A new research paper led by Ethereum creator Vitalik Buterin proposes “Privacy Pools,” a novel approach to balance privacy protections and regulatory compliance in cryptocurrencies.
The paper outlines how Privacy Pools allows users to prove their crypto withdrawals do not originate from illicit sources without revealing their complete transaction histories. Users can generate zero-knowledge proofs demonstrating their withdrawals are associated with approved “sets” of past deposits.
According to the paper, this voluntary disclosure system incentivizes honest users to dissociate themselves from criminals. By excluding suspicious actors from their association sets, legitimate users can signal regulatory compliance while still preserving privacy within their sets.
Public blockchains like Buterin’s Ethereum are pseudonymous, meaning transactions are publicly viewable but not directly tied to real-world identities. Privacy-enhancing protocols like Tornado Cash obscure the source of funds but have enabled crime by obstructing oversight.
Privacy Pools aim to balance openness for regulators with user anonymity. The paper argues that the protocol is adaptable enough to satisfy different global regulations by letting users customize their association set disclosures.
Buterin has long advocated for “regulatory clarity” in cryptocurrencies while maintaining personal privacy. This research represents his latest effort to promote constructive dialogue between crypto developers, regulators, and policymakers.
The Ethereum founder co-authored the paper with researchers from the University of Basel and the Swiss Federal Institute of Technology Zurich.
Inclusion and exclusion sets.
Buterin and colleagues detail two primary strategies for constructing association sets in the paper. The “inclusion” method involves only low-risk deposits based on criteria like transaction screening tools or membership in trusted communities.
Alternatively, the “exclusion” method entails leaving out known suspicious deposits but keeping all other activity as potential sources. The paper provides examples of how both approaches allow legal users to prove they are not associated with illegal funds.
The researchers argue association sets should aim to be accurate, stable over time, and large enough to provide meaningful privacy. However, satisfying all criteria may require tradeoffs.
While supportive of the Privacy Pools concept, Buterin and co-authors caution against centralized parties overseeing access. They argue this raises governance concerns and could enable data monopolies.
The paper says additional research is needed to thoroughly analyze the privacy guarantees, incentives, and legal compliance requirements of Privacy Pools.
The Privacy Pools paper represents Buterin’s latest foray into encouraging productive cooperation between the crypto industry and regulators. With thoughtful design, he argues, blockchains can meet policy goals without sacrificing user privacy.