The startup behind the privacy-centric bitcoin app Wasabi Wallet recently brought together 100 people to collectively execute a “CoinJoin” transaction.
Michael J. Casey is the chairman of CoinDesk’s advisory board and a senior advisor for blockchain research at MIT’s Digital Currency Initiative.
The following article originally appeared in CoinDesk Weekly, a custom-curated newsletter delivered every Sunday exclusively to our subscribers.
Imagine if flour millers insisted on knowing the precise identity and originating farm of each grain of wheat delivered to them.
It would render the global wholesale crop market dysfunctional. That market depends on buyers accepting products from warehouses and shippers even though they don’t know their origins.
At the heart of this system is the ancient principle of fungibility: the idea that one unit of a particular product is perfectly interchangeable with another.
This principle depends upon an unspoken agreement between market participants that information about a product’s history is not only hidden but is actually lost. A product having this quality is, more or less, the very definition of a commodity.
Fungibility is even more important to money. Our system of money requires that each dollar be completely interchangeable with any other dollar. For it to function perfectly, users can have no knowledge of the history of each of those dollars.
I like to define money as a communication system that uses a commodity (the currency) to convey information about transfers of value. If the commodity’s fungibility is challenged, the power to communicate that information is diminished.
You could say that assuring the fungibility of a currency is a matter of free speech. Just as importantly, the breach of freedom means that the system of exchange itself breaks down.
It’s all about privacy
It boils down to privacy. Without the history of transactions being obscured, money doesn’t function so well.
If we knew where every distinct unit of currency had been, it would assume the quality of a distinct, identifiable form of property. And that would leave our money subject to liens and asset seizures by creditors or law enforcement agents taking actions against other people.
This is critical to the argument around privacy in the blockchain and cryptocurrency communities.
Unless you’re listening to the outdated, false talking points of some anti-crypto crusaders, you’ll know by now that bitcoin, which keeps a record of every single input and output, is not very private. (If you’re going to do a giant drug or arms deal that you want kept out of view, it’s much better to use a briefcase full of Ben Franklins, not bitcoin.)
This aspect of bitcoin raises serious questions about its fungibility.
The same questions will arise around the myriad new blockchain platforms for exchanging digital assets. For these systems’ crypto-economic incentive and governance models to fulfill a promise to resolve trust problems and enhance community coordination, their tokens must be fungible. (Note: this interchangeability is required even when the token represents a claim on a piece of distinct, underlying property, such as a share in a piece of real estate.) And that means that they too must address the privacy dilemma.
Even as the understanding of bitcoin’s privacy limitations improves, and as mathematicians such as Blockstream’s Andrew Poelstra seek to overcome them, the public debate over this matter still mostly misses the bigger point of fungibility.
As cryptographic tools for enhancing privacy have been incorporated into cryptocurrency projects, including zero-knowledge proofs (zcash), ring signatures (monero) and bitcoin mixers, the debate over their value to society is too narrowly viewed as a battle between privacy as a human right on the one hand and society’s need to prevent criminality on the other.
But serious cryptographers working on these tools make a bigger and more important claim: privacy is needed to enhance the “moneyness” of cryptocurrency.
It is a vitally important task, because, as it is, our entire global system of money has also seen its fungibility deteriorate, precisely because privacy has been eroded.
Even though, for the most part, a dollar is still treated as interchangeable with any other dollar, increasingly stringent anti-money laundering rules are undermining that system.
The cost of compliance
It began well-intended, with the U.S. Bank Secrecy Act of 1970, which requires banks to identify customers before permitting them to use their services and to, effectively, monitor their behavior.
The BSA became a powerful weapon in the U.S. in the War on Drugs, and its principles became ever-more ingrained into our financial system. There’s now an elaborate global system of outsourced monitoring aimed at using money trails to catch bad guys.
It’s debatable how successful these programs have been. The United Nations Office on Drugs and Crime estimates that up to $2 trillion is laundered annually, or 5 percent of world GDP. Governments’ answer to that problem has, predictably, been to add even more surveillance and compliance requirements.
What is clear is that all these rules end up curtailing the flow of money around the world, especially that of honest actors.
Since the 2008 financial crisis, and following some heavy fines against banks that serviced drug cartels or dealt with sanctioned entities on the Office of Foreign Assets Control (OFAC) list, “know-their-customer” (KYC) identification requirements have become a major cost drain for most banks.
These compliance costs are now so burdensome that many have been pulling back from perfectly reasonable businesses that their compliance officers deem “risky.” Entire regions such as the Caribbean have suffered debt crises because of this “de-risking” problem.
Banks might still function somewhat like those grain warehouses, bundling deposits in a way that doesn’t distinguish one dollar from another. But I would argue that this excessive compliance process has, in effect, made the global monetary system less fungible. A dollar transmitted by an “unbanked” individual in the Bahamas is now worth less than a dollar wired by a fully “KYC-ed” U.S. bank client.
Bitcoin promised a way around this problem. There was no need to personally identify oneself to gain access to bitcoin currency; you merely had to download the software and generate a public key that contained no identifying information. Many of us saw it as a solution for the unbanked of the developing world.
But since bitcoin wasn’t widely used by the general public, users inevitably had to interchange coins with fiat currency, which meant interfacing with the banking system. Once bitcoin wallets and exchanges were subject to KYC rules, they created identifiable on- and off-ramps, which, when combined with bitcoin’s permanent, immutable, blockchain ledger, created a clearly traceable record of every bitcoin transaction.
This is how the U.S. Department of Justice caught those rogue Secret Service agents who thought they could abscond with bitcoins seized in their investigation of Ross Ullbricht, the convicted founder of the Silk Road marketplace.
We’ve already seen how bitcoin’s traceable history undermines fungibility. When the FBI launched a series of auctions of bitcoins seized in that same investigation, it attracted giant bids that put a higher price on bitcoin than that quoted on exchanges.
Why? Because these were “whitewashed” coins; no FBI agent would seize these again. It turns out that one bitcoin can be more valuable than another.
Imperfect fungibility means that people will tend toward holding bitcoin as a speculative asset rather than using it as a medium of exchange. Speculation is all well and good, but if bitcoin can’t be used for purchases, it’s an impractical form of money.
Privacy = freedom = a healthy economy
Yet because governments are unwittingly creating the same problem with their own money, cryptographers working on privacy solutions for cryptocurrencies have an opportunity to enhance economic activity, not only in the world of crypto, but the world over. In doing so, they’re also striking a blow for freedom.
That’s because privacy is not only critical for monetary fungibility, it is the foundation of freedom. In the years ahead, as economic activity becomes increasingly digital, I believe this duality of privacy and freedom, measured by how easily our value exchange systems allow us to transact with each other, will become the defining differentiator between economic systems.
Consider China. The rapid expansion of digital payments there, led by Alibaba’s Alipay and Tencent’s WePay, has caught the world’s attention. It’s driving other governments to vow to create “cashless societies.”
But as the Chinese government expands its surveillance state, replete with its ominous “social credit score” measuring and incentivizing citizens’ behavior, the traceability of those digital payments looks quite worrying.
At what point does a digital transaction model’s threat to privacy, fungibility and economic activity outweigh its ease-of-use advantages? This, I believe, could be the defining issue in a global competition between open versus closed economic models.
So let’s applaud and support the work of these pro-privacy cryptographers. They are building out a core feature of our future digital economy’s infrastructure, one that’s needed to both protect human beings and enable exchange among them.
Globe image via Shutterstock.
The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.
A Canada-based cryptocurrency exchange wants to coordinate with other startups around the world to help fight the international fentanyl epidemic.
Einstein, based in Vancouver, is trying to obtain lists of wallet addresses associated with fentanyl arrests and indictments, said Christine Duhaime, the firm’s chief anti-money-laundering officer.
In parallel, the firm is also pursuing partnerships with other exchanges, starting in its home country and in the U.S., “to build a global database of bad wallet holders,” said Duhaime, who also runs an eponymous law firm and is the founder of the Digital Finance Institute, a think tank.
The goal is for Einstein and other exchanges to prevent their customers from sending cryptocurrency to these wallets from their exchange accounts, Duhaime told a suit-and-tied crowd of 200 at the Blockchain for Business and Government conference in Toronto, Monday.
While cryptocurrency ranks at the bottom among ways fentanyl is paid for – bank wires and traditional money transmitters are more commonly used – Duhaime framed Einstein’s efforts to combat the drug as philanthropic.
She told attendees:
“We would do a blacklist of wallets as our giveback [to society].”
Still, there’s good reason for a Canadian exchange, one of the few serving the market actively, to seek to break ground on such an effort.
Fentanyl is a synthetic drug that’s 50 times stronger than heroin and was responsible for a reported 66 percent of overdose-related deaths in the U.S. in 2016. But Vancouver is the “ground zero” of the problem, Duhaime said, with fentanyl accounting for nearly all the Canadian city’s 922 drug overdose deaths that year.
She related a story of the teenage daughter of the head of AML compliance at a global bank who died from taking fentanyl at a graduation party. Even first responders have died from accidentally touching the stuff.
If successful, Einstein’s effort could conceivably help the cryptocurrency space overcome its lingering public image as a hive of criminality. However, the strategy may not sit well with long-time crypto users who value their privacy highly and worry about the effect blacklists have on the fungibility of bitcoin and other tokens.
A more immediate obstacle, Duhaime told CoinDesk, is that law enforcement in Canada has been reluctant to provide Einstein with wallet addresses tied to fentanyl cases, out of concern that doing so would violate privacy laws.
In response, she said, she has argued that not even bank account numbers are considered identifying information under Canadian law, and noted that wallet addresses are public. The agencies are reconsidering, she said.
Einstein already has a blacklist of addresses associated with ransomware, but it was able to put that one together on its own. That’s because ransomware victims who were Einstein customers came to the company with the information, Duhaime said.
The fentanyl effort, by contrast, will require law enforcement’s help.
While acknowledging that criminals have ways to hide their tracks on the blockchain, she told CoinDesk that fentanyl users are likely “not as sophisticated” as other bad actors and less apt to change wallets or tumble their coins.
In an earlier presentation at the conference, Michael Gokturk, Einstein’s CEO, acknowledged the irony of trying to position his company as a model of compliance in a market whose very creation was an act of rebellion.
“Cryptocurrencies need government regulation to deter price manipulation and related wrongs, but the absence of of such regulation is one of the biggest reasons that investors buy into cryptocurrencies in the first place.”
Possibly compounding the challenge, Einstein, founded about a year ago, is currently a pipsqueak among exchanges, which might limit its clout in persuading potential partners to join the effort.
Gokturk said Einstein is currently handling $20 million to $30 million in daily volume (in USD), which would put it at the low end of the top 50 tracked by CoinMarketCap.
By comparison, Coinbase’s GDAX, which ranks 12th, does about $240 million daily.
Disclosure: CoinDesk is a subsidiary of Digital Currency Group, which has an ownership stake in Coinbase.
Opioids image via Shutterstock
The leader in blockchain news, CoinDesk is an independent media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. Have breaking news or a story tip to send to our journalists? Contact us at firstname.lastname@example.org.
Arianna Simpson is the founder and Managing Director of Autonomous Partners, a fund focused on cryptocurrencies and digital assets. She is also a venture partner at Crystal Towers Capital, an early-stage venture capital fund, and previously spent time at Facebook and BitGo.
The following article is an exclusive contribution to CoinDesk’s 2017 in Review.
For all the claims that have been made over the years about bitcoin being a safe haven for criminals, it’s becoming increasingly clear that capital flows on the blockchain aren’t private.
Bitcoin itself indexes poorly on both the anonymity and confidentiality fronts, as addresses offer pseudonymity at best, and balances are completely public. Companies like Elliptic and Chainalysis are building businesses around blockchain forensics, and as the network increases in value, incentives to track flows of capital only become stronger.
The rising tide of awareness about this is largely responsible for the growth in privacy coins in 2017, many of which experienced meteoric price and transaction volume increases.
To those new to the field, getting up to speed can feel like an onerous task, but it’s important to remember we’re still in the early days, and catching up on the cutting-edge is as easy as familiarizing yourself with a handful of key issues and projects likely to be of interest in the months and years ahead
Practicality vs. ideology
There’s never a shortage of ideological differences in the world of cryptocurrencies.
As it relates to privacy, one of the biggest is whether or not techniques that keep data from being shared should be default. Emblematic of this issue are two of the sector’s biggest coins – monero and zcash.
Of the two, monero offers private by default, a feature its core developers and community value highly. However, zcash’s model includes allowing for either shielded or transparent transactions.
And there’s reason to want to see both models continue.
While privacy by default may seem like an obvious solution , we see that zcash may be well-suited for use cases such as personal or business banking situations in which privacy is generally desired, but auditability is required. Indeed, JPMorgan recently went so far as to implement zcash’s zero-knowledge security layer on its Quorum blockchain, and we may yet see more trials as enterprise interest in confidentiality advances.
Beyond ideology though, practical considerations still figure prominently.
Most transactions that enable heightened privacy require far more space on the blockchain than those that are public, and with concerns about scalability already front and center, it’s hard to justify further adding to that burden.
Advances in cryptography
Fortunately, developments are being made at the intersection of math and cryptography that will likely continue to cut down on the trade-offs between privacy, efficiency and trust.
And make no mistake, there are big trade-offs today.
Zk-snarks, the zero-knowledge proof technology currently implemented at the core of zcash, may be heralded as the most advanced blockchain privacy tool, but even it has drawbacks. Namely, researchers have taken issue with that fact that it requires a somewhat elaborate trusted setup in order to function correctly.
Alternatives are now emerging that aim to tackle the issue, and they’re likely to continue to warrant interest and attention next year.
Zk-starks, for example, developed much more recently, don’t rely on public key cryptography at all, but rather use hash functions that are unpredictable, allowing for the elimination of the trusted setup. Still, the technology is in its earliest stages at present.
More immediate might be “Bulletproofs,” a paper published in late 2017 by a notable group of leading cryptographers. But aside from the big names involved, the concept is believed to offer a substantial reduction in the size of rangeproofs needed to make transactions private.
This is seen as a major step forward in enabling space savings, faster verification times and lower fees.
Monero has already announced it is enabling the feature on testnet, with the eventual goal of bringing them to its blockchain, though that, too, may still be a ways off.
2018 and beyond
At this point, it’s still hard to predict how these technologies will advance.
Key questions include whether advances from these cryptocurrencies will continue to necessitate the existence of dedicated blockchains (with unique tokens), or whether they will simply serve as testing grounds for features that will migrate to dominate coins.
So far, it appears that the leaders of major blockchain ecosystems are hoping the outcome might be the latter.
Ethereum creator Vitalik Buterin’s recent blog post about zk-snarks and zk-starks suggests that the blockchain’s community of developers is thinking through the problem. Yet, it’s unclear how far in the future we might have to go to see a full suite of privacy features live on ethereum.
As for bitcoin, implementing changes that are beneficial for privacy looks even less likely in the near future – if we’ve seen anything this year, it’s that reaching consensus for any major change to the protocol is non-trivial.
But though there might not be answers, it seems a safe bet to project that privacy coins will continue to see their heyday in 2018. The interest and enthusiasm may just be beginning.
You don’t have to stay private… With your opinion! CoinDesk is looking for submissions to its 2017 in Review series. Email email@example.com to pitch your idea.
Dark tunnel image via Shutterstock
The leader in blockchain news, CoinDesk strives to offer an open platform for dialogue and discussion on all things blockchain by encouraging contributed articles. As such, the opinions expressed in this article are the author’s own and do not necessarily reflect the view of CoinDesk.