To many people, one of the most attractive aspects of cryptocurrency is how using it can keep your identity and transactions private.
In my opinion, the ultimate private currency is cash. Yes, theoretically your DNA can be taken from it and analyzed in a lab. But think of how many different hands a $20 bill goes through over the course of a typical year. Someone who works in forensic genetic testing would tell you that DNA found on cash isn’t like DNA found on a gun—too many people touch it to make it feasible to single out an individual.
But cash has two downsides. The first is that paper money (which is actually now made of plastic here in Canada) physically wears out over the years. You’ll seldom see paper money that’s older than thirty years unless it was taken out of circulation and preserved by a collector. The second problem with cash is that more and more purchases are being made online. US retail ecommerce shot up from $42 billion USD in 2002 to $291.8 billion USD in 2016. The American trends reflect a worldwide growth in purchases being made online. Online retailers don’t typically accept cash as a method of payment because sending it through the mail is way too risky and impractical.
Most online payments are either made with credit cards or with proprietary payment technologies that can be connected to your bank account, such as PayPal or Apple Pay. But banks keep records of all of those transactions, records which can be used to trace the transactions to specific individuals. Those banks will cooperate with law enforcement and government agencies if they request information access within certain legal frameworks. Whereas cryptocurrency keeps you anonymous, right?
Some cryptocurrencies are more private than others
Bitcoin is by far the most well-known cryptocurrency. It might also be the least private of the popular cryptocurrencies. Bitcoin transactions are recorded and linked through a public blockchain ledger. Amounts of transactions are recorded, as are their corresponding alphanumeric IDs. Wallet addresses may keep you anonymous, but not if someone discovers your wallet address and can link it to your known identity.
Dash has similar issues to Bitcoin. Both use systems developed to help anonymize transactions by “mixing” them. A non-technical explanation of how transaction mixing works is “when you want to make a payment, find someone else who also wants to make a payment and make a joint payment together.” Dash transactions are anonymized using a similar mixing system that CoinJoin deploys for Bitcoin. The problem is that “masternodes” are required to expediate Dash’s anonymization mechanics. As explained on Master the Crypto:
“There is a real potential for an attacker with great means (e.g. a government, or group of hackers) to consolidate masternodes for nefarious purposes. Furthermore, there is nothing preventing these masternodes from logging the user’s output destinations, and there is no way to audit whether or not a masternode is logging anything at all. This threat is further exacerbated by the fact that most masternodes are hosted on a limited range of Visual Private Servers (VPS) providers – which presents the possible, unknowable vulnerability of the VPS providers being able to log information without the masternode owner’s consent or awareness. Moreover, from a practical standpoint, the mixing process is liable to take up to several hours or days to complete, depending on the amount of rounds the coins are chosen to mix through.”
Verge also has a transparent blockchain, just like Bitcoin’s. Some degree of privacy is offered by routing transactions through I2P and Tor proxy servers. But the wallet addresses themselves aren’t encrypted. Verge’s blockchain ledger can be looked at, and the wallet addresses involved for each transaction are available in plaintext. Aside from Verge’s technical similarities with Bitcoin, Verge is used a lot less frequently than Bitcoin so there’s less data overload if you want to locate a particular transaction.
Zcash is one of the cryptocurrencies with the best privacy implementation. The currency has its own zkSNARKs (zero-knowledge Succinct Non-Interactive Argument of Knowledge)encryption technology. Christian Reitwießner explains the technicalities of zkSNARKs in a paper on GitHub:
“As a very short summary, zkSNARKs as currently implemented, have 4 main ingredients:
- Encoding as a polynomial problem. The program that is to be checked is compiled into a quadratic equation of polynomials: t(x)h(x) = w(x)v(x), where the equality holds if and only if the program is computed correctly. The prover wants to convince the verifier that this equality holds.
- Succinctness by random sampling.The verifier chooses a secret evaluation points to reduce the problem from multiplying polynomials and verifying polynomial function equality to simple multiplication and equality check on numbers: t(s)h(s) = w(s)v(s) This reduces both the proof size and the verification time tremendously.
- Homomorphic encoding / encryption.An encoding/encryption function E is used that has some homomorphic properties (but is not fully homomorphic, something that is not yet practical). This allows the prover to compute E(t(s)), E(h(s)), E(w(s)), E(v(s)) without knowing s, she only knows E(s) and some other helpful encrypted values.
- Zero Knowledge.The prover obfuscates the values E(t(s)), E(h(s)), E(w(s)), E(v(s)) by multiplying with a number so that the verifier can still check their correct structure without knowing the actual encoded values. 1 The very rough idea is that checking t(s)h(s) = w(s)v(s) is identical to checking t(s)h(s)k = w(s)v(s)k for a random secret number k (which is not zero), with the difference that if you are sent only the numbers (t(s)h(s)k) and (w(s)v(s)k), it is impossible to derive t(s)h(s) or w(s)v(s).”
Hopefully that explanation is simple enough to understand!
Reitwießner explains how zkSNARKscan be implemented with Ethereum’s Ether, another popular cryptocurrency:
“There are multiple ways to enable zkSNARKs for Ethereum. All of them reduce the actual costs for the pairing functions and elliptic curve operations (the other required operations are already cheap enough) and thus allows also the gas costs to be reduced for these operations.”
In a nutshell, the transactional backbone of cryptocurrencies is either a public blockchain ledger like Bitcoin’s, mixed transactions through a public blockchain ledger like Dash’s, or a system with more thorough encryption and anonymization like Zcash’s. If you are looking for the greatest privacy, systems like zkSNARKs offer the most.