news.bitcoin.com
According to Shahaf Bar-Geffen, CEO of the privacy-centric Layer 2 network COTI, enterprises and mainstream organizations are not yet fully convinced of the benefits of complete privacy or true anonymity in any system. Bar-Geffen said the primary reason for this is that such systems often get exploited by individuals with dishonest intentions.
Regulators’ Perceptions of Privacy Solutions and Their Impact on Adoption
Bar-Geffen told Bitcoin.com News that enterprises would be less interested in using or adopting a solution that prioritizes users’ privacy or anonymity if authorities or regulators perceive it as a tool used to facilitate illicit activities. The COTI co-founder cited the current predicament of the mixing service Tornado Cash to illustrate how regulators’ perception of a privacy solution influences an enterprise’s stance.
However, Bar-Geffen argued that Web3 players could still overcome this challenge by “enabling transactional confidentiality” through a cryptographic technique known as garbled circuits. According to the CEO, this technique provides the same privacy protections in Web3 that one would expect from a bank or any online account.
Meanwhile, when asked about his impression of the recent EIP-4844 or Dencun upgrade to the Ethereum network, Bar-Geffen described it as a step that introduces “several brand-new mechanisms” to improve the network’s scalability. He added that the upgrade has facilitated the deployment of improved smart contracts that enable faster execution, lower fees, and increased flexibility.
Below are Bar-Geffen’s full answers to the questions sent.
Bitcoin.com News (BCN): Can you discuss how the recent Ethereum Dencun upgrade, which is already showing a significant reduction in gas fees and increased throughput, achieves these improvements? Have these advantages been incorporated into Layer 2 solutions, and what are the potential limitations of the upgrade?
Shahaf Bar-Geffen (SBG): Aside from a range of protocol adjustments and various EVM optimizations, the Ethereum Dencun Upgrade brings several brand-new mechanisms that greatly improve the scalability of the network. EIP-4844 introduces proto-dank sharding, the first step in being able to shard or parallelize Ethereum into smaller, autonomous units. Also introduced is the concept of blob-carrying transactions, a mechanism in which some transactional data is stored off-chain to reduce the storage requirements of each block.
While Ethereum’s base layer has seen reduced gas fees since the Dencun Upgrade, the biggest improvements have been felt by L2 solutions built on top. EIP-4844 has enabled the deployment of improved smart contracts that enable faster execution, lower fees, and more flexibility for both users and developers alike. With more, cheaper ways to interact with the base layer, transaction fees for all L2s dropped dramatically, up to 94% in some cases.
BCN: In your opinion, what are some of the major obstacles to ensuring compliance in a borderless ecosystem like Web3? And how can they be tackled, especially considering confidentiality and compliance don’t often go hand-in-hand when all the activities are recorded onchain?
SBG: The biggest challenge for blockchains in their aspiration for any kind of regulatory compliance is undoubtedly the transparent nature of the technology. Everything you do on Web3 is completely public and open to scrutiny. Your purchases, your account balances, and your entire financial history becomes a public record. Now, some may argue that crypto addresses are convoluted and therefore hold some degree of anonymity. But as time has gone on and people have built extensive transaction histories, we’ve seen whole industries spring up that work just to trace wallet addresses to individuals.
This kind of approach wouldn’t work in the traditional financial systems of the world. Would you sign up for a bank if your transactions and balance were made public? Would you use a messaging service where your private conversations were posted online? Would you see a doctor who informed the waiting room of your test results?
Obviously, the answer is no, and in order for these industries and others to operate, businesses and individuals need to be able to withhold specific information. This could be information about their finances, their personal details or any sensitive business arrangements they’ve acquired.
It’s important to note that we aren’t talking about anonymity, or the complete masking of the identities of the parties involved, but rather confidentiality, and the selective sharing of private information.
Now the classic argument to counter this objection is, “Why are you worried if you have nothing to hide?”. Unfortunately, the world doesn’t work that way. We need trust. Trust in business, trust in each other, and as counterintuitive as it sounds, in order to build that trust, we need confidentiality. In fact, it’s more than just a trust issue. Many regulations demand certain levels of confidentiality that simply cannot be achieved with the blockchain in its current form.
COTI V2 aims to solve the privacy dilemma by enabling transactional confidentiality on Ethereum through the use of a cryptographic technique called garbled circuits. While you can still see who takes part in a transaction, the details become encrypted from public view. It essentially allows you to have the same privacy protections in Web3 that you would expect from your bank or any online account.
BCN: Public blockchains are transparent and this may not be good enough for individuals and businesses that want their sensitive data to be private and secure. What are some of the innovative solutions addressing this problem at scale and what are the pros and cons?
SBG: There are a few projects tackling the blockchain confidentiality problem, each utilizing a different approach to solving the issue.
One of those approaches utilizes a zero-knowledge (ZK) rollup to obscure transaction data between only two people. While this might work well for specific use cases, ZK rollups cannot perform multi-party computation (MPC) making them unsuitable for privacy-centric decentralized applications (dapps) like confidential voting systems and privacy decentralized exchanges (DEXs).
Another approach that excels in both security and privacy is fully homomorphic encryption (FHE). Even though it is slowly being embraced as a solution that can handle secure MPC, FHE isn’t without its limitations. One of the unfortunate by-products of its enhanced security capabilities is a dramatically increased resource requirement on both the client and server side. This results in a comparatively higher computational latency and the need to generate larger ciphertexts for encryption.
On the other side of the spectrum, Trusted Execution Environments (TEE) are fast and have light storage, but the recent discovery of vulnerabilities exposed that their privacy component has a single point of failure, making it unsuitable for privacy applications.
It was these limitations in other confidentiality-preserving techniques that influenced our decision to utilize garbled circuits.
BCN: Garbled Circuit is not a new technology. In theory, it has been in existence since the 1980s. Could you explain to our readers what it is, how it operates, and, most importantly, why it was challenging to implement garbled circuits on the blockchain prior to your project’s success?
SBG: The best way to describe garbled circuits is to first explain what problem they were originally designed to solve. Back in 1982, computer scientist Andrew Yao came up with the now famous “Millionaires Problem”. In this theoretical dilemma, two millionaires, Alice and Bob, wanted to find out which one of them was richer. The only condition was, that Alice didn’t want Bob to know exactly how much she was worth, and vice versa.
Garbled circuits was one of the proposed solutions and it had a very elegant mechanism that can be simplified as follows. The question of “Who is richer” is first translated into a computer program known as a Boolean circuit and sent to Alice. Alice encrypts or “garbles” both that circuit and the details of her net worth before sending them to Bob. In the meantime, Bob has already garbled his own bank balance and upon receiving the pieces of encrypted information from Alice, he’s able to decrypt the circuit and receive an answer to the question without revealing any specific information about Alice’s net worth.
While garbled circuits are one of the most powerful cryptographic techniques available, early iterations of the protocol were always limited to computational models within programs. They certainly weren’t fast enough for blockchains which relied on near-instant communication and fast settlement times.
This all changed with COTI and Soda Labs’ breakthrough that revolutionized the speed and power of garbled circuits. This optimization has been so profound, that it now provides a computation speed that is up to 1000 times faster than FHE-based systems, latency that is up to 100 times faster than current solutions and storage requirements that are up to 250 times smaller than those needed by fully homomorphic encryption. Additionally, garbled circuits can handle transactions that affect a private state shared among multiple parties (unlike ZK-based solutions) and aren’t affected by single-point-of-failure vulnerabilities like those discovered in TEE solutions.
This breakthrough unlocks a whole new world of use cases.
BCN: A Web3 environment that provides on-chain immutability while maintaining complete privacy could further push the limits of what is possible on blockchain technology. What new use cases could it open up that were not possible with the existing encryption systems?
SBG: This is one of the topics that really gets me excited about the future. Beyond things like confidential payments and defi, confidentiality on the blockchain opens up a whole new host of novel use cases that don’t necessarily have an equivalent in the traditional systems of the world.
Take sensitive on-chain data management for example. With blockchain privacy, users will be able to store data on-chain in an encrypted manner and then allow others to query this data confidentially. With the assurance no private information is leaked to unauthorized parties, this incentivizes individuals to allow their data to be used in scientific research or medical studies. Take that concept a step further and you have the ability to train advanced machine learning models on large, on-chain datasets without violating personal privacy or infringing upon a company’s intellectual property.
Then you have new applications in the world of on-chain voting. Individuals have the ability to confidentially tally votes on-chain and have the numbers independently verified in an audit without revealing any specific individual’s voting choice. This strengthens the integrity of elections and reduces the ability of coercion from outside influences.
Even more interesting is the expansion of the concept of decentralized identity. With Dynamic DID, individuals will be able to import digital identities from trusted organizations, as well as encrypt, store, and manage their own private credentials on-chain. This allows individuals to prove their identity or financial status within Web3 without having to disclose any sensitive information or send private documents to a third party.
At the same time, dapps will be able to interact with digital identities and query them on specific insights (e.g Is the user a US citizen? Is the user over 18 years old?). All of this happens in a permissionless manner, with no specific, private information being shared between parties. These are just a few examples, of course, the sky’s the limit.
BCN: For years, numerous platforms have offered complete privacy and anonymity. However, enterprises have been cautious in their approach to Web3. Could you elucidate why this is the case and what steps need to be taken to expedite enterprise adoption?
SBG: I think that complete privacy or true anonymity in any system almost always ends up being used by people with less-than-honest intentions. It becomes a place where rules don’t matter and people are more inclined to take advantage of one another. This is even despite the often good intentions of the projects that provide this privacy. You only have to look at the fate of mixer services like Tornado Cash to understand that regulators don’t agree with services that enable anonymity for their users.
It’s no wonder enterprises have traditionally been hesitant to venture far into Web3.
In order to accelerate mainstream adoption, we need to have the same protections and regulations that exist in traditional financial systems. This means instead of anonymity, which obscures the identities of the parties involved in a transaction, COTI V2 will provide confidentiality to protect the details of a transaction.
What are your thoughts about this interview? Let us know what you think in the comments section below.