Privacy Matters: Comparing RPCh to Other RPC Providers

As the world of web3 continues to expand, the importance of privacy and security cannot be overstated. One of the key components that developers and users interact with daily is the Remote Procedure Call (RPC), which facilitates communication between decentralized services and the blockchain. In this blog post, we will compare RPCh (RPC over HOPR) with other popular RPC providers, including Infura, Alchemy, QuickNode, and POKT, in terms of their privacy and security offerings.

Centralized Solutions: Infura, Alchemy, and QuickNode

Infura, Alchemy, and QuickNode are some of the most well-known RPC providers out there. However, they all share one major downside: centralization. Although these providers claim to have strict privacy policies, they still have unchecked access to user data. Consequently, users just have to trust these providers not to harvest or misuse their private information as titans in Web 2.0 have. Trust, don’t verify?

This becomes a much larger issue when you realize how revealing the requests/responses your RPC provider processes are. Users are giving away a complete picture of everything they do online and how they spend their every second. Every small interaction with a web3 service is recorded and timestamped. Leaving users completely exposed for data harvesting, MEV exploits and all kinds of abuse.

Decentralized Solutions: POKT, Decentralized Infura

POKT or Infura’s planned decentralized setup are both steps in the right direction in spirit, but they’re likely to just make users feel less secure about their data. Although no single centralized entity is able to harvest all user data, now we have random node runners processing everyone’s private information. Your IP address and on-chain activity are now more transparent than ever, with only a minimal amount of information required to reveal details you’d prefer to keep private. As demonstrated by DERP, a single routine request from your MetaMask wallet can effortlessly disclose all of your account addresses. This tradeoff isn’t ideal and doesn’t solve the fundamental problem that your data is simply just too exposed. This is where RPCh comes in.

A Privacy-Focused Solution: RPCh

To solve this issue, you have to tackle the problem at its root by creating a solution that breaks the link between user data and user identity, which is exactly what RPCh does by leveraging the HOPR privacy mixnet.

Currently, in its Alpha release, RPCh is the only RPC service on the market which allows your wallet or any connected service to make requests to the blockchain without your provider or any intermediary knowing both the source and contents of the request simultaneously. By decoupling user metadata from the request being made, a plethora of vulnerabilities close up, including your provider’s ability to harvest your data.

But beyond this, by leveraging the HOPR mixnet, RPCh introduces several privacy-preserving features, such as uniform packaging and dynamic routing.

Also, by using a new relay for every request, you get something similar to a VPN that changes more than ten times a second but is also private, unlike most VPNs that leave your data vulnerable to correlation and timing analysis.

Other features such as packet mixing, background noise and anonymous return pathing will only be better used in future releases to increase the privacy offerings of RPCh further.

Data Tampering

One of the most important features RPCh v1 introduces is protection against data tampering. Right now, you trust your provider or any intermediary to give you accurate information from the blockchain — the price of a product, your asset holdings or the state of your transactions. This is fine for now with large centralized providers that have a lot to lose by misusing this data.

But migrating to decentralized solutions such as POKT will become a huge problem. Now you’re trusting random node runners not to front-run your transactions or start feeding you false information to exploit MEV attack vectors. Thankfully, projects such as Helios are solving this by leveraging light-client verification. RPCh v1 will bring a comprehensive solution to market, with light-client verification and complete transport-layer privacy, allowing decentralized solutions to finally be truly viable.

Conclusion

Privacy and security are crucial in this rapidly evolving space. And as we have seen, not all RPC providers are created equal. If we want to keep moving towards the core values of web3, we need to future-proof our infrastructure and build services that offer privacy by default. Adopting privacy-focused solutions like RPCh is how we differentiate ourselves from the issues plaguing Web 2.0 and allow developers, enthusiasts and creatives to continue building in this space without worrying about risking their user’s data just by simply interacting with nodes on-chain.

Sebastian Bürgel,
HOPR Founder

Website: https://rpch.net
Run RPCh Alpha for free: https://access.rpch.net/
Twitter: https://twitter.com/RPC_h_
Discord: https://discord.gg/VRyTQTNBTy

Powered by HOPR: https://hoprnet.org/