Washington is beginning to focus on a wide range of cryptocurrency issues; first the Bitcoin reserve, now privacy is on the agenda.
The United States Securities and Exchange Commission (SEC) will host a public roundtable on financial surveillance and privacy on October 17. This presents a rare opportunity to influence how privacy is handled in economic regulations.
Currently, when individuals use blockchains, they unknowingly expose a significant amount of personal data. By linking a social identity to a wallet, one’s economic activities become public knowledge.
It is crucial not to overlook this level of data exposure in the upcoming SEC roundtable. Zero-knowledge proofs (ZKPs) offer a solution to this issue by meeting compliance requirements without revealing sensitive personal information.
The SEC’s upcoming roundtable indicates a willingness to explore smarter attestations. The agency is reviewing a filing to permit tokenized securities to trade on a national exchange, demonstrating that market methods can evolve without sacrificing surveillance for genuine risks.
Although ZKPs were initially developed to protect privacy, their focus in real-world applications, such as the launch of Zcash, has been on scalability. However, the potential for privacy preservation through ZKPs is immense, and the ability to validate facts without disclosing data is key to restoring confidentiality. The October roundtable presents an opportunity to shift the narrative on privacy from secrecy to regulated privacy.
Privacy is not about secrecy
The concept of radical transparency, often highlighted in Web3, may seem appealing in theory but can lead to a lack of personal privacy in practice. When a wallet is linked to a real-life identity, an individual’s financial transactions and behavior patterns become publicly accessible indefinitely.
The issue is clear-cut: people do not want their financial information to be exposed to the public. Privacy is not about concealing illicit actions; it is primarily about safeguarding personal data shared with the world.
While compliance is essential for integrating blockchain, traditional finance (TradFi), and security, unnecessary data sharing is prevalent. ZKPs offer a solution to this problem by reframing the surveillance debate and assuring regulators that raw user data is not required to manage risks.
By allowing venues to publish proofs of their financial adequacy and adherence to concentration limits, as well as their commitments to users and regulators through ZKPs, regulatory processes can be enhanced, individual rights preserved, and real-time assurances provided for secure operations.
Simplifying regulated privacy
ZKPs have been utilized for years to enhance security and privacy in live environments. However, shielded transactions are often cumbersome, with limited wallet support and perceived as high-risk by some on and off-ramps.
In decentralized finance (DeFi), privacy is compromised further as smart contracts inadvertently expose global state information, such as in automated market makers (AMMs) like Uniswap.
The current designs are not optimized for privacy, leading to a compromise between user data security and trade execution. To progress, semi-private architectures can be implemented to offer robust privacy without sacrificing transparency or compliance.
Semi-privacy involves utilizing Layer-3 (L3) or application-specific domains to generate ZKPs, shielding data from the public Layer-2 (L2). While operators can monitor user activity, they must provide cryptographic proofs of accuracy, solvency, and more to the public chain (or regulators).
This approach enables regulated confidentiality, allowing users to maintain privacy away from the public eye, while designated verifiers can validate data integrity. In cases of operator misconduct, users have cryptographic exits to alternate domains, incentivizing ethical behavior.
Establishing regulated privacy
The SEC’s roundtable must go beyond mere discussions on data and surveillance. It is an opportunity to address outdated tradeoffs in a society where privacy should be the default, in harmony with regulations rather than in opposition to them.
Regulated privacy, which safeguards users while granting regulators necessary visibility (and no more), can instill confidence in consumers and providers. ZKPs achieve this balance, assuring regulators that rules are being followed without compromising user privacy.
The SEC should leverage the roundtable to align policies with current technological capabilities, offering clear guidance on privacy preservation and recognizing proofs as valid forms of regulatory compliance.
ZKPs have significantly impacted blockchain structures and user experiences, making it feasible to extend their benefits to regulatory oversight. With recognized proofs in place, deemed valid by regulators, regulatory privacy can become a reality.
Should ZKPs be deemed essential by regulators for shaping this future? The roundtable provides a platform for answering affirmatively.
Eli Ben-Sasson is the CEO and co-founder of StarkWare.
