PRIVACY PROTOCOLS IN BLOCKCHAIN: AN OVERVIEW (Part 1)

In the previous article, we discussed elementary features of anonymous cryptos compared to bitcoin and other alternative coins. We raised a trade-off between privacy vs transparency in blockchain. In this paper, we go through development of privacy protocols and their implementation in blockchain space. Privacy ensures that only certain people (the sender, the receiver, transaction verifier, record keeper and authorities) are granted to access the transaction info, not public. Confidentiality means that no one can know transaction details except the sender and the receiver.

Note that complete transparency in Bitcoin has merits but exposing all transaction information to the public is not suitable for banking services and many other fields. Developers and researchers have addressed the issue and made some progress in privacy. Notable techniques can be mentioned here: Indistinguishability Obfuscation (IO), usage of homomorphic encryption, ZKPs, and ring signatures.

Indistinguishability Obfuscation is a beautiful cryptographic technique that can serve all privacy and confidentiality issues in blockchain. IO allows for code obfuscation, which is a very ripe research topic in cryptography. It can make an unbreakable obfuscation mechanism that will turn smart contracts into a black box. The key idea behind IO is a multilinear jigsaw puzzle, which basically obfuscates program code by mixing it with random elements. If the program is run as intended, it will produce expected output. Otherwise, it makes the program look random and garbage. However, the technology is not ready for implementation and deployment in practice.

Homomorphic encryption allows operations to be performed on encrypted data without knowing anything about it. Like IO, this technology is almost in theory. However, significant advance of the concept has been implemented in Enigma project by MIT’s Media Lab. On blockchains, the technique enables processing on ciphertext. For example, the data stored on the blockchain can be encrypted using homomorphic encryption and computations can be performed on that data without the need for decryption, thus providing privacy and confidentiality.

Zero-Knowledge Proofs (ZKPs) allows the prover can prove to the verifier that they know a value X without showing any information apart from X. To prove that one possesses knowledge of certain information, it is trivial to reveal it. The difficulty is to prove the possession without disclosing the information. A practical algorithm, Succinct Non-Interactive Argument of Knowledge (ZK-SNARK) has been implemented successfully in Zcash to ensure privacy. Ethereum R&D team is collaborating with Zcash Company to integrate the protocol on Ethereum is already a very active research project being run by. Another excellent paper is HERE. An additional ZKPs is Zero-Knowledge Succinct Transparent Argument of Knowledge (ZK-STARKs) which is an improvement on ZK-SNARKs. ZK-STARKs consume much less bandwidth and storage as compared to the formers. Also, they do not require the initial, somewhat controversial, trusted setup that is required for ZK-SNARKs. Moreover, ZK-STARKs are much quicker than ZK-SNARKs, since they do not make use of elliptic curves and rely on hashes. Another ZKP is Zero Knowledge Prover and Verifier for Boolean Circuits (ZKBoo) but nowhere has implemented it yet.

State channels are a possible solution for privacy, available on Hyperledger project. The idea relies on the fact that all transactions are off-chain, the main blockchain does not see the transaction at all except for the final state output. The original and full version of transaction info is stored at the channels (as side-chains).

Secure multiparty computation is based on the notion that data is split into multiple partitions between participating parties under a secret sharing mechanism. Then the network processes the data without the need of reconstructing data on a single machine. The computed output is shared between the parties as well.

Specific hardware can provide confidentiality trusted computing platforms. For example, Intel Software Guard Extension (SGX) allows code to be run in a hardware-protected environment called an enclave. Once the code runs successfully in the isolated enclave, it can produce a proof called a quote that is attestable by Intel’s cloud servers. However, ones concern that trusting Intel cause a certain centralization that is not a true philosophy of blockchain. Nevertheless, many platforms have used Intel chips. On smart contracts then, once a node has executed the smart contract, it can produce the quote as a proof of correct and successful execution and other nodes will only have to verify it. This idea can be further extended by using any Trusted Execution Environment (TEE) which can provide the same functionality as an enclave and is available even on mobile devices with Near Field Communication (NFC) and a secure element. (To be continued)

This article is part of a series of analytical articles produced by RealTract Network in association with Paven & Associates.