Foresight Ventures: In the Web3 era, privacy protection will become a standard
first level title
0. Summary
The following is the mind map of the article:
text
In the age of Web2, we have no privacy
In the tenth chapter of the Bitcoin white paper, Satoshi Nakamoto spent the entire chapter describing the privacy model of the Bitcoin network. In the traditional banking model, participants and trusted third parties have limited access to information, which achieves partial privacy. But on the blockchain network, the transaction must be guaranteed to be open, so the privacy of Bitcoin is maintained through the anonymity of the public key. Usually we cannot associate who this is from a randomly generated public key (although we now have tools such as giant whale analysis that can infer this information).In the example given by Satoshi Nakamoto, the privacy design of the blockchain is "evolved from the bank to the Bitcoin network". We can extend from this example to the privacy design of "Web2 to Web3".
We assume that the underlying network of Web3 will be a blockchain network like Bitcoin. Then the privacy we discuss will have the premise of open transactions, open source data and decentralization.
In fact, we have long realized the importance of privacy on the Internet. When accessing the Internet, elementary school information class teachers and parents will remind you not to reveal your real name on the scary Internet, after all, you don't know who is behind the screen.In the era of open and user-led Web3, privacy protection will be a standard configuration.
secondary title
1. What is privacy in the Web3 era?
Privacy in the Web3 Era = Confidentiality + Anonymity = Data Privacy + Identity Privacy + Computational Privacy
In the Web3 era, assuming that all the interactions and network traces we do are interactions with on-chain applications, then all our data will be transactions and the information contained in the transactions. Taking the transferFrom function in ERC-20 (the parameters are _from, _to, _value) as an example, the transaction is composed of the following contents: transfer sender, transfer receiver, transfer amount. For these transactions, we can define privacy, anonymity, and confidentiality in the Web3 era.
Anonymity refers to: the sender and receiver of the transaction (real identity) need to be non-public, and the transfer amount can be public (only the _value parameter can be known).
Confidentiality refers to: the transfer amount and other content of the transaction need to be non-public, and the sender and receiver can be public (only _from and _to can be known).
True privacy (Privacy) should be anonymous + confidential, which means: all the content of the transaction, including the transaction sender, transaction receiver, and transfer amount, need to be non-public.On this basis, further privacy is,After the transaction, the user actively chooses the privacy of the transaction execution, which may be difficult to achieve under the immutable characteristics of the blockchain.
secondary title
Data privacy is confidentiality, which mainly includes two parts: the control and ownership of data and the confidentiality of data content itself.
text
a) Data Control and Ownership
User data should not be a product. Users have absolute control and ownership of data, can guarantee the ownership of data and prevent unauthorized operation of data by the platform, which is a manifestation of privacy.Recall, do almost all search engines, e-commerce platforms, and video sites have countless advertisements? Companies in the Web2 era regard the number of users as their property, and users are the source of their advertising revenue. From cookie tracking to Google Analytics, every action you take, even a few seconds on the page, will be tracked. And you might just tick off those privacy agreements that no one ever reads. In the future, as the network becomes more popular, more users and data will flood into the Internet, which will bring more lucrative rewards to companies specializing in data theft. In the Web2 era, the default situation is that users have no privacy, and users have no control and ownership of data.
text
data controlData should not be a product, it should be information.
In the Web3 era, users need to have control over data, and every interaction and transaction made and the data generated need to belong to the user themselves. Only the user can decide what to do with this data. The ownership of the data is not determined by the application, but based on the user's subjective wishes, which is also a manifestation of privacy for the user.text
data ownership
data ownershipAccording to an article by VincentArticles about Web3 reshaping the value of data
As mentioned in , users can get value from all their data. In the Web2 era, data has value, but it is the property of the company, and the value does not belong to users, nor will it be distributed to users. In the Web3 era, data on the chain is a gold mine, and it is a gold mine owned by users. The more applications of Web3, the more data, the bigger the gold mine.Web3 users are free to surf the web in the Web3 era with their own gold mine of data.
Imagine bank data exchange, social media data exchange, video website data exchange... In fact, you don't have to imagine, this has already happened in Web3. Every trace of you is left on the chain, in your address. To interact in another DApp, you don't have to start from scratch, because the previous data will always belong to you and accompany you.
When you use chat software in Web2, you are talking with others on Facebook’s centralized server; while in Web3, when you use chat software, you will talk to yourself, and all the data will be stored in your own account. What the chat software does is to grab the data you have on the chain.
Arweave
The relationship between data ownership and data privacy is not particularly great, so I will not over-extend it here, but I highly recommend you to read the article mentioned above.Arweave is a blockchain for permanent storage. In a worst-case scenario, Arweave can store data for 200 years (for an average human, that's eternity).
Although there is no rival in terms of permanent storage, the real value of Arweave lies in the permanent control and ownership of data.
The data uploaded by Web3 users and developers to Arweave can never be closed (> 200 years), and it will always belong to the user and the entire decentralized network. Users have absolute control over the data and will not be removed. Persisting data is only the first step. The real point is that through the entire permanent storage network, all people participating in Arweave share the risk of data being removed from the shelves. The NFT uploaded to Arweave will never be deleted, which is the real value of NFT ownership to users. An ever-living NFT and NFT ownership should be a necessary feature of an NFT.
Recently everFinance made a Mirror search engine on Arweave. Any of the data is taken from Arweave, a decentralized network. Users will not have to worry about whether one day their beloved media platform will be taken off the shelves due to various pressures. If you want to use Arweave's persistent data BUIDL for more platforms, you can try this open source library.
encrypted wallet
encrypted wallet
An encrypted wallet is a point where data control is very important. As the entrance of the Web3 era, encrypted wallets are as crucial as the Google search engine of Web2 (of course, encrypted wallets will not collect and sell your data like Google).All encrypted wallets (Metamask, Bitkeep, etc.) embody Web3 users' control over their data.This is an aspect of privacy that exists widely in Web3 but is often overlooked, but Web3 users have already silently enjoyed the privacy experience of controlling data.
text
Data control and ownership leads to better UX
Under the Web3 trend, almost all user data can be viewed at will, and how to use these data is decided by the project itself. Web2 developers will first compete for data, let users enter in circles, and let users become cows that continuously produce data, instead of thinking about how to use better apps to attract users. According to a DuckDuckGo analysis of popular free Android apps, 96% of free apps on Android contain third-party trackers, 87% of which send data to Google and 68% to Facebook. The homogenization of data on the blockchain allows Web3 developers to compete in product interaction and conception, which will directly improve user experience.The data of Web3 also belongs to the entire transparent decentralized network. This is definitely a good thing for user privacy.
secondary title
b) Confidentiality of data content
The confidentiality of data content mainly refers to the specific content in the transaction, or the user's transaction records, which are encrypted or not made public. We can think that concealing the input and output addresses of the transaction or blurring the specific amount of the transaction is a manifestation of the confidentiality of the data content.
text
Privacy transactionThe account system of Ethereum itself is not "private".
If you perform a claim ENS airdrop operation, your address will be exposed on the contract interaction record, and others can review all your transactions. In real life, this is similar to when you go downstairs to buy coffee, your house purchase and hotel consumption records may be reviewed by others. This is also similar to the whereabouts of infected people during the new crown period will be fully exposed. Such exposure is a good thing for the security of the entire health system and the blockchain network, but it is a relatively harmful thing for individuals.
For example, the picture below is the address of a hacker. He crawled the Internet for private keys leaked by others, and the victim would be transferred by the hacker as soon as he received the airdrop. We can clearly see his criminal process. Although it is fair for us to examine his criminal process, it leaks his privacy...
A very simple and violent method to achieve private transactions is to encrypt all accounts and transactions and then decrypt them. However, such a method is very expensive and time-consuming because it involves the verification of the transaction by the network.
Aztec (zk.money)
It should be noted that the privacy transaction here only allows the originally transparent data on the chain to be hidden and undisclosed. The privacy and security of the amount on-chain and off-chain will be discussed in subsequent chapters.
Aztec's zk.money is a zkRollup Layer 2 on Ethereum that specifically solves privacy issues.
zk.money achieves private transactions by directly abandoning the Ethereum account system and switching to the UTXO system. It directly uses bills to keep accounts. A transaction is no longer a change of state of two related accounts, but a change of ownership of a note. Encrypting notes is much simpler than encrypting transactions between accounts.
Transactions on zk.money are invisible to third-party users. For the entire Aztec network system, while avoiding problems such as double spending, the privacy of transactions is guaranteed through zero-knowledge proofs. The owner of the UTXO proves that there is such a ticket in the system and that he owns the ticket through the proof generated by himself. Users do not need to show their actual transaction amount to prove that the transaction is legal.
The ticket ownership of zk.oney is stored in two Merkle trees, one contains all the tickets ever created, and the other contains all the tickets ever destroyed. When a ticket is destroyed, instead of removing the ticket from the first tree, it is added to the second tree.
tornado.cash
The usage process of zk.money is as follows: the user deposits funds from the main network to Layer 2, generates a certificate → the user performs a sending operation on Layer 2 (with privacy protection) → the user withdraws funds to the main network
tornado.cash is a private on-chain coin mixer on Ethereum, a bit like DASH's anonymous transactions. Its name is very apt, put the funds in the tornado, and then take it out, you don't know who issued it.
tornado.cash also uses zero-knowledge proof to hide the receiving account of the transaction, and in the case of privacy, the left hand turns to the right hand to realize the private transaction.
It uses a smart contract as a black box in the middle of the transaction to break the connection between the sender and the receiver. The sender provides a confidential hash value when depositing, and the receiver (it can be the sender himself) only needs to provide a zkSNARK proof when withdrawing cash to accept the deposit directly.
In addition, there are public chains for private transactions such as monero, ZCash, and DASH, which basically use technologies such as zero-knowledge proof and currency mixing to realize private transactions to achieve confidentiality.Web3 will be built around tokens with different values and functions. The transaction transfer of tokens is only a small part of the use of Web3, but it is the operation that is most likely to expose privacy. In the Web3 era, our transactions will be private.
secondary title
3. Privacy calculation (anonymity and confidentiality in the process of data calculation)
Computational privacy is a further extension of transactional privacy in data privacy. The computing privacy of smart contract execution is usually achieved through cryptography, AI technology, trusted execution environment and other technologies, but it is very difficult to achieve a perfect balance between performance and privacy.Privacy computing is a step closer to data privacy privacy transactions, and has been extended to Turing-complete smart contracts. The privacy protection of smart contracts mainly focuses on the execution process of smart contracts, and shields the data and intermediate states involved in the execution from third parties and nodes that execute smart contracts.
Privacy computing technology is divided into three major directions: cryptography (such as multi-party secure computing MPC), AI technology (such as federated learning), and trusted execution environment (such as SGX).
Multi-party secure computing is usually completed with the help of a variety of underlying cryptographic frameworks, mainly including Oblivious Transfer (OT), Garbled Circuit (GC), Secret Sharing (Secret Sharing, SS) and Homomorphic Encryption (HE), etc. . No expansion is done in this article.
Federated learning is to carry out efficient machine learning between multiple participants or multiple computing nodes under the premise of ensuring information security during big data exchange, protecting terminal data and personal data privacy, and ensuring compliance with laws and regulations. In short, it is to share data with others without exposing privacy, so as to improve the alchemy process of machine learning together. More content related to AI in federated learning, this article will not expand.
Oasis Network
The trusted execution environment is mainly related to the underlying hardware. Usually, a trusted and isolated secret space independent of the operating system is divided in the CPU. Since data processing is carried out in a trusted space, the privacy of data depends on the realization of trusted hardware. The main difficulty lies in how to balance performance and privacy.
Oasis Network mainly benchmarks against Polkadot, layering consensus and computing, and using ParaTime parallel chains to process computing. Oasis Network uses a trusted execution environment solution (SGX-based Confidential ParaTime) to achieve privacy computing. In a layered and trusted execution environment, it has a better combination of performance and privacy.
The ecology of Oasis Network has advantages in terms of privacy computing. At the same time, Oasis Network is compatible with EVM, and its ecological scalability is relatively strong.
The use cases of Oasis Network mainly lie in data tokenization (mortgaging data, obtaining income, and supporting certain authority control) and as a high-performance EVM L2.
PlatON Network
The main disadvantages of Oasis Network are low composability, overly complex layered design, and inability to communicate between different ParaTimes; the contract is stateless, and the application is not flexible; the application scenarios are still vague.
PlatON Network is mainly a privacy + AI public chain project. Its main features are multi-party secure computing and AI, as well as separation of consensus and computing, on-chain verification, and off-chain computing (smells like SCP). Off-chain computing not only brings higher performance, but also various complex operations (especially in AI and machine learning) can also be achieved.
The main difference between Oasis Network and PlatON Network is: Oasis Network is differential detection + non-full node consensus, and PlatON Network is full node consensus; PlatON uses homomorphic encryption to ensure the credibility of off-chain calculations.
In addition, there are projects such as Secret Network and Phala Network. ICP is also preparing to join the trusted execution environment to achieve computing privacy.Computational privacy is more complicated, and it is necessary to make a fuss about the design of the blockchain network, which involves issues of cross-chain and ecological cultivation.
secondary title
Identity privacy is anonymity, which mainly includes two parts: the separation of physical identity and digital identity and the independence of digital identity.
text
a) Separation of physical and digital identities
The separation of physical and digital identities represents a separation of users' real and online identities. In the period of Web1, we can browse without revealing our mobile phone number and name, but in Web2, we have to submit the information to kyc. This is a serious privacy violation, but it is still difficult to solve at this stage.
The separation of physical identity and digital identity refers to the separation of people's real identity and network identity, which is essentially the anonymity of people's identity in the process of accessing the Internet.
It sounds like this is easy to do, as long as the giant whale increases its holdings of Bitcoin without revealing the name of the organization, as long as the user does not use his real name as a screen name, and does not need his real geographical location. But in fact, this is the most difficult pain point to improve privacy. We cannot achieve a seamless partition to protect our real identity. As long as we surf the Internet, telecom operators have the opportunity to obtain our identity; as long as we buy something, e-commerce platforms can obtain our identity; as long as we use ENS, we may Will be fleshed out...
In addition, various third-party logins on the Web2 website actually exposed a lot of our online whereabouts and real identities. For the convenience of use, we will log in to the website directly through Google or Facebook, which is actually promoting the monopoly and centralization of these large companies, and at the same time infringing on our own anonymity.
The anonymity of physical identities and isolation from digital identities was actually the stuff of Web1, and by Web2 we've been exposed to the spotlight. Some Apps cannot be used without filling in your name and phone number, which is a violation of user experience and privacy.
text
b) Independence of digital identitiesOn top of the separation between real identity and online identity, what we can go further in terms of privacy is the independence of digital identity.
If our digital identity cannot be directly independent, it means that the digital identity is still "broken" from the real identity, and our privacy still has a great risk of leakage and exposure.This "virtual space that maps the real world and is independent of the real world" perfectly combines digitization and privacy. We can not only enjoy the real world built through tens of thousands of years of history, but also "reborn" in the metaverse world, and become residents of the metaverse through an independent and private identity.
text
digital identity socialThe independence of digital identity complements the data ownership characteristics of blockchain Web3.The independent socialization of digital identities will be a very important application of privacy, and it is also the most important part of the Metaverse.
text
Cultivation and reopening of digital identitiesYou can take all the data of Web3 users with you at will, which makes it easier to develop digital identities. The intercommunication of data naturally builds bridges between projects and opens up data islands.
Through your on-chain degen score, CryptoPunks avatar, and governance experience, we can be trusted, transparent and easily cultivate an identity. This makes the formation of communities more transparent and efficient, and makes the socialization of digital identities easier.
When you want to jump from your real identity to your digital identity, you can directly reopen your KOL or idol career into your digital identity with a new look. The most typical example is the virtual idol. Many times we fully know who the real identity behind this digital identity is, but the people behind the identity can still use the new digital identity to cultivate new communities and generate more memes. Of course, this situation is contrary to privacy.Even when you don't want this digital identity, you only need to create a new account and start from scratch (of course your real identity cannot be exposed in this digital identity), while in real life, it is relatively difficult to reopen dangerous.
Realy
All social interactions with digital identities remain in the digital world. What happens in Vegas stays in Vegas. Your reality identity will not be affected at all.
Realy is a metaverse project that combines street culture with urban scenery as the main line, and proposes the concept of City DAO. Realy transfers 3D virtual clothing, virtual concerts, and offline trendy brands to the chain. At the same time, it will also hold virtual concerts and support users to perform operations such as City governance in the Metaverse.
The metaverse of the future must be a "combination of virtuality and reality". On this basis, it also needs to be able to exist independently without relying too much on the real world. What Realy brings is a complete presentation of street fashion culture on the chain, which is very attractive to young people. I personally like to try different experiences in the digital/metaverse identity. My social accounts and the gender in the game are basically set as female. This opens up countless possibilities for digital identity and social interaction.
In Realy, you can freely embrace trend culture regardless of gender and appearance restrictions; you can also participate in virtual concerts digitally regardless of geographical location, time and epidemic risk restrictions. These are important ways of living and socializing for Web3 users. All this can be done without involving physical identity. All the data on the chain, including the purchase of trendy clothes and participation records in concerts, will be accompanied by your digital identity. In other metaverses, your image will also be a fan and trendy player of 88rising.
Essentially, real social interaction and privacy are somewhat contradictory. If you want to socialize, you have to show your face, you have to give up some of your privacy, and exchange information with others.Blockchain Web3 empowers users: data control and ownership and independence of digital identity, complete privacy of physical identity. We can use the digital identity on the chain to interact consistent with real life. At the same time, the existence of a new digital identity also gives people a second life and a second way of life.
secondary title
5. The contradiction between blockchain and privacy
The Impossible Triangle of Blockchain Performance, Usability, and Privacy.
Cross-chain + privacy chain or decentralized applications that specialize in privacy can improve the privacy of the blockchain without excessive loss of performance and usability.
contradiction:
In an article by BluemountainLabs, it is mentioned that privacy protection needs to be integrated into the overall underlying logic. Vitalik also said: "Only a global anonymous collection is truly reliable and secure." This means that perhaps only a global privacy protection on the blockchain network will be the most effective.
In practice, both Bitcoin and Ethereum sacrifice some privacy protection in order to preserve decentralization and computational costs. In Bitcoin, through the data capture of the accounts of predators, their operations such as selling transfers will be exposed, which causes them to lose part of their privacy. In the design principles of Ethereum, the word "privacy" is only mentioned in the chapter of account system and UTXO. Instead of adopting UTXO with stronger privacy protection and more scalability, Ethereum adopts an account system with stronger performance and more convenient use.In the impossible triangle of performance, usability, and privacy, ordinary users and developers currently want to solve performance first, followed by usability, and finally privacy.
In the Web3 era, perhaps the last darkness before dawn will be privacy issues.
solution:
In this contradiction, what we want to get is: the global privacy of the blockchain without excessively reducing performance.
One of the most complete but bloated solutions is: to achieve privacy by creating a dedicated privacy chain (such as Monero), and then matching various cross-chain tools and various wallets. But this is very bad in terms of user experience. It's like you want to post photos of your tattoos on social media, but you don't want your elders to see, then you need to add and block them one by one, or even go to another younger social media, just add Your peers are friends. This is very troublesome in both Web2 and Web3 scenarios.
A way to improve user experience and performance by abandoning part of the overall situation is to implement privacy operations through pluggable decentralized applications or Layer2 (such as zk.money). This allows users to enjoy privacy protection (even with additional performance advantages) without leaving the original blockchain network. Among them, pluggable decentralized applications are better than Layer 2. Because in my imagination, the distant and beautiful Web3 will definitely be multi-chain interconnected. A pluggable multi-chain decentralized privacy application can be more flexible and "decentralized" (not centered on a single chain). In this regard, I am very optimistic that more flexible design paradigms can make privacy-related applications, such as SCP on Arweave.
The immutable and open nature of blockchain data contradicts privacy.
It is impossible to withdraw or hide transaction information afterwards. However, users can decide whether to disclose data through the privacy options before transaction submission (such as Volition similar to StarkWare).
contradiction:
The first is the disclosure of blockchain data. The input, output and content of the transaction are usually visible in the blockchain browser. This makes data protection extremely difficult.
The second is the immutability of blockchain data. Once the data is uploaded to the chain and written into the block, it cannot be tampered with. After the user submits a transaction that exposes privacy, it cannot be withdrawn or hidden. Perhaps the address can only be discarded directly to show innocence. This actually violates EU data protection regulations (all users have the right to be "forgotten").
solution:
The disclosure and immutability of data can actually be viewed together. There is absolutely no way for us to compromise on the basic characteristics of these two blockchains like performance, and privacy is definitely a second-class citizen in front of these two characteristics. Then publicity and immutability cannot be eliminated (we can solve anonymous and confidentiality).
But what we can figure out is that these two qualities are born for security and openness of the network. We actually have control and ownership over our data. Even if our transaction data can be withdrawn, it is likely to have been crawled by thousands of crawlers before the withdrawal. In that case, the withdrawal may not be meaningful. The Internet has memory, and an Internet that is open and cannot be tampered with is even more so.
In fact, most of the time, your on-chain data is your own wealth and value, but for a small amount of data that needs privacy, I think it is very necessary to protect it through optional privacy options.
secondary title
6. Summary
No one knows what will happen to Web3, and most Web3 users don't know what they want at all, just like Web2 users have known for a long time that their privacy has been violated so unscrupulously. The large amount of funding received by privacy projects has actually increased the exposure of the need for privacy, making more people realize that in the future, a better Internet should require privacy.
In the Web3 era, we need data autonomy, data privacy, data computing privacy, and real identity privacy. At the same time, ideally, the best privacy application needs to be user-experience-centric, pluggable, lightweight, and mentally burdened.
