Computational and Transactional Privacy — A Deep Dive/Commentary
A range of blockchain networks have long focused on transactional privacy. In recent history, there have been significant advances in transactional and computational privacy for networks such as MimbleWimble, Secret Network, Oasis, and potential ERC-20 roll-ups.
As such, a distinction needs to be drawn between transactional privacy and computational privacy as a significant number of users are not aware of the underlying fundamental difference between these two terms.
As with most terms in the Decentralized Ledger Technology (DLT)domain, complex terminology continues to be a barrier of entry for everyday users, investors, and developers. This body of work will be focused on describing both transactional and computational privacy in terms of capability, architecture, narrative, compliance, and value.
Transactional privacy is the process and act of obfuscating transactional data on-chain between users through the use of encryption and other techniques.
Perfect transactional privacy would appear in the following scenario:
A sends cryptocurrency to B through a blockchain. The end result is as follows: no one knows A sent cryptocurrency to B. No one knows B received cryptocurrency. No one knows how much cryptocurrency was sent. Additionally, B does not know where they received the cryptocurrency from.
In a perfect world, no one would even know A even interacted with a smart contract or protocol (but this borderline impossible).
Properly implementing transaction privacy is incredibly complex and involves a high degree of mathematics and cryptography in order to verify the validity of both parties in order to directly facilitate the execution of the transactions.
On-chain privacy is such an elusive task in terms of settlement that typically an entirely unique layer-one solution is required in order to have the fundamental architecture to be able achieve true on-chain transactional privacy.
Because publicly visible blockchains have all data perfectly visible and tractable (not to mention immutable) users have been put into situations where new decentralized technology is transparent to the point that legacy financial systems have significantly more privacy for users then their decentralized alternatives (grant it, such privacy is made possible through trust and liability being placed squarely at the feet of said centralized financial institutions).
While typical enterprises have audit trails for compliance agencies, the general public is not aware of different balance sheet changes on a moment to moment basis. As such, lack of privacy in the DLT domain is a significant barrier of entry. Until there is a settlement layer than can provide both privacy and a provable audit trail, legacy financial institutions will to some degree have a benefit that cannot be matched by DLTs assuming users and enterprises are okay with the tradeoff.
It would not be fair to mention transactional privacy without understanding some of the underlying narrative that floats around from regulators. Ironic statements such as “bitcoin is only used for fraud” or “bitcoin is entirely private”. Such statements have a complete misunderstanding of what privacy looks like on a transactional level. The distinction is drawn as follows:
While anyone can create a cryptocurrency wallet and have neutrality and privacy within the permissionless nature of creating a wallet, the same cannot be said for when said wallet receives any amount of cryptocurrency.
The instant a wallet receives funds from another wallet, it immediately is tied to a chain of transactions and wallets that will ultimately tie back to KYC centralized exchanges that are responsible by law to pair names/identities to wallets/public addresses. These pairings are handed off to large 3 letter agencies such as the SEC, Office of the Comp Controller of the Currency (OOC), Financial Crimes Enforcement Network (FinCEN), and more than likely to agencies such as the FBI and CIA that have quite an interest in activities such as money laundering. As a small side note, as most people in the cryptocurrency domain are aware, the USD/the dollar is the most money laundered currency in the world.
While the permissionless nature of creating a wallet is in and of itself neutral and private, there is no doubt that highly complicated analytics have been spun up that are able to create a chain of real world identities attached to any given publicly visible address. For most users this is not perceived to be a big deal — after all, what do you have to hide? A couple of things are easily identifiable right off of the bat.
First, taxation will undoubtedly become a bigger deal as regulators are able to figure out how to properly identify the various asset class (such as cryptocurrency, crypto-assets, crypto-commodities, and crypto-securities).
Their is a whole host of users that are going to be in for an unpleasant surprise when regulators reach out to them due to lack of transactional privacy.
There are rumors that have circulated claiming that government agencies only care about accounts that hold greater than 10k worth of crypto-assets, but there is no knowing how complex and accurate tracking tools are, and how accountability will be doled out in the near future.
Second, legislation is still in the process of being established in order to define how the range of asset classes should be treated. While the former may occur quickly, the latter may be contingent on generational gaps within congress and other legislators.
The natural danger of a slow reaction time by legislators is that the 3 letter agencies mentioned early will have quite a bit of freedom to apply their respective pressures and agenda across a range of blockchain entities, entrepreneurs, companies, users, and investors.
Simultaneously, it would not be fair to talk about the importance of the ambiguity of legislation at this stage of innovation without taking a holistic stance. Relaxed standards as it pertains to taxation and filing allows innovators to take greater leaps of faith with attempting brand new financial instruments (such as DeFi) albeit with a certain amount of risked wrapped up with users.
Potential steps outside of taxation may be the creation of a government compliant settlement layer that will only allow transactions with KYCed crypto wallets. Fortunately for users, there really isn’t any way for such an evolution of the settlement-layer blockchain ecosystems/market that would force users to change over to a government endorsed alternative. Finally, and perhaps most obviously is that the US government / 3 letter agencies want to know what parties are involved with any given transaction. The idea of a network that has truly anonymous transactions can only be an absolute nightmare for regulators.
How do you tax a transaction where the underlying entities and transaction amounts are perfectly unknown?
Undoubtedly, this is the angle that a biased industry might take when it comes to discounting privacy technology at play. But there are larger ideals in motion that cannot be discounted.
Privacy is freedom from monetary, data, and physical censorship.
Ultimately, privacy is a human right.
Should how your money get spent within a global permissionless marketplace be censorable? Should there be certain transactions that are not possible?
These are fair points and fair questions. As such, whenever such valid criticism is continually used by market regulators, I can’t help but feel there is a certain degree of hypocrisy involved. The dollar as a transactional tool is virtually untraceable and that was the primary medium of exchange since the early 1900s. If you ask most ordinary people off of the street if they are comfortable with their movements, data, purchases, conversations, interests, and personal information exposed constantly to the larger public you will quickly find a simple answer from them: “no”.
This is the beauty of blockchain and privacy — such a movement and technology empowers users to have the freedoms they deserve to have by default.
Freedom shouldn’t be controversial. Privacy should not be controversial.
We all need it, we all want it, and perhaps we have all become a little too comfortable with the concepts of the big tech industry consistently taking away these types of freedom we have for so long taken for granted.
Thus enters transactional privacy. You can hold whatever stance you want about the degree to which transactions should be monitored, audited, controlled, and censored.
For those that are creating the next generation of privacy preserving technologies the answer is simple: build it, and let the users decide if it is important enough that they will begin to use the technology instead of alternatives.
If the transfer of information is in and of itself a computation, then we have evidence that users do care about computational privacy. The waters get a tad murky here between computational and transactional privacy, but we will outline this shortly.
Hong-Kong protests saw mass adoption of privacy-preserving messaging technology such as telegram and other blockchain networks (see blocks appended to bitcoin that are now immutable that detailed a story about a doctor that was killed due to his sacrifice during the pandemic, as well as the neglect and risk that was willfully taken on by the Chinese government). Come to find out, when the world realizes they are not just being watched, but manipulated — suddenly the concept of end-to-end encryption for video, text, group-chats, and phone calls becomes a necessity and something worth sacrificing a small degree of convenience for.
When twitter began to mass censor voices on twitter during and after the election there was immediately a massive influx of users that migrated to alternatives such as parlor, gab, and telegram.
We could have a conversation about whether or not these platforms are healthy — a conversation about if absolute freedom of speech is the healthiest outcome for a society or a community. Regardless, users have shown that they deeply care about a certain form of transactional privacy specifically when the privilege they hold is revoked by a greater centralized entity (such as the tech giants of the world, i.e. amazon, google, Microsoft, twitter, etc.).
Transactional privacy as it pertains to monetary transactions is in my opinion just important as freedom of speech as the freedom to spend your money how you want is in and of itself a form of free speech.
Grant it, as a society we collectively agree to give up some % of this freedom of speech for other goods and services provided by the government (ultimately manifested in the form of a public good).
We have now discussed the narrative, value, and need for transactional privacy.
How and where does computational privacy enter into the picture?
Computational privacy is focused on computations on encrypted and private data that result in some form of valuable output.
Transactional privacy is about obfuscation of data specifically between two users in a transaction where as computational privacy is focused on the privacy of data and how we compute and use said sensitive data.
To put it plainly, transactional privacy is a subset of computational privacy. A protocol that has transactional privacy does not necessarily have generalized computational privacy (which is significantly more valuable, and has a greater degree of flexibility with the use cases and impact that can be created). Peer-to-peer privacy is greater, but general form computational privacy is even better.
What’s more is that until enterprises are able to safely share data sets and have smart contracts compute across encrypted data (i.e. computational privacy) there is value that will never be brought onto DLTs as a settlement layer.
This is a shame as most users would prefer a decentralized settlement layer that is extremely secure, auditable, immutable, and private compared to a centralized server having to manage its own security against the wild west of hacking and cybersecurity. Users will never be able to have dApps that are contingent upon their private and sensitive data until on chain *computational privacy* is achieved.
Computational privacy (in contrast to transactional privacy) from a regulators perspective is significantly less controversial. Data privacy between companies and products is already respected as the default case and norm (i.e. hospitals, banks, contracts), and as a result a DLT solution that is focused on computational privacy will more than likely have a much better chance of working with regulators than a chain purely devoted to transactional privacy/obfuscation.
Why should users care about computational privacy?
Ultimately, their UX and possible dApps/use cases experiences will be superior with a larger breathe of possibility compared to publicly visible DLTs (Ethereum) or purely transactional privacy protocols (Monero) that are incapable of obfuscating general computations.
Why should developers care about computational privacy? Because programmable privacy empowers developers to build apps the way they want to — granular control over what data is encrypted and unencrypted allows for more flexible design and implementation decisions.
As DLT technology continues to evolve, the need for privacy in DeFi — particularly from a computational privacy perspective — is sorely needed. Both transactional and computational protocols will continue to make advancements at an amazing rate. The question then becomes — will users want it, and how will regulators react?
Only time will tell.
Carter Woetzel (Secure Secrets Co-Founder / Education Committee Lead for the Secret Network / Author of Building Confidence in Blockchain: Investing in Cryptocurrency and a Decentralized Future)
For those of you curious about the only protocol that has computational privacy live on mainnet, be sure to check out https://scrt.network/
In addition, you can also give the graypaper a read to get a feel for the architecture and how Trusted Execution Environments (TEEs) enable computational and transactional privacy.