Debunking 5 Common Myths About Privacy In Blockchains
And why I believe privacy in blockchains is important
Over the past few months, I’ve had the chance to dive deeper into privacy within blockchains - trying to understand what different people mean by it, why it’s difficult to achieve, and what the endgame for privacy infrastructure might look like. This resulted in a series of blog posts, of which part 1 and part 2 are already published.
However, when speaking to various industry participants, the typical sentiment I’ve encountered is either “Why do you care?” or “Lack of privacy is not really an issue in blockchains”.
The below is an attempt to respond to some of these common criticisms around the topic of privacy and explain in more detail how I view the space (and why I care).
1. “Transparency is a core feature of blockchains”
False. Transparency is a bug, not a feature.
The characteristic that we’re looking for is verifiability. Early on this was possible only by making the data visible to everyone and re-executing.
As a product of all the investment and R&D of the last 10 years, we today have tools to achieve verifiability through ways that don’t require making the data visible to all users. One example of this is client-side zero-knowledge proofs (ZKPs) which can satisfy verifiability while still preserving privacy, but our toolkit is expanding.
Note that even Satoshi was thinking about how to add privacy to Bitcoin back in 2010, but lacked the resources to implement it. A few years later Zcash launched, offering private money and payments. Since then, progress has continued and the next step is general-purpose, programmable privacy infrastructure (enabling developers to build apps with privacy guarantees without having to deal with cryptography themselves).
2. “Users don’t care about privacy”
User behaviour from web2 would suggest that the vast majority of users are not willing to pay extra or jump through additional hoops for privacy. However, we all make implicit assumptions about privacy in our everyday life.
A key question to ask here is: “Who do users want privacy from?”. Most users seem to care about privacy from other users and external observers but are OK with revealing information to trusted third parties/service providers or governmental bodies. This is largely the model of “web2 privacy”, particularly when it comes to financial transactions, identity, and other sensitive information.
Compare this to the current state of permissionless blockchain networks where most interactions don’t even reach that level of privacy (the entire history is transparent for anyone to view).
Another observation is that when privacy becomes the default option (and cheap) - adoption is high. Almost all traffic on the internet today is encrypted through HTTPS. This was not the case initially, but we’ve gradually moved to a more secure system over the last decades. More importantly, this hasn’t required additional effort from users.
The same is true for on-chain privacy: If we make the private option cheap, easy and efficient enough - eventually it becomes the default rather than an opt-in choice for select users.
3. “There will be no demand for privacy”
Ideology seldom drives adoption, incentives do. While privacy in itself is not the selling point, there are a few categories through which to think about its utility:
The cost of transparency is too high: In many cases, transparency can lead to a significant personal or financial cost:
Personal: One example is anonymous polling in politically challenging countries; While the process of voting requires proving that you are human and eligible to vote, exposing your identity can lead to becoming a political enemy of the state and punishment (e.g. prison sentence).
Financial: Most businesses have regulations related to the privacy of their customers or clients, which they need to adhere to or risk facing large fees. Similarly, leaking competitive information can lead to a serious financial impact.
There is a financial benefit to privacy: Dark pools and other trading solutions with privacy can avoid (or minimize) front-running and toxic MEV in addition to keeping proprietary trading strategies safe. This enables traders to get better execution and save money - a very tangible benefit.
High friction for collaboration: Privacy can be a “business enabler” where collaboration is either completely impossible (for various reasons) or very expensive due to the heavy legal and BD efforts required. An example is two (or several) banks that want to train a credit model on joint customer data, but neither wants to share the data with the other party. By enabling private training on joint data (e.g. through an MPC cluster), the outcome can be a model that is better at predicting default risk and allows banks to issue fewer bad loans.
Early on it’s worth focusing on those cases where the benefits of increasing privacy far outweigh the additional costs related to it (increase in overhead, latency, etc). Most use cases today fit into category 1, but as additional costs come down, more use cases get unlocked.
4. “Privacy is not an important thing to work on, other things should be higher priority”
Crypto is an evolving industry with many open problems, including interoperability, scalability, user experience, etc. While these are all worthwhile things to work on, they represent 1-100 moments: Enhancing existing infrastructure to enable cheaper, faster, and safer interactions.
Getting (programmable) privacy to blockchains is more akin to a 0-1 moment which expands the design space of what’s possible. Not just private transfers or trading meme tokens, but net-new applications that wouldn’t be possible otherwise. Or as Tom Walpo put it, helping the industry break out of the Fermi Paradox.
5. “We can figure out privacy later, let’s focus on adoption for now”
I sympathize with this view to some degree, as perfect can be the enemy of good. Getting some traction amongst users and subsequent feedback can help get the wheels spinning, while we iterate along the way.
However, the risk with this approach is that it can easily lead us to create something worse than what we have today (i.e. a fully transparent network that anyone can monitor). It also opens the door to further criticism from opponents of the technology and what it can offer.
Ultimately I don’t think it’s an either or. With the example of payments, we need privacy to strengthen the pitch to users & businesses (at least privacy from other users and external observers) but also make it possible to pay with stablecoins more widely (adoption).
Summarizing thoughts
Privacy is both a technical and social problem. While there is a lot of work remaining on the technical side, we at least have a relatively good idea of what the road ahead looks like. The main challenge lies on the social and regulatory side, particularly for stronger types of privacy (non-intermediated).
It’s also worth remembering that different use cases require different levels of privacy guarantees and the tradeoff in performance and additional cost shouldn’t be neglected.
Despite the challenges, I continue to believe that privacy is one of the biggest problems to work on in the blockchain industry and that it remains a big unlock for expanding the design space.