending and receiving)
  • Total number of Private DeFi actions (via the Elusiv SDK)
  • Total value locked in the Elusiv smart contract

Universal shielded pool for any asset type

Elusiv’s MASP can provide a universal shielded pool for entire ecosystems, where users of Elusiv or any app that has integrated the Elusiv SDK share the same anonymity set. This is extremely powerful for privacy preservation, which is now a holistic and non-exclusive privacy tool.

A note on compliance

Although shielded pools provide adequate privacy for users, the lack of compliance measures to filter out illicit activity and dissociate honest users from malicious actors significantly hinders usability, leading to Tornado Cash’s sanctioning in 2022. Elusiv takes a comprehensive approach to privacy by implementing Zero-Knowledge Encrypted User Safeguarding (ZEUS). ZEUS is a decentralized privacy-preserving compliance solution to mitigate any illicit use of Elusiv’s MASP. Not only does this secure Elusiv and its users, it establishes regulatory alignment and ultimately provides scalability to privacy-preservation on-chain.

The Elusiv Stack

Elusiv will redefine privacy for blockchains

Privacy in blockchain has yet to come to usable fruition and general adoption. Why? Beyond compliance, the privacy landscape in its current stage is fragmented. Depending on the privacy protocol one uses, underlying limitations affect privacy guarantees, UX, or both. Elusiv aims to provide compliant, composable, and modular privacy for blockchains. Wallets, DEXs, lending protocols, and more can integrate Elusiv and utilize the universal shielded pool that supplies entire ecosystems like Solana. Imagine the privacy guarantees that come from a shielded pool that extends across all applications! This introduces a mighty new paradigm catalyzing privacy enhancement that is flexible and community-driven, merging users and applications to preserve this essential human right.

Disclaimer:

  1. This article is reprinted from [@elusivprivac">medium]. All copyrights belong to the original author [Elusiv Privacy]. If there are objections to this reprint, please contact the Gate Learn team, and they will handle it promptly.
  2. Liability Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.
  3. Translations of the article into other languages are done by the Gate Learn team. Unless mentioned, copying, distributing, or plagiarizing the translated articles is prohibited.
Start Now
Sign up and get a
$100
Voucher!