Blockchain Privacy 101: What’s Been Built and What’s Ahead
The crypto privacy space is another rabbit hole that includes a plethora of technical jargon and 3-letter acronyms, turning articles from a 3-minute read into a 30-minute one.
Here, we’ll try to demystify what’s out there in the crypto privacy sphere by giving you a quick overview of the solutions that have been built so far, and the main challenges ahead.
Disclaimer: there are many different solutions out there—this overview doesn’t do justice to the enormous innovation and creativity that’s going on in the field. However, we hope this will help you to better understand what’s out there and the challenges the field is dealing with.
#1 Privacy coins
You’ve probably already heard about privacy coins like Monero and Zcash. And that’s because they’re modeled after the OG of crypto: Bitcoin. In short: privacy coins help you hold and transfer your crypto without revealing your financial data.
Privacy coins achieve this by making sure you’re 1) anonymous, by hiding your identity when making a transaction, and 2) untraceable, by “scrambling up” a trail of transactions so outsiders can’t follow it.
Why privacy coins exist
Not everyone who dabbles in crypto knows Bitcoin is actually very transparent — more transparent than much of the fiat world.
That’s because the Bitcoin blockchain is public, and all transactions with bitcoins show up on a public ledger. With the use of off-chain and other public data, observers could find out what wallet address belongs to whom. If someone knows your wallet address they can see everything, from what you hold to the other addresses you interact with.
This is where privacy coins come in. They enable users to hold and transfer crypto assets without any observer being able to take a peek inside their wallet.
Privacy coin designs — A few examples
Just like with “public” cryptocurrencies, transactions still need to be verified and transaction data has to be stored. That’s why privacy coins use several techniques to make sure your identity and assets are kept hidden on the blockchain. Let’s go through a couple of famous privacy coins to get an idea.
Monero (XMR)
Monero (XMR) is one of the privacy coins with the highest market cap, and the fact that there’s a bounty by the IRS to hack it says it all. Monero has a private by default design. This means the base layer of the protocol is privacy-enabling and all transactions are private without exception.
Monero gained its reputation as unhackable from the myriad of clever ways it uses to ensure one can’t track where transactions come from or are going to.
One of these is stealth addresses. When you transfer XMR to someone, you’ll send it to a one-time “stealth address” only the recipient can find. It’s like putting a box on the blockchain in a location only the recipient has the map to. By not sending a transaction directly to the recipient’s wallet address but to a stealth address instead, outsiders can’t link the transaction to the recipient, and one’s identity is kept secret.
Another technique Monero uses is called ring signatures, which are used to hide the sender’s identity. When someone signs a transaction, their signature is combined with past transactions on the Monero blockchain. As a result, outside observers can’t infer who signed the transaction. It’s like using döppelgangers to make the real “you” indistinguishable.
📖 This is a very simplified explanation of how Monero works. The reality is much more complex, with technical features we haven’t covered here including RingCT and Bulletproofs. If you’re intrigued and want to dive a bit deeper into the tech, we recommend checking out the Monero website and this video by Siraj Raval.
Zcash (ZEC)
Zcash (ZEC) is another famous privacy coin but has a very different design.
Zcash is a fork of the Bitcoin protocol and — unlike Monero — starts out public. You can then choose to send your ZEC from or to either a shielded or a public wallet address. If you use a public address, all your data is public and it’s like you’d transfer BTC. But if you use a shielded address, your data appears encrypted on the blockchain and you’ll need a viewing key to view your transaction.
Nodes that verify transactions on the network will still be able to verify your transaction is legit and avoid double-spending using a zero-knowledge proof system called ZK-SNARK. Zero-knowledge proof is an ingenious encryption method that allows you to prove something without needing to reveal specifics of the actual event. It’s like being able to go into a pub and confirm you’re of legal drinking age without having to reveal how old you are.
If you post something with a shielded address, you post a zero-knowledge proof to “prove” to the nodes on the network that the transaction is legit—without having to reveal who you are, how much you’re sending over, and to whom.
📖 This is, again, greatly oversimplified, and zero-knowledge proofs and Zcash are fascinating and worth a read. If you want to learn more, check out the Zcash documentation.
Beam, Grin, Dash, etc.
And then there are many many more privacy coins, all with their own designs, pros, and cons. For now, we hope this has given you a better idea of how privacy coins work and what’s possible.
#2 Coin mixers
Coin mixers, also called tumblers, give owners anonymity while using a public blockchain. They’re commonly used after accessing a KYC platform (like a centralized exchange) to “anonymize” one’s crypto.
Coin mixers actually existed before privacy coins. And the CoinJoin protocol, which is a decentralized coin mixing protocol, is used in the design of many privacy coins including Zcash and Dash.
How coin mixers work
When transferring crypto, coin mixers “delink” source and destination so it becomes hard to track where crypto came from, i.e. “follow the money”. Coin mixers do this by collecting many transactions of the same amount from different people. Once it has collected enough transactions, all the transfers are paid out at the same time, leaving observers guessing what wallets transacted with each other.
It’s like taking a big bucket and putting everyone’s transactions in it, then giving it a good shake so everything looks the same, and giving everyone what they put in.
Types of coin mixers and their pros and cons
There are centralized coin mixers like blender.io, where you have to send your crypto to a custodial wallet. They then use programs to mix the coins and send them to their destinations. The big downside is that you need to be able to trust the coin mixer with your money. And even if you do, there’s still a single point of failure, making the service more vulnerable to attacks.
Of course, the idea of a custodial wallet holding their coins doesn’t appeal to many privacy-minded folks. That’s why we have decentralized coin mixers, where you pool your funds with those of others which get returned at random by the platform (e.g. code) that governs it. Popular decentralized coin mixers include the Wasabi Wallet and Samourai Whirlpool, and the most widely used coin mixing protocol is CoinJoin.
However, there’s one big drawback to decentralized mixing services: chain analysis can reveal whether crypto has been “mixed” using one of these services, and exchanges have started rejecting crypto that bears this “stamp”—whether you did the actual mixing or not.
There are also layer 2 coin mixers like Tornado Cash, which is built on Ethereum. With Tornado Cash, you deposit your ETH or ERC-20 tokens in a smart contract and withdraw these at a different address. Tornado Cash uses zero-knowledge proofs to check your eligibility to withdraw funds, without revealing what coins you exactly deposited.
📖 For more details on how Tornado Cash works, check out this article.
#3 Privacy-preserving smart contract platforms
Until now we’ve only covered platforms that give you transactional privacy, i.e. enable you to keep your financial details private while transacting. But that leaves out a big use case: being able to support privacy-preserving applications.
Privacy-preserving smart contract platforms do exactly that, and allow developers to build all kinds of private apps including decentralized exchanges, anonymous messaging platforms, and NFT marketplaces.
The challenge with making smart contract platforms privacy-preserving
Making smart contracts privacy-preserving presents a whole new set of challenges.
Smart contracts are pieces of code that execute automatically when predetermined conditions are met. The outcome can be as simple as sending a token to someone or as complex as an AI program.
To support these different outcomes, smart contracts need to support different inputs, outputs, and computations. If you want to keep user data private while supporting this degree of flexibility, you need special encryption techniques.
One way to achieve this is to find a way to perform computations on data while it’s encrypted. We also call this “computational privacy” or “programmable privacy”.
This is not an easy feat, but several blockchain networks have already achieved this:
Secret Network (SCRT)
Secret Network uses Secret Contracts, which are smart contracts that encrypt user data, i.e. input, output, and state, by default. This means that when transactions and interactions with Secret Contracts get recorded onto the blockchain, outside observers can’t make sense of it. The code of a Secret Contract can still be viewed and verified by anyone, but the data flowing through it can’t.
Imagine a big Excel sheet with lots of encrypted data — that’s kind of what the Secret blockchain looks like. But note: our native coin SCRT is public, so interactions with SCRT like gas fees will be observable on-chain.
Transactions still need to be verified and recorded onto the blockchain, which is where secure enclaves, also called “trusted execution environments” (TEEs) come in. These act like a black box in which data can be decrypted and processed without anyone being able to access it. Every validator on Secret Network needs to have a TEE that matches our latest requirements as part of their setup.
To give owners access to their data (and hence assets), we use key management software. Owners can, with their private key, create viewing keys and permits, which give them and others they share these with viewing access to their accounts.
Dusk Network (DUSK)
Dusk Network aims to offer computational privacy (currently on testnet) and focuses on offering compliant financial applications and on-chain securities.
To achieve this, they use an innovative consensus mechanism called proof-of-blind in combination with zero-knowledge proofs. In very general terms, the proof-of-blind consensus mechanism makes sure the data within blocks is kept private, and the zero-knowledge proofs are used to verify the data is legitimate before it's recorded onto the blockchain.
If you’d like to dive more into the technical details of Dusk, check out this article by Binance Research.
Another cool thing to know about Dusk is that they use a novel zero-knowledge proof library called PLONK to speed things up, which is important as zero-knowledge proofs are computationally intensive. Here’s an interesting (but technical) article by Vitalik on PLONK vs other zero-knowledge libraries, like Zcash’s SNARKs.
DERO
Dero is a proof-of-work blockchain protocol that uses homomorphic encryption (the ability to perform computations with encrypted data) to bring transactional privacy to a new level. The homomorphic counter included in the DERO blockchain allows for non-interactive private smart contracts.
The biggest challenge for smart contract crypto privacy solutions right now
There’s a lot of discussion around the use of hardware and TEEs in privacy solutions. And it’s true that software-based privacy solutions are the holy grail, as they are easier to upgrade and eliminate any dependency on a third party.
But, right now, software-based privacy solutions are very computationally intensive, especially when trying to apply them to smart contracts (i.e. achieve programmable privacy). This makes purely cryptographic privacy solutions incredibly slow, expensive, and hard to scale.
That’s why we chose to include hardware in our setup for now. It enables us to offer computational privacy live on mainnet where many other smart contract platforms can’t, until the technology has been developed far enough to switch to software-only.
📖 Want to know more about how we’re mitigating the risks around the use of TEEs in our privacy setup? Check out this article by Shade’s Carter Woetzel.
Crypto privacy tech — truly the bleeding edge
This is a very simplified overview of privacy solutions in the space. In reality, there are many different types of solutions out there, all with their own subtle differences.
Privacy crypto solutions are truly operating on the bleeding edge of technology. And while it’s fascinating and exciting, it’s also complex and creates significant technical and user experience challenges.
But with the current pace of innovation and all the players in the field, we have full confidence that we can tackle blockchain privacy, and give users a web that’s more decentralized and privacy-preserving.
Want to learn more?
This is just the tip of the iceberg. So if you want to learn more, head over to:
- Our About Secret Network page for a global overview of our tech & how it works
- Our graypaper to dive even deeper into Secret Network’s tech
