How will web3 and DeFi affect privacy?
Crypto enthusiasts are excited about the potential of blockchain-based ledgers to decentralize the financial industry and the web – phenomena known as DeFi and Web3, respectively. There are many critiques of both of these views, including a recent study which found that so-called anonymous transactions could be linked to personally identifiable information. But a new wave of blockchain platforms and protocols are looking to bolster privacy in what many believe is the next paradigm in computing.
What are web3 and DeFi?
Enthusiasm for blockchain technology may have cooled, but in some areas of the tech industry expectations are higher than they have ever been. Supporters see blockchains as the basis for a new funding system (decentralized finance, or DeFi) and a new paradigm for the web (web3, one of the disruptive tech buzzwords of 2021) . Either way, they argue, the transparency and immutability of distributed records will eliminate gatekeepers and strengthen individual freedom.
Web3 and DeFi both have their skeptics. Earlier this month, the Bank for International Settlements described DeFi’s decentralization as illusory – “some form of centralization is inevitable” – and said it currently has “few real world applications”. And in a widely cited blog post, developer and blogger Stephen Diehl eviscerated web3 as “a tasteless marketing campaign that attempts to reframe the public’s negative associations of crypto assets into a false narrative about the disruption of the hegemony of legacy tech companies.”
These reviews did not prevent some users from voting with their wallets. From 2019 to 2020, the value of digital assets locked in DeFi smart contracts increased by 1,800%, from $ 670 million to $ 13 billion, according to a report from the World Economic Forum. The combined value of DeFi tokens reached $ 152 billion this quarter. And around $ 27 billion in cryptocurrency has been used to purchase NFTs, a cornerstone of web3, so far this year.
Investors are enthusiastic. In November, Conensys – the blockchain software provider behind the “MetaMask” portfolio – raised $ 200 million from investors, including HSBC, for a valuation of $ 3.2 billion, shortly after a rise of $ 65 million from JP Morgan, Mastercard and UBS. In October, infrastructure provider Web3 Alchemy raised $ 250 million for a valuation of $ 3.5 billion.
But there are at least two important issues that must be addressed if Web3 and DeFi are to gain public and regulatory approval. The first is the deplorable environmental impact of the âproof of workâ systems that underpin most distributed ledgers. This is already thwarting some companies’ Web3 ambitions: plans for fundraising site Kickstarter and chat app Discord to adopt blockchain-based infrastructure have been met user reaction citing environmental concerns. Ethereum, the blockchain that underlies many Web3 applications, plans to switch next year to a âproof of stakeâ model, which its supporters say will reduce emissions.
How will web3 and DeFi affect privacy?
The impact of web3 and DeFi on user privacy is less discussed. Proponents argue that web3 will improve user privacy by giving individuals control over their data, through distributed personal data stores. But critics say the transparent nature of distributed public ledgers, which make transactions visible to all participants, is against confidentiality.
âRight now web3 forces you to forgo privacy altogether,â Tor Bair, co-founder of private blockchain The Secrecy Network, tweeted earlier this year. “NFTs and blockchains are all public by default and terrible for property and safety.”
Participants in public blockchains generally do not need to disclose their identity, but researchers have demonstrated how transactions recorded on a blockchain can be linked to individuals. A recent paper by researchers at browser maker Brave and Imperial College London, have found that many DeFi applications integrate third-party web services that can access users’ Ethereum addresses.
âWe are finding that several DeFi sites rely on third parties and sometimes even disclose your Ethereum address to those third parties, primarily API and analytics providers,â the researchers wrote. A tracker can access Ethererum addresses at 56% of the 78 DeFi sites examined in the study.
These third-party services could, in theory, link Ethereum addresses to other personal information they hold about the user, the researchers warn. “Leaking Ethereum addresses to Google is particularly problematic because the company likely already has personal information about you, which it can then link to your Ethereum address, which can then be linked to your transaction history on the blockchain. ”
âEthereum addresses are sensitive and private information, similar to credit cards and bank account numbers,â they add. âDeFi sites should treat them accordingly. ”
Privacy protocols for web3 and DeFi
For DeFi and web3 to be private, blockchain transaction data must be isolated from PII. âThere is a need to protect transactions,â says Saeed Hasan, chief technology officer at the Blockchain Council, a group of organizations dedicated to developing blockchain infrastructure.
Due to the demand in the DeFi space and the need for privacy, you are seeing a lot of privacy protocols coming in.
Saeed Hasan, Blockchain Council
This spawns new alternative blockchain platforms and protocols that seek to keep transactions private, adds Hasan. âDue to the demand in the DeFi space and the need for privacy, you see a lot of privacy protocols coming in,â he explains. “Some of the protocols have a very narrow focus while others provide broad support for the whole ecosystem.”
An example is Oasis Network, which describes itself as “the first scalable and privacy-friendly blockchain.” His Oasis protocol enables ‘data tokenization’, which he says allows users to control how their data is used. This, the organization claims, will unlock new, more accessible DeFi apps.
Findora is a blockchain platform and protocol that combines ‘transactional privacy’ with the ability to selectively disclose information to regulators and auditors. This sets it apart from privacy-focused cryptocurrencies – so-called ‘privacy coins’ – such as Monero, which has been described as ‘the cryptocurrency of choice for the world’s leading ransomware criminals’, thanks to its untraceability. Findora received “eight-figure” funding last year and, in October, launched a $ 100 million fund to strengthen its developer community.
Panther, on the other hand, is a developing protocol that works on different blockchain platforms, including Ethereum. It claims to protect the anonymity of transactions with technology – dubbed âzero-knowledge succinct, non-interactive knowledge augmentation,â or zSNARK – that allows an organization to prove that it owns certain data without disclosing it. âPanther will allow vendors to provide privacy functionality in their applications without needing a highly specialized team of cryptographers and privacy technology engineers to do so,â the organization says. Panther Protocol raised $ 22 million in 90 minutes last month in a public sale of its ZKP tokens.
The craze for web3 and DeFi, and privacy technologies in particular, is such that these projects have sufficient funding to develop their protocols and the surrounding ecosystems. But it remains to be seen whether these investments will reassure an audience disillusioned with the way the web 2.0 giants have handled their data.
Claudia Glover is a journalist at Technical instructor.