A recent research paper co-authored by Ethereum founder Vitalik Buterin and a group of academics and blockchain infrastructure researchers delves into the challenges of ensuring privacy in blockchain transactions while also meeting regulatory comprliance.
The paper, released on Sept. 6, introduces a new synthesis based on the protocol called "Privacy Pools," which seeks to strike a balance between user anonymity and regulatory demands.
According to the paper, the new concept improving Privacy Pools will allow users to demonstrate that they did not receive funds from specific, potentially illegal, groups without revealing their exact sources of funding. The solution would utilize zero-knowledge proofs, a cryptographic technique that enables a party to confirm that they hold specific information without disclosing the nature of that information.
Buterin's co-authors include Ameen Soleimani, an early Tornado Cash contributor and co-founder of Moloch DAO, Jacob Illum, chief scientist at blockchain security firm Chainalysis, and Matthias Nadler and Fabian Schar, both from the University of Basel.
Soleimani had previously introduced the concept of the Privacy Pools protocol in March 2023, drawing from the idea of Tornado Cash, a crypto mixer which Vitalik has been supportive of in the past. Privacy Pools was built on Ethereum's codebase and deployed on the Optimism blockchain. However, Privacy Pools differs in its approach by focusing on regulatory compliance.
Similar to the concept of Tornado Cash, Privacy Pool mixes multikple user transactions to hide their true origins. In contrast, however, the concept behind the latter departs with this distinction: when users wish to withdraw funds, they can opt to generate a zero-knowledge proof, thus confirming they aren't connected to illicit blockchain addresses while protecting their identity.
The paper cited real-world examples to illustrate the potential privacy issues posed by public blockchain transactions. For instance, when paying a restaurant bill using blockchain, the restaurant could potentially view a customer's entire transaction history.
The research paper's abstract explains the core concept here:
The core idea of the proposal is to allow users to publish a zero-knowledge proof, demonstrating that their funds (do not) originate from known (un-)lawful sources, without publicly revealing their entire transaction graph. This is achieved by proving membership in custom association sets that satisfy certain properties, required by regulation or social consensus.
An essential aspect discussed in the paper's proof of concept for enhancing (or in this case, extending or reconfiguring) the functionality of Privacy Pools is the creation of "association sets," representing groups of wallets linked via zero-knowledge proofs. The concept of association set providers (ASPs) was introduced, with their primary role being the generation of these sets. The paper highlights that ASPs could operate completely on-chain, removing the need for human or AI intervention, or they might generate association sets independently and then publish them on-chain.
One of the primary motivations behind this research is the ongoing scrutiny of crypto mixers like Tornado Cash. Last year, the U.S. government sanctioned Tornado Cash due to allegations that it enabled transactions for the North Korea-associated hacking group, Lazarus. The sanctions then led to the arrest of Alexy Pertsev, its founder.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.