Can crypto Privacy Pools help balance privacy and regulation?
Ethereum co-founder Vitalik Buterin recently authored a research paper, the primary focus of which was integrating privacy features into blockchain transactions while ensuring compliance with a range of regulatory requirements.
Experts from various backgrounds collaborated on this research project, including early Tornado Cash contributor Ameen Soleimani, Chainalysis chief scientist Jacob Illum, and researchers from the University of Basel.
The diverse team reflects the interdisciplinary nature of the research, drawing insights from cryptocurrency, blockchain security and academic scholarship.
The paper suggests a protocol known as “Privacy Pools,” which can act as a regulation-compliant tool aimed at improving the confidentiality of user transactions.
How do Privacy Pools work?
Privacy Pools, as Buterin and the team explain in the research paper, aim to protect the privacy of transactions while separating criminal activities from lawful funds by organizing them into isolated sets or categories, allowing users to prove to regulators that their funds are not mixed with illicit funds.
This is accomplished through the use of techniques like zero-knowledge proofs to demonstrate the legitimacy of the transactions and the absence of involvement with criminal activities.
Zero-knowledge proofs are cryptographic techniques that allow one party (the prover) to demonstrate knowledge of a specific piece of information to another party (the verifier) without revealing any details about the information itself.
When users want to take their money out of the Privacy Pool, they can choose to create a zero-knowledge proof. This proof does two things: First, it confirms that the user’s transaction is legitimate and doesn’t involve a blockchain address associated with criminal activity. Second — and more importantly for users — it keeps their identities private.
Association sets
Another crucial part of how Privacy Pools work is the idea of “association sets,” subsets of wallet addresses within a cryptocurrency pool. When making withdrawals from the pool, users specify which association set to use. These sets are designed to include only noncritical or “good” depositors’ wallet addresses while excluding those considered “bad” depositors.
The purpose of association sets is to maintain anonymity, as withdrawn funds can’t be precisely traced to their source. However, it can still be proven that the funds come from a noncritical source.
Association set providers (ASPs) create these sets and are trusted third parties responsible for analyzing and evaluating the pool’s contributing wallets. They rely on blockchain analytics tools and technologies used in Anti-Money Laundering and transaction analysis.
Association sets are formed through two distinct processes: inclusion (membership) proofs and exclusion proofs.
Inclusion, also known as membership, is the process of curating a selection based on positive criteria, much like creating a “good” list. When considering deposits, for instance, you examine various options and identify those with clear evidence of being secure and low-risk.
Recent: Multiple buyers consider purchase and relaunch of ‘irreparable’ FTX
Exclusion involves forming a selection by focusing on negative criteria, much like compiling a “bad” list. In the context of deposits, ASPs evaluate different options and pinpoint those that are evidently risky or unsafe. Subsequently, they generate a list that comprises all deposits except for the ones categorized as risky, thereby excluding them from the list.
The paper takes an example of a group of five people: Alice, Bob, Carl, David and Eve. Four are honest, law-abiding individuals who want to keep their financial activities private.
However, Eve is a thief or hacker, and this is well known. People may not know who Eve really is, but they have enough proof to know that the coins sent to the address labeled “Eve” come from a “bad” source.
When these individuals use the Privacy Pool to withdraw money, they will be grouped together by ASPs with other users based on their deposit history via association sets.
Alice, Bob, Carl and David want to make sure their transactions are kept private while reducing the chances of their transactions looking suspicious at the same time. Their deposits have not been linked to any potential malicious activity, so the ASP chooses for them to be associated only with each other. So, a group is created with just their deposits: Alice, Bob, Carl and David.
Eve, on the other hand, also wants to protect her privacy, but her own deposit — which comes from a bad source — cannot be left out. So, she’s added to a separate association set that includes her deposit and the others, forming a group with all five user’s deposits: Alice, Bob, Carl, David and Eve.
Essentially, Eve is excluded from the original group with the trusted deposits (Alice, Bob, Carl and David) but is instead added to a separate group that includes her transactions and the others. However this doesn’t mean that Eve can use the privacy pool to mix her funds.
Now, here’s the interesting part: Even though Eve doesn’t provide any direct information about herself, it becomes clear by the process of elimination that the fifth withdrawal must be from Eve, as she’s the only one associated with all five accounts in the withdrawal records (since she was added to the separate group that included all five deposits).
Association sets help Privacy Pools by separating trustworthy users from questionable ones.
This way, transactions from reliable sources stay private, while any shady or suspicious ones become more visible and easier to spot.
This way, malicious actors can be tracked, which can satisfy regulatory requirements since the bad users won’t be able to use the pools to hide their activities.
What are others saying about the proposals?
Buterin’s paper has sparked discussions and garnered attention from the blockchain community and industry experts. Ankur Banerjee, co-founder and chief technology officer of Cheqd — a privacy-preserving payment network — believes Privacy Pools can make it easier for noncentralized entities to identify bad actors.
Banerjee told Cointelegraph, “The approach outlined could make this kind of money laundering analysis more democratized, and available to DeFi protocols as well. In fact, in the case of crypto hacks, it’s very hard to prevent hackers from trying to launder what they’ve stolen via DeFi protocols — it’s only centralized exchanges where they can be more easily caught/stopped.”
Seth Simmons (aka Seth For Privacy), host of the privacy-focused podcast Opt Out, told Cointelegraph, “While the concept is technically interesting in that it does minimize the data given over to regulated entities, it asks and answers the wrong question. It asks the question ‘What privacy are we allowed to have?’ instead of ‘What privacy do we need to have?’”
Simmons continued, saying, “For years now, there has been no balance between user anonymity and regulatory compliance, with the current ruling powers having an almost total visibility into the actions we take and the ways we use our money.”
“Privacy Pools must seek to right this imbalance by providing the maximum privacy for users possible today instead of attempting to lessen that privacy to please regulators.”
Banerjee expressed concerns about the built-in delays for adding deposits to association sets, stating, “Tokens can’t immediately get included in a ‘good’ or ‘bad’ set since it takes some time to figure out whether they are ‘good’ or ‘bad.’ The paper suggests a delay similar to seven days before inclusion (this could be higher or lower).”
Banerjee continued, “But what’s the right amount of time to wait? Sometimes, like in the case of crypto hacks, it’s very obvious soon after the hack that the coins might be bad. But in the case of complex money laundering cases, it might be weeks, months or even years before tokens are figured out to be bad.”
Despite these concerns, the paper says deposits won’t be included if they are linked to known bad behavior such as thefts and hacks. So, as long as malicious behavior is detected, this should not be a concern.
Additionally, people with “good” deposits can prove they belong to a trusted group and gain rewards. Those with “bad” funds can’t prove their trustworthiness, so even if they deposit them in a shared pool, they won’t gain any benefits. People can easily spot that these bad funds came from questionable sources when they’re withdrawn from a privacy-enhancing system.
Recent regulatory actions
Recent actions within the blockchain space have underscored the critical need for privacy and compliance solutions. One notable incident involved the United States government imposing sanctions on Tornado Cash, a cryptocurrency mixing service.
This move was prompted by allegations that Tornado Cash had facilitated transactions for the North Korea-linked hacking group Lazarus. These sanctions effectively signaled the U.S. government’s heightened scrutiny of privacy-focused cryptocurrency services and their potential misuse for illicit purposes.
Chris Blec, host of the Chris Blec Conversations podcast, told Cointelegraph, “It’s the easy way out to just look at recent news and decide that you need to start building to government specifications, but sadly, that’s how many devs will react. They’re not here for the principle but for the profit. My advice to those who care: Build unstoppable tech and separate it from your real-world identity as much as possible.”
Magazine: Slumdog billionaire 2: ‘Top 10… brings no satisfaction’ says Polygon’s Sandeep Nailwal
As the adoption of cryptocurrencies and decentralized applications continues to grow, governments and regulatory bodies worldwide grapple with balancing enabling innovation and safeguarding against illegal activities.
Simmons believes it is better to have tools governments cannot shut down: “Regulators will continue to push the imbalance of privacy and surveillance further in their direction unless we actively seek to build tools that give power back to the individual.”
He continued, “Tornado Cash is a perfect example of this, as they even went above and beyond and complied with regulators as much as was technically possible, and yet that wasn’t enough for ‘them.’ Even after supposedly becoming compliant, they remained a target of the U.S. government because governments do not want a balance between compliance and privacy — they want total surveillance, which leads to total power.”
“What we need to build in the space are tools (like Tornado Cash) that are resistant to state-level attacks and impossible to shut down or censor, as this is the only way to ensure we have tools at our disposal to defend our freedoms and keep governments in check. Privacy or bust.”
Kosovo feels a “political duty” to process failed migrants from the UK, if legal issues can be overcome, the country’s prime minister has told Sky News.
Albin Kurti said there is “limited capacity” in the small nation, which has a population of fewer than two million people, but that he expected a “successful result” from negotiations.
Talks are under way, he confirmed, between officials from both countries about a migrant returns deal for those whose claims have been ruled ineligible by the UK, and are awaiting deportation to their country of origin.
A Home Office team is exploring options for how one could work, Sky News understands, although no formal request has yet been made to Kosovo to host a facility.
Mr Kurti, who is attending a Western Balkans Summit in London this week, said: “We want to help the UK, we consider that that is our friendly and political duty.
“We have limited capacity but still we want to help, and as we speak, there is regular communication between our teams of state officials from our ministry of internal affairs and lawyers about how to do this smoothly for mutual benefit.
“Of course, we want, as a country, to benefit but we consider it first and foremost our obligation to help you because you helped us a great deal and will never forget that.”
Rescued migrants are brought in by the RNLI to Dover earlier this month. Pic: PA
Western Balkans key allies
Sir Keir Starmer has identified the countries of the Western Balkans as key allies in the fight against irregular migration, with 22,000 people using this route to reach the UK last year.
The UK government has signed agreements to tackle smuggling gangs with Serbia, Albania, North Macedonia and Kosovo.
Keir Starmer said earlier this year that the government was in talks with unnamed countries about setting up “return hubs” which he called an “important innovation” for individuals who have exhausted all appeals in the UK system.
Kosovo is the first to confirm these negotiations are under way, and further discussions about it are likely in the margins of this week’s summit.
The small eastern European nation and the UK have strong ties, with Sir Tony Blair feted in the country for his government’s role in spearheading NATO airstrikes on Serbia in 1999, which helped end the Kosovo War.
In June, Kosovo made an agreement with the US, negotiated under the Biden administration, to take up to 50 US deportees who met certain criteria. But it is understood only one or two have arrived due to legal issues.
Kosovo would likely be seeking a defence agreement and UK investment in return, with the country concerned about Russian aggression and hostility from neighbouring Serbia.
Read more:
UK to ask Kosovo to take migrants
Govt considering sending failed asylum seekers to overseas migrant hubs
Tony Blair receiving a hero’s welcome in Kosovo in 1999. Pic: Reuters
Kosovo wants security support
Mr Kurti added: “We would like mainly to get support in security – be that through strategic agreements, or through equipment and projects we might do. Our two teams are working on this, but I think this will have a successful result.”
It is not expected the UK will make a formal request until further legal issues are worked through, which could be significant.
A controversial deal made by Italy in 2023 to send thousands of migrants to two detention centres in Albania has cost millions of euros and been halted by multiple legal obstacles.
Andi Hoxhaj, Balkan expert at King’s College, said: “Such a deal is unlikely to happen at the Summit. Nevertheless, I expect some statement indicating that the UK and one or two Western Balkan countries are close to reaching an agreement.”
“Establishing an agreement with the UK would not be politically sensitive in Kosovo. The country continues to seek deeper ties with one of its strongest allies-one that played a crucial role in its path to independence.”
Kosovo has convict deal with Denmark
Sir Keir was left embarrassed on a visit to the Albanian capital in May when he announced the UK was in talks about return hubs in the Balkans, only for Albanian Prime Minister Edi Rama to say he would not allow the UK to “dump immigrants” in his country when it is in a “marriage” with Italy.
Under Yvette Cooper, the Foreign Office has shifted focus to migration – with more staff working on the issue, drawing up sanctions on people smugglers and pursuing returns agreements.
Kosovo has also ratified a deal with Denmark – another active contributor to the NATO-led Kosovo peacekeeping force – to take 300 convicts from its overcrowded prisons, due to start in 2027.
Return hubs are different from offshore processing – which is what the Conservatives had proposed with the Rwanda scheme.
It is proposed that individuals would only be sent to a return hub if their claim for asylum in the UK had been rejected – and they were awaiting deportation.
By sending them to a third country, the government hopes it will prevent people trying to frustrate and delay the process of removal and that it could act as a deterrent to people coming in small boats.
Only 3% of people of small boat arrivals in 2018-24, or around 5,000 people, were returned from the UK, according to the Oxford Migration Observatory, although removals of failed migrants from all routes has increased in the past year.
Politics
Police should focus on ‘tackling real crime’, No 10 says, after Met Police halts non-crime hate probes
Officers should focus on “tackling real crime and policing the streets”, Downing Street has said – after the Metropolitan Police announced it is no longer investigating non-crime hate incidents.
The announcement by Britain’s biggest force on Monday came after it emerged Father Ted creator Graham Linehan will face no further action after he was arrested at Heathrow Airport on suspicion of inciting violence over three posts he made on X about transgender issues.
Politics latest: Boris Johnson left in ‘homicidal mood’ after exam result fiasco
Sir Keir Starmer’s spokesman said police forces will “get the clarity they need to keep our streets safe” when a review of non-crime hate incidents by the National Police Chiefs’ Council and College of Policing is published in December.
“The police should focus on tackling real crime and policing the streets,” he said.
“The home secretary has asked that this review be completed at pace, working with the National Police Chiefs’ Council and the College of Policing.
“We look forward to receiving its findings as soon as possible, so that the other forces get the clarity they need to keep our streets safe.”
He said the government will “always work with police chiefs to make sure criminal law and guidance reflects the common-sense approach we all want to see in policing”.
After Linehan’s September arrest, Met Police Commissioner Sir Mark Rowley said officers were in “an impossible position” when dealing with statements made online.
File pic: iStock
On Monday, a Met spokesperson said the commissioner had been “clear he doesn’t believe officers should be policing toxic culture war debates, with current laws and rules on inciting violence online leaving them in an impossible position”.
The force said the decision to no longer investigate non-crime hate incidents would now “provide clearer direction for officers, reduce ambiguity and enable them to focus on matters that meet the threshold for criminal investigations”.
Justice minister Sarah Sackman said it is “welcome news” the Met will now be focusing on crimes such as phone snatching, mugging, antisocial behaviour and violent crime.
Asked if other forces should follow the Met’s decision, she said: “I think that other forces need to make the decisions that are right for their communities.
“But I’m sure that communities up and down the country would want that renewed focus on violent crime, on antisocial behaviour, and on actual hate crime.”
The Met said it will still record non-crime hate incidents to use as “valuable pieces of intelligence to establish potential patterns of behaviour or criminality”.
Industry watchers welcomed the idea of “skinny” master accounts as another sign of the end of crypto’s banking troubles, in what insiders describe as “Operation Chokepoint 2.0.”
-
Sports3 years ago‘Storybook stuff’: Inside the night Bryce Harper sent the Phillies to the World Series
-
Sports2 years agoStory injured on diving stop, exits Red Sox game
-
Sports2 years agoGame 1 of WS least-watched in recorded history
-
Sports3 years agoButton battles heat exhaustion in NASCAR debut
-
Sports3 years agoMLB Rank 2023: Ranking baseball’s top 100 players
-
Sports4 years ago
Team Europe easily wins 4th straight Laver Cup
-
Environment2 years agoJapan and South Korea have a lot at stake in a free and open South China Sea
-
Environment1 year agoHere are the best electric bikes you can buy at every price level in October 2024