Privacy in Cosmos Event Review

The first in a 4-part series of events focusing on privacy in the Cosmos Network, funded by the Cosmos community pool and hosted by Zero Knowledge Validator took place on 30th June 2021. Event recordings are available on the youtube channel of our media partner Zero Knowledge Podcast, you can see the video playlist here.

If you would like to hear more about our next event you can sign up to our mailing list here.

In March, we hosted an earlier event around privacy in the Cosmos community with multiple privacy projects building in the network. The interest and momentum generated from that event demonstrated that there was interest in having a privacy community within Cosmos, however the event also highlighted some barriers to the prioritisation of privacy in the network. Standards for privacy technology continue to be lacking and tools for implementation are missing due to the CosmosSDK being written in Go whereas many ZK libraries are written in Rust. It was also apparent that privacy was not a prime concern for the community with only 20% reporting to value it highly, symptomatic of the confusion surrounding the business case for privacy.

This report aims to provide a summary of the key findings and discussion points raised during the most recent Privacy in Cosmos event on June 30th 2021 and how the community sentiment has evolved.

Key Takeaways

• Privacy can be poorly defined leading to confusion in what advocating for privacy actually entails.
• Two frameworks for privacy were examined and presented during Harry Halpin’s keynote speech: 1) the privacy spectrum from total anonymity to fully identifiable and 2) holistic privacy, considering privacy at each layer of a blockchain network.
• To achieve privacy in blockchain systems, multiple technologies are used in combination, observed through all projects that showcased at the event: Nym Protocol, Oasis Labs and Secret Network.
• The implementation of IBC in the Cosmos Network, seen in action through the launch of Osmosis, opens the door for new cross-chain privacy paradigms.
• Interchain Accounts, ICS27, will enable more innovation around privacy allowing private blockchains to manage funds on a public network, with opportunities for private DAOs and enterprise supply chains.
• The development of privacy solutions must be developed with users in mind and with privacy as a default for blockchain networks to scale.
• Validators should take on the responsibility of pushing the narrative that financial privacy is a human right, not to be conflated with criminal anonymity.
• In Q2 2021, attitudes towards privacy in the Cosmos Network have shifted with 66% considering privacy to be important compared to 20% in the previous survey from Q1.

A Framework for Privacy

There are a myriad of meanings associated with the word privacy depending on the context and frame of reference privacy is being considered for. In the first talk and keynote speech of the event, Harry Halpin highlighted this and gave a background for understanding privacy. In the US for instance, the notion of privacy stems from the legal right not to be photographed by a paparazzi, but in Europe, the concept of privacy arose from the mass data collection implicit in the atrocities during the holocaust. Conceptualising privacy in both ways is valid, yet a single coherent definition for privacy eludes us. This causes confusions as to what advocating for privacy actually entails.

Within the realm of cryptocurrency, the association of privacy with money laundering and criminal anonymity is a misguided view that can result in people with limited understanding of these topics distancing themselves from this space. Analysis by Chainalysis showed that from 2017–2020 the average proportion of crypto transactions by criminal entities was ~1%, $10B per year, to put that into perspective, the UN estimates between 2–5% of global GDP, $2T, is laundered annually. Financial privacy should be a human right in place for consumer protection, not associated with deception and criminality. Assaf Morami from Secret Network and Dave Hrycyszyn from Nym Protocol provide examples of networks that can be used to enable financial privacy. Additionally, privacy can empower users to retain ownership of their data and participate in the data economy, discussed by Anne Fauvre of Oasis Labs.

Anonymity, Linkability and Observability

Privacy is also not an absolute, instead it should be considered as a spectrum ranging from absolute anonymity to identifiable with applications of privacy typically granting a user partial anonymity, somewhere between the two extremes. For true anonymity, a user must be unlinkable to what is being observed, i.e. the relationship between items of interest in a system does not change after the observation. Entropy is used as a metric to determine unlinkability, it measures how much information you gain from adding more users to a system. Nested within linkability is the facet of observation. Of particular interest in blockchain systems, unobservability denotes when one item is indistinguishable from another within a system and is undetectable, it can’t be determined whether it exists.

Holistic Privacy

Within a blockchain system there are four layers of data to consider. A leak of data at any layer, can compromise the data on other layers, known as a side channel attack. Therefore, when considering privacy of a blockchain network all elements, from the network layer through to the applications layer, must be considered. Even using Tor, which uses p2p relays, network traffic can be analysed revealing the order of traffic, the timestamps and volume. However, privacy solutions at each layer are still highly valuable for achieving partial anonymity, greater data protection and security.

Layers of a blockchain, adapted from Robinson and Ramesh

Nym Protocol — watch the full video here.

At Nym Protocol, they have approached privacy with a systems perspective considering multiple layers of privacy within their blockchain network. Dave Hrycyszyn presented the technology underpinning Nym Protocol which consists of three key elements: 1) the network layer privacy, 2) transactional privacy and 3) scalability.

1. Network level privacy is achieved through the use of a mixnet and sphinx packets, also used in the lightning network, which makes it impossible to see who is communicating with who.
2. Transactional privacy is brought about through the use of Coconut, a cryptographic signing scheme. Coconut enables new tokens to be created to execute transactions with no historic data attached to it so blind and decentralised signing can occur. Coconut utilises re-randomization, when independent variables are rebalanced to a level that is acceptable and representative of the population a sample is taken from. This enables token holders to demonstrate their right to use a system or participate in governance whilst retaining privacy of their own credentials. The code for Coconut is interoperable and available in both Rust and Go.
3. The final pillar of Nym, scalability, is achieved through the native Nym token. The Nym token provides an economic incentive to sustain the privacy infrastructure within the network. Moreover, an increase in the number of users improves the privacy credentials of the network.

Layer 1 Privacy Solutions

Assaf Morami and Anne Fauvre, both presented layer one privacy solutions implemented for Secret Network and Oasis Labs respectively. Both solutions incorporated the use of trusted execution environments (TEEs), an area of a processor that is highly secure and protected from the rest of the processor.

Oasis Labs — watch the full video here

The Oasis Network consists of a proof-of-stake consensus layer that interacts with chains in a paratime layer. Different paratime chains have unique functionalities that are tailored to specific applications, for example, the TEE based Cipher paratime is for privacy enabled DeFi applications. Smart contracts within this paratime are WASM based with full IBC integration and will have a bridge to Ethereum, they also have the possibility for other privacy preserving techniques, such as zero knowledge proofs to be utilised.

Oasis Labs emphasised fundamental problems surrounding data ownership in web 2.0 — centralised services collect and aggregate personal data, users have no control over their own data and there are no incentives for users to participate in the data sharing economy when they do not have ownership of their data. Their solution is to empower individuals to reclaim ownership of their data, facilitated by web 3.0 technology through data tokenization. The core concept behind the tokenization engine is to tokenize data as a data backed NFT, whether it be a document, image, film or other intellectual property. The NFTs then have encrypted data and metadata attached to them with privacy preserved, and these NFTs can be transacted across the ecosystem. The privacy preserving data backed NFTs are enabled through a combination of blockchain technology and secure computing. Blockchain technology ensures data is auditable and traceable whilst the secure computing ensures that the data remains private at all times. Anne Fauvre introduced two applications of the data tokenization approach: representing genomic data and for musicians to tokenize royalties of their own music.

Secret Network — watch the full video here

The Secret Network is a layer 1 blockchain with encrypted smart contracts — the input, output and states are all encrypted. A user encrypts an input to the system, the nodes perform the computation inside a TEE, the state is encrypted and carried between transactions. Only the user is able to decrypt the output. Smart contracts are written with CosmWasm in Rust which enables ERC20 and CW20 tokens to be privately sent and received with private balances; private NFTs, similar to ERC721 and CW721, are also possible on this network. Already live on Secret Network are bridges to Ethereum and Binance Smart Chain. The privacy first AMM Secretswap secured by Secret Network prevents front running as future transactions cannot be observed in the queue of transactions to be executed. Other unique applications built upon Secret Network include games based on luck and random numbers such as poker or blackjack by taking advantage of the private entropy within smart contracts.

The Future of Privacy

As more chains are added to the Cosmos Hub and interest in blockchain systems continues to grow, privacy must be prioritised for scaling and to encourage more extensive adoption. Yet it is atypical for new networks to be built with privacy as a default which compromises valuable information about their users. To change the narrative around privacy, it is crucial for the privacy community in the Cosmos ecosystem to continue to grow to ensure the value of privacy is realised. To examine the future of privacy three themes will be considered — changes to the Cosmos ecosystem, how users currently handle privacy applications and what validators can do to advocate for privacy.

Recent Developments in Cosmos and their Impact on Privacy

Since the last ZKV privacy event in March, there have been some notable additions to the network. The launch of Osmosis, an automated market maker (AMM) and decentralised exchange (DEX) launched as a chain from the cosmos hub with inter-blockchain communication (IBC), has paved the way for a more expansive view of privacy, not limited to a single blockchain but to encompass multiple sovereign chains. Seeing IBC in action is truly a remarkable feature of the Cosmos network and the functionality is visible through the map of zones. It is also clear that the cosmos hub and the ATOM are providing liquidity for other chains and this paradigm is likely to persist when more chains are added to the hub. According to Zaki Manian, IBC functionality could change the typical way new tokens and networks are launched — token sales to investors could be bypassed through gathering a small number of validators, getting a zone, connecting to DEXs, rallying the community to incentivise a liquidity pool and leveraging the growth of the liquidity pool overtime.

Another exciting implementation for the Cosmos SDK has been that of CosmWasm for smart contracts, utilised by all projects that showcased at Privacy in Cosmos: Nym, Oasis Labs and Secret Network.

Future Cosmos Launches

The Gravity Bridge, a bridge between the Cosmos Hub and Ethereum, is hotly anticipated in the cosmos ecosystem but the launch of ICS 27 sparked more interest during the panel discussion. ICS27 is a standard for interchain accounts, currently in the draft stage, which will enable packets sent from one chain to be executed on a different receiving chain as if the data originated from the receiving chain. This functionality will enable accounts on one blockchain to be controlled by a separate blockchain opening up a host of applications such as group management of funds, staking derivatives and business development between blockchains. In terms of privacy, a private blockchain could manage assets on a public blockchain, this capability could be used for private DAOs or for enterprises wishing to tokenize their supply chains.

Usability Concerns

Harry Halpin emphasised that in practice, users can fall short of correctly utilising privacy tools to shield their own transactions and that privacy is often not enabled by default. Developers of privacy tools must consider the end user and ensure that products are accessible. An example of this approach is seen in the Parcel Paratime built by Oasis Labs, to simplify the onboarding process for enterprise users, the API is intentionally designed not to be reminiscent of typical blockchain environments.

The Role of Validators in Advocating for Privacy

During the panel discussion the role of validators in advocating for privacy was considered. It appears that delegators select validators based upon the status and reputation of the validator rather than the commission charged. This creates an opportunity for validators to provide additional services for their community and delegators in the form of communication channels, airdrops, and tokens of thanks for loyalty. The voting tendencies of validators in governance proposals can also be a motive for delegating, although proposals tend to be focused on accepting or rejecting new features of the cosmos hub rather than informing the direction of development. Still, this reinforces the responsibility to advocate and campaign for changes or research in areas that are compatible with the ethos of the validator, this could certainly be to advocate for privacy. Marketing the message that privacy is important as a human right but also as a mechanism for ensuring markets are safer, and consumers are protected is the stance that validators should take, reinforcing these narratives within their communities.

In the early days of the cosmos hub, many validators were not only producing blocks but concurrently developing protocols to further the network. If a validator is participating in deploying capital for the ecosystem and developing protocols, this could be considered a conflict of interest. As the Cosmos ecosystem develops, it is not inconceivable that many chains will have their own AMMs and DEXs, consequently, validators will have arbitrage opportunities. Validators could redeploy this capital into networks and their community and use funds to advocate for privacy.

Event Metrics and Feedback

A total of 94 people attended the event out of 172 signups. Feedback after the event was positive with all respondents rating the event as 4 or 5 stars out of 5. There appears to also be a shift in attitudes towards privacy with 66% of respondents believing it to be highly valued in the Cosmos ecosystem compared to 20% from the event survey in March.

In terms of the event budget, the event ran approximately to the allocated budget of 550 ATOMS with a price breakdown shown in the table below. The conversion from USD to ATOM was made using an approximate price of $11 per ATOM.

Price breakdown for the Privacy in Cosmos event

Conclusion

The goal of hosting privacy events for the Cosmos ecosystem is to raise awareness of the importance of privacy, gather the community to share ideas and provide a platform for networking. It is encouraging that since March, feedback indicates event attendees are placing a higher value upon privacy, resonating with the core values of ZKValidator. With IBC live and thriving on the Cosmos Network, we are excited to see what new cross chain privacy applications could be developed and are looking forward to the next quarterly event in this series.

Want to attend the next event in the series? Leave your email here to be notified of when it is happening.