By Gavin Birch, July 27, 2023

The need for privacy doesn’t stop at the individual. We’re thinking about what privacy (and the data security that enacts privacy) enables for our world collectively, organizationally, and what will otherwise not be built without it. What’s to be had beyond the fight against surveillance? We think blockchain adoption has been at our doorstep for years, and data security is the missing piece. Knowable is heavily invested in Namada’s success and beyond Namada because we think that Ethereum and Cosmos will need to have privacy retrofitted to achieve meaningful adoption. Join us for weekly discussions beginning Tue Aug 1 @ 16:00 UTC in Discord

[image]

I’ve heard investors say that there’s not much appetite for privacy. And I agree–it’s not something that most people are seeking, especially in the internet age. Blockchains use transparency as a feature, not a bug, to publicly ensure that the decentralized network participants can verify that transactions are valid. And now thanks to ZK-proof tech (like Zcash’s Sapling circuit), transactions can be verified without revealing private details–sensitive info, like who’s sending or receiving, or how much was sent. However, few chains offer privacy protection.

Privacy is one of the key missing pieces to the adoption problem–the problem being that people tend to use blockchain technology to speculate, avoid hyperinflation, or bypass dysfunctional banking systems (see Scott Alexander’s Dec 2022 article, Why I’m Less Than Infinitely Hostile to Cryptocurrency), and not for goods and services. Public blockchain infra, however, is poised to be adopted, but not without adequate privacy. Are privacy-enhancing chains really worth investing time and resources into? Our bet is that it’s less about finding new privacy use-cases than it is about how privacy unlocks existing blockchain use-cases that are otherwise inadequate for prime time.

Ethereum addresses aren’t private

Bitcoin, Ethereum, and the entire crypto space still lack adequate options for transactional privacy. Leading chains like Bitcoin and Ethereum are transparent, and the few protocols that do offer privacy suffer from isolation and fragmentation, and typically support a very limited set of assets (see Red & Peter’s Apr 2023 Messari overview of Namada). Why is there inadequate privacy?

Perhaps there’s a lack of demand. Maybe too few people know that Bitcoin and Ethereum offer only temporary pseudonymity. “Temporary,” because as soon as you reveal to someone what your address is, they can see your entire transaction history, which happens whenever you agree to send someone tokens. Worse still, companies like Chainalysis have made it their business to analyze the contents and relationships involved in each transaction.

Chainalysis is one of a few companies that use sophisticated methods to attempt to deanonymize and track public addresses that send transactions, and then they sell this sensitive data on the open market. Once a person’s identity is linked to their address, their transaction history is known and can never be protected again, and the address’ assets can be tracked wherever they go afterwards. Awa Sun Yin, cofounder of privacy project Namada, offers insights from her experience as a “chain analyst” at Chainalysis in her May 2023 article, Size Matters.

Addressing the privacy problem

To break links between crypto addresses, we (“crypto people”) have long relied upon centralized exchanges to “seed” new accounts, in order to protect ourselves from revealing the accounts that we control to those who we transact with. But the exchanges we use still have these links recorded, and exchange bankruptcy filings make this information dangerously public, tying KYCed names and street addresses directly to these account addresses.

If people knew how limited pseudonymous address privacy is, would they switch to using Zcash? I’m ideologically aligned, and Zcash has done amazing work, but I find it difficult to accept that Zcash only supports the ZEC token. Aztec’s zk money has been sunset. After being sanctioned by OFAC, Tornado Cash experienced a hostile take-over by way of on-chain governance. Aleo is limited to its own network.

There is a growing list of new projects offering privacy-preserving tech across different ecosystems, but again–is privacy something that people really want? Is privacy worth investing our resources into, and what kinds of returns can we expect on such investments?

Data security 🤝 privacy

Coordination and innovation can’t flourish without special relationships, and special relationships require privacy. My relationship with my partner is very different from my relationship with my doctor, largely because of the different kinds of information we choose to share (and not share) with one another. Privacy guarantees give participants the freedom to selectively share information consensually. Whether it’s a grassroots community member organizing a protest, or a government coordinating to secure its borders, this is truer than ever in the information age.

Compromising privacy compromises security, because exposing the sensitive data of users and organizations potentially exposes them to surveillance, economic espionage, and violence. In a data-transparent world, you can spend all the time, thought, and money you want on beefing up your computer security, but all someone has to do is show up at your home or place of work with a $5 wrench and it’s over. A law-abiding citizen under one regime becomes a criminal under another regime. A startup’s secrets are unsafe from bigger competitors. The behavioural patterns of one nation’s citizens inform the success of an adversarial nation’s attack. People who know that they are being observed don’t represent themselves authentically.

Okay privacy is important, but is it valuable? Who’s going to pay for privacy, and how much is it worth? Maybe it’s weird to think of privacy as a commodity. Is the right to privacy ideological? Yes. If our freedoms to transact are necessary to exercise all other rights, our transactional infrastructure needs privacy to be credibly neutral. And it’s about more than just keeping prying eyes out or pushing back against government overreach. It’s about innovation and progress that can only be possible with privacy guarantees. It’s about whether or not open, public blockchain technology can also secure our data, beyond securing its immutability. What discerning organization would adopt a technology that can’t make that guarantee? In a data-driven world, privacy loss makes an attack surface that threatens all that we value.

ngmi without securing data

For those of us who have been around long enough, we may be tired of hearing about how blockchain and crypto adoption is near. It’s been too long, and it’s getting too easy to become cynical–but it may be true that adoption is near (and that it’s been true all along).

Ernst & Young (EY), a London-based accounting firm known globally as one of the ‘Big Four,’ published their Dec 2019 report indicating that enterprises love the anti-monopolistic properties of public chains, but “many enterprises overlook public blockchains as they simply cannot leave their data for the world to see.”

Three years later, EY is still saying the same thing. Paul Brody, Global Blockchain Leader at EY, suggests that while there’s a strong appetite for secure, credibly neutral, programmable settlement, chain transparency is likely a big part of why we don’t yet have meaningful enterprise adoption. He says that enterprises would love to automate all of their transactions, but:

“… they want to execute them on a neutral, distributed public infrastructure, just like the internet … enterprises who are very strategic … want privacy for their transactions.”

Paul explains that business contracts are complicated and expensive to track. Since the business contracts aren’t compatible with the business logic, transactions cost ~$100 each and take days to settle–primarily because verification can’t be automated. But a smart contract? A smart contract can secure this almost instantly, and for pennies. Blockchain-based business logic is totally programmable and composable across independent (and even competing) enterprises.

But he goes on to say that enterprises would never use blockchains that don’t have privacy. The deals they negotiate are among the most secret information that companies have. These companies cannot expose transaction information because it would compromise their competitive advantages. There’s only a very small amount of info that enterprises are totally confident disclosing.

Whether or not you care about enterprise adoption, EY claims that enterprises “love the anti-monopolistic properties,” and are apparently ready to pay for “secure, credibly neutral, programmable settlement.” Contingent upon their data being secure, of course, because “they simply cannot leave their data for the world to see.”

Knowable’s Privacy Thesis and Namada

So is it over for transparent blockchains like Ethereum? And Cosmos? Probably not.

Will the next shiny chain with privacy features actually get any traction? Probably not.

Ethereum and Cosmos would need to be totally rearchitected to be privacy-preserving, and that’s not likely to happen. What happens next?

We’ve invested a lot of time and resources into Namada, an upcoming “app chain.” We think Namada’s value will be based on its privacy-enabling integrations, rather than its value as a privacy-preserving standalone chain. Instead of competing with leading chains for adoption, Namada integrations will complement leading chains to unlock their potential.

Namada is offering to programmatically retrofit privacy for Ethereum, Cosmos, and beyond. Namada’s interoperability design uses a native Ethereum bridge and IBC, and programmatic shielded actions will enable users to privately interact with transparent ecosystems. For example, Namada will let me shield my Ethereum USDC, swap USDC for DAI with a Uniswap shielded action, then lend my DAI with an Aave shielded action, without any of these actions ever being linked to my account. Shielded actions will enable users to interact openly in a transparent environment while maintaining privacy, because breaking the link between their account and the actions preserves anonymity at the transaction level.

While shielded actions have a ways to go before being used in complex use-cases (like business contract / business logic interoperability), it’s an important beginning. We anticipate user interfaces and app integrations to enable shielded actions as single-click user experiences. Shielded action programmability (via the Namada SDK) should begin to unlock more immediately meaningful use-cases, uses that simply could not reasonably exist without privacy, which we’re eager to explore through alliances and experiments. There have been alliances and integrations proposed with Zcash and Osmosis, and we’d love to forge more alliances (hello Ethereum community 👋).

Credit cards weren’t really used online before HTTPS, but now both are everywhere. That’s because HTTPS enabled websites to securely handle sensitive information, giving both businesses and consumers the confidence to transact online. Widespread adoption of HTTPS accelerated the growth of online shopping, online banking, and other forms of e-commerce.

The only way to have meaningfully valuable coordination and exchange using open, public infrastructure is with top-notch privacy guarantees–to actually secure sensitive data. Ethereum and Cosmos will likely remain transparent, but now it’s possible to use blockchain interoperability for an application-specific chain to retrofit privacy. We’re betting that Namada integrations will unlock what Ethereum and Cosmos apps need to grow their user-base and use-cases beyond token-price speculation. Will we see widespread adoption of shielded actions? Solutions like Namada will be valuable if they position transparent chains to become practical, global-scale infrastructure for discerning organizations.

Investors have suggested that privacy alone isn’t a compelling investment thesis, and I tend to agree. It may be that digital privacy isn’t a feature, but an essential requirement for any global-scale, enterprise-grade activity. Rather than paying for privacy features, the value is in sufficiently secure decentralized infrastructure, which includes the data security that ensures privacy.

Privacy beyond Namada

There are many allies collaborating to level up Ethereum, Cosmos and more–Hopr and Nym at the network level, Penumbra in DeFi, Aztec for EVM smart contracts, and so many more. We’re particularly excited about Anoma, an “intent-based,” privacy-preserving interchain coordination layer, which we’ll write about in due course.

Namada’s founding purpose is to facilitate the adoption of privacy-preserving collaborations, grassroots organizations, and payments, and to collaboratively grow the privacy set beyond Namada. Knowable is a stewardship organization that believes the future of digital infrastructure will be built on decentralized tech, where global communities innovate, interconnect and thrive in new ways. We’re on a mission to back the leaders laying the groundwork for a digital world that’s uncompromisingly open and permissionless. Together, we strategically advance the communities of this ideological frontier.

Privacy loves company! Whether it’s a bridge, an integration, a DAO, or another privacy-enhancing project, if you’re a member of a community that values privacy, reach out: hi(at)knowable.vc or Twitter