Blockchain transparency and Privacy

Attribution requires knowledge of two facts :

• Who holds the asset
• Who has created and is party to the contract

A blockchain stores this information by recording where the asset originated, and tracking changes of ownership.

On a blockchain, all transactions are recorded and stored in an immutable, trusted ledger. Everybody can see the same information on the network. If we reduce information asymmetry and increase shared knowledge we can invest the free ressources elsewhere.

Squeeze : When a well capitalized trader moves the market against the dealer with the hope of buying the asset at a much lower price.

Financial markets depend on some level of anonymity. The risk of a position squeeze is real. Dealers want to be compensated. So, either the cost of trading these illiquid assets must go up, or markets for illiquid assets seize to function at all.

Transparency has the power to affect economic interactions between market participants. This is one of the reasons why the concept of a public blockchain was not really seen positvely by finance executives. Private blockchain can solve this problem and limit some of the transparency to offer concrete finance use cases for instance.

Smart organizations, from education to health care to government, are shunning secretive practices and embracing transparency as a means to foster trust and speed up the metabolism of business. While secrecy and opacity have been hallmarks of business behavior in the past, maintaining and defending secrets is costly and difficult in an era where billions of smartphone-wielding citizens can transmit information around the globe in a heartbeat.

What factors are forcing the dramatic opening up of society : Changes in regulation (think the Sarbanes-Oxley Act, for example) have been influential, but arguably the most important force is the digital revolution. For the first time, billions of people can use cheap digital devices to capture and publicly disclose information that people in positions of power would rather remained hidden.

Native Transparency in Blockchain Technology

less intermediaries with blockchain on Distributed ledgers. Centralized ledgers require more third parties and as a consequence are less transparent.

Anything which is centralized is vulnerale to hacking fraud or attack. In a decentralized ledger :

• There’s no single point of failure
• All data are available locally
• The system can be set up so the different locations do not need to trust one another.

Storing information is not the same as accessing it.

A public ledger is permissionless. Permissionless means, anyone can become a network node or participant, and anyone can, in principle, enter records in the ledger. Inclusive.

A private distributd ledger, on the flip side, is built by either an individual enterprise or by a consortium of organizations. It differs from public distributed ledgers in several key ways :

It requires permission, it allows to comply with KYC and AML.

Don’t need a trustless protocol. Raise the risk of collusion.

Public blockchains record all transactions with the addresses of buyers and sellers. This information is kept at each node and shared across a wide network. This transparency prevents data loss and encourages consensus among parties.

We can’t assume a private distributed ledger guarantees privacy. it can’t. A private blockchain has some of the same features as public one. The network can still see information and transaction records, it’s just a matter of deciding who should be included as a member.

On Public and Private Blockchains

Public blockchains: a public blockchain is a blockchain that anyone in the world can read, anyone in the world can send transactions to and expect to see them included if they are valid, and anyone in the world can participate in the consensus process

Consortium blockchains: a consortium blockchain is a blockchain where the consensus process is controlled by a pre-selected set of nodes; for example, one might imagine a consortium of 15 financial institutions, each of which operates a node and of which 10 must sign every block in order for the block to be valid. The right to read the blockchain may be public, or restricted to the participants, and there are also hybrid routes such as the root hashes of the blocks being public together with an API that allows members of the public to make a limited number of queries and get back cryptographic proofs of some parts of the blockchain state. These blockchains may be considered “partially decentralized”.

Fully private blockchains: a fully private blockchain is a blockchain where write permissions are kept centralized to one organization. Read permissions may be public or restricted to an arbitrary extent. Likely applications include database management, auditing, etc internal to a single company, and so public readability may not be necessary in many cases at all, though in other cases public auditability is desired.

First, private blockchains. Compared to public blockchains, they have a number of advantages:

1. The consortium or company running a private blockchain can easily, if desired, change the rules of a blockchain, revert transactions, modify balances, etc. In some cases, eg. national land registries, this functionality is necessary; there is no way a system would be allowed to exist where Dread Pirate Roberts can have legal ownership rights over a plainly visible piece of land, and so an attempt to create a government-uncontrollable land registry would in practice quickly devolve into one that is not recognized by the government itself. Of course, one can argue that one can do this on a public blockchain by giving the government a backdoor key to a contract; the counter-argument to that is that such an approach is essentially a Rube Goldbergian alternative to the more efficient route of having a private blockchain, although there is in turn a partial counter-argument to that that I will describe later.
2. The validators are known, so any risk of a 51% attack arising from some miner collusion in China does not apply.
3. Transactions are cheaper, since they only need to be verified by a few nodes that can be trusted to have very high processing power, and do not need to be verified by ten thousand laptops. This is a hugely important concern right now, as public blockchains tend to have transaction fees exceeding $0.01 per tx, but it is important to note that it may change in the long term with scalable blockchain technology that promises to bring public-blockchain costs down to within one or two orders of magnitude of an optimally efficient private blockchain system
4. Nodes can be trusted to be very well-connected, and faults can quickly be fixed by manual intervention, allowing the use of consensus algorithms which offer finality after much shorter block times. Improvements in public blockchain technology, such as Ethereum 1.0’s uncle concept and later proof of stake, can bring public blockchains much closer to the “instant confirmation” ideal (eg. offering total finality after 15 seconds, rather than 99.9999% finality after two hours as does Bitcoin), but even still private blockchains will always be faster and the latency difference will never disappear as unfortunately the speed of light does not increase by 2x every two years by Moore’s law.
5. If read permissions are restricted, private blockchains can provide a greater level of, well, privacy.

Given all of this, it may seem like private blockchains are unquestionably a better choice for institutions. However, even in an institutional context, public blockchains still have a lot of value, and in fact this value lies to a substantial degree in the philosophical virtues that advocates of public blockchains have been promoting all along, among the chief of which are freedom, neutrality and openness. The advantages of public blockchains generally fall into two major categories:

1. Public blockchains provide a way to protect the users of an application from the developers, establishing that there are certain things that even the developers of an application have no authority to do. From a naive standpoint, it may be hard to understand why an application developer would want to voluntarily give up power and hamstring themselves. However, more advanced economic analysis provides two reasons why, in Thomas Schelling’s words, weakness can be a strength. First, if you explicitly make it harder or impossible for yourself to do certain things, then others will be more likely to trust you and engage in interactions with you, as they are confident that those things are less likely to happen to them. Second, if you personally are being coerced or pressured by another entity, then saying “I have no power to do this even if I wanted to” is an important bargaining chip, as it discourages that entity from trying to compel you to do it. A major category of pressure or coercion that application developers are at risk of is that by governments, so “censorship resistance” ties strongly into this kind of argument.
2. Public blockchains are open, and therefore are likely to be used by very many entities and gain some network effects. To give a particular example, consider the case of domain name escrow. Currently, if A wants to sell a domain to B, there is the standard counterparty risk problem that needs to be resolved: if A sends first, B may not send the money, and if B sends first then A might not send the domain. To solve this problem, we have centralized escrow intermediaries, but these charge fees of three to six percent. However, if we have a domain name system on a blockchain, and a currency on the same blockchain, then we can cut costs to near-zero with a smart contract: A can send the domain to a program which immediately sends it to the first person to send the program money, and the program is trusted because it runs on a public blockchain. Note that in order for this to work efficiently, two completely heterogeneous asset classes from completely different industries must be on the same database – not a situation which can easily happen with private ledgers. Another similar example in this category is land registries and title insurance, although it is important to note that another route to interoperability is to have a private chain that the public chain can verify, btcrelay-style, and perform transactions cross-chain.

In some cases, these advantages are unneeded, but in others they are quite powerful – powerful enough to be worth 3x longer confirmation times and paying $0.03 for a transaction (or, once scalability technology comes into play, $0.0003 for a transaction). Note that by creating privately administered smart contracts on public blockchains, or cross-chain exchange layers between public and private blockchains, one can achieve many kinds of hybrid combinations of these properties. The solution that is optimal for a particular industry depends very heavily on what your exact industry is. In some cases, public is clearly better; in others, some degree of private control is simply necessary. As is often the case in the real world, it depends.

Transparency as a risk and an asset

TRACE : Trade reporting and compliance engine. Program that allows to report OTC transactions related to fixed income securities to enhance price transparency. More accurate prices.

Transparency increases the risk of firms imitating each other’s trading strategies. To avoid detection the traders are not recording big transactions but will divide them in a lot of smaller trades to cover the bigger picture.

To achieve success with transparency:

• Creating true value that withstands scrutiny
• Understanding customers and building relationship capital
• Protecting consumers’ privacy
• Acting with integrity
• Being candid about shortcomings

Transparency can help with the credibility of governments offering a solution to corruption. It could also increase liquidity and pricing in the financial markets.

Transparency can bring about corporate governance by preventing empty voting, insider trading, or even reduce counterparty risk.

Ownership attribution through blockchain not only shows who owns the stock, but also ensures voting rights are justified.

Approaches to privacy in Blockchains

Transactions can be traced. Private value their privacy regarding the government for instance, for the companies it is more regarding their competitors.

Hierarchical Deterministic Wallets (HD Wallets) : Conceals one’s identity by algorithmically generating a new public/private key pair for each transaction, derived from a single master seed phrase. can be a solution to privacy.

Merge and re-split Operation : Several entities submit new adresses to a smart contract, the contract redeploys the amount to the adresses : Enterprise and financial use cases.

Zero Knowledge proofs

Sophisticated method to authentificate a transaction without revealing too much about it.

Zcash uses zero knowledge proof.

Example with the colorblind guy that has a red and green token, he switches them and the sender identifies the red one and the green one multiple times to prove that they are different, the colorblind guy still cannot distinguish between them but somehow he acknowledges that there is a difference.

ZK-Snark : a zero knowledge proof protocol that lets users reveal only the necessary information to the verifier and no more. Confirms that a transaction is valid without knowing a lot of details on it.

It is important in votes for instances where the verifier cannot know who has voted but needs to ensure that the vote is valid.

Linkable ring signature : sender of a transaction is mixed together with random other people. They serve as a decoy, it produces a blurred signature of the transactions. The sender can prove that he is the sender without revealing himself.

Implementation in public vs private blockchains

Privacy is a right for private citizens in many democracies. Yet, lots of jurisdictions, like canada and the united states, limit the privacy of corporations and of corporate executives. Corporate insiders must disclose trades in their company’s stocks. Mutual funds and some hedge funds must disclose their holdings.

The struggle to be transparent, yet protect our identities and our trade secrets continues to be one of the greatest challenges of implementing blockchain – whether it’s a public or private one.

For private blockchain there are more options to enhance privacy.

Selective disclosure, rather than full transparency, makes it difficult to construct a baseline for a meaningful comparison. Lots of possible information asymmetries arise with private blockchains.

To be used :

• Private, permissioned blockchain networks in which verified, non anonymous nodes can post transactions to the ledger and confirm others transactions
• Financial institutions and other enterprises could design a distributed ledger similar to their current system

R3 consortium : promotes Corda, open distributed ledger, preserves members privacy, bilateral agreed upon transactions.

Private blockchain can become quite a good target for hackers.

What are ZkSNARKS ?

from : https://blockgeeks.com/guides/what-is-zksnarks/

it is Zero-Knowledge Succinct Non-Interactive Argument of Knowledge

Where a Prover exchanges messages with a Verifier (more on provers and verifiers later) to convince them that they have a knowledge of a certain proof without declaring what that knowledge is.

Properties of a zero knowledge proof

For a ZKP to work it needs to satisfy certain parameters:

• Completeness: If the statement is true then an honest verifier can be convinced of it by an honest prover.
• Soundness: If the prover is dishonest, they can’t convince the verifier of the soundness of the statement by lying.
• Zero-Knowledge: If the statement is true, the verifier will have no idea what the statement actually is.

Case #1 Alibaba’s Cave

In this example, the prover (P) is saying to the verifier(V) that they know the password of the secret door at the back of the cave and they want to prove it to the verifier without actually telling them the password.

The Prover goes down any of the paths A and B, suppose they initially decide to go through path A and reach the secret door at the back. When they do so, the verifier V comes in at the entrance, with no knowledge of which path the prover actually took and declares that they want to see the prover appear from path B.

In the diagram, as you can see, the prover does indeed appear in path B. But what if this was dumb luck? What if the prover didn’t know the pass code, and took the path B, was stuck at the door and by sheer fortune, the verifier told him to appear from path B, the one they were originally on anyway?

So, to test the validity, the experiment is done multiple times. If the prover can appear at the correct path every single time, it proves to the verifier that the prover indeed knows the password even though the verifier doesn’t know what the password actually is.

The Schnorr Identification Protocol

Basically the same thing as using the private and public key and certifying your message without ever revealing the private key.

How to make zero knowledge proofs non-interactive?

How can Anna prove to Carl that she has knowledge of something without Carl being online? She can do so by using a simple cryptographic hash function, as Fiat and Shamir theorized.

Let’s look how the example above would work in a non-interactive way:

• Anna wants to prove to Carl that she knows a value x such that y = g^x to a base g.
• Anna picks a random value v from a set of values Z, and computes t = g^v.
• Anna computes c = H(g,y,t) where H() is a hash function.
• Anna computes r = v – c*x.
• Carl or anyone can then check if t = g^r * y^c.

So, as you can see, zero knowledge proofs were made noninteractive. And this was what laid the foundations for Zk-Snarks.

What is the use of Zk-Snarks?

Zk-Snarks stands for “Zero-Knowledge Succinct Non-Interactive Argument of Knowledge”. Its use in modern blockchain technology is immense. To understand its application, it is important to know how a smart contract works. A smart contract is basically an escrow of funds which gets activated once a particular function is done.

Eg. Anna puts 100 ETH in a smart contract that she gets into with Carl. Carl has to do a particular task, on the completion of which, Carl will get the 100 ETH from the smart contract.

This gets complicated when the tasks that Carl has to do are multi layered and confidential. Suppose you have entered a smart contract with Anna. Now, you will only get the payment if you do A, B and C. What if you don’t want to reveal the details of A, B, and C because they are confidential to your company and you don’t want any competitors to know what you have to do?

What Zk-Snarks does is that it proves that those steps have been taken in the smart contract without revealing what those steps actually are. It is very useful is protecting you and your company’s privacy. It can just reveal part of the process without showing the whole process itself and prove that you are being honest about your claims.

Utility in crypto ?

Zcash is a cryptocurrency launched by Zerocoin Electic Coin Company on 9th September 2016 and is the first example a cryptocurrency marrying the concepts of blockchain technology with ZkSnarks. It aims to provide completely safe and shielded transaction spaces for its users without revealing details (such as their addresses) to anyone.

Ethereum plans to integrate this as well by doing a partnership with Zcash

the most exciting aspect is Project Alchemy. This is basically the connection and interoperation of the two blockchains such that one can seamlessly move between the two. The way that Zcash plans to do that is by cloning the BTC  Relay. It is an Ethereum script which was written to create a Bitcoin light client inside Ethereum. The Zcash clone will use the same concept to create a Zcash light client inside Ethereum.

Note : Monero is using the Ring signature thing (multiple people are added as decoys). Obscuring the source of input, origin of each Monero is not tracable.