Meta: we should value privacy more

privacy
#21

I suggest back-burning all but the simplest privacy initiatives until we’ve solved our problems. Ethereum is already such disruptive technology. And private disruptive tech is even more dangerous.

I can see where you’re coming from, though OTOH non-private disruptive tech is also dangerous (see: recent Facebook scandals etc etc). What we’re suggesting here isn’t full-scale ZEXE, it’s just the minimal simplest level of unlinking needed to ensure that all of a user’s activities, particularly non-financial ones, can’t be trivially publicly linked to each other.

3 Likes
#22

We can travel these roads, but we should tread lightly. In the privacy game, let Zcash and Monero run out ahead. After seeing what false steps they make (and I’m confident there will be at least one), we will then be able to step much more artfully in those pro-privacy directions.

However, my advice is not to frame Ethereum as “privacy technology”, but as “transparency technology”. And then only afterwards start nudging toward privacy technology.

1 Like
#23

I don’t think we should lose focus on privacy. At least go for the low hanging fruit as @vbuterin said. Has anyone considered building a separate WASM with cryptographic technologies from the ground up? These could be delegated special nodes forming a layer 2 MPC style protocol. Thoughts?

1 Like
#24

Enigma have actually done it. https://github.com/enigmampc/enigma-p2p/blob/master/docs/ARCHITECTURE.md

#25

Actually I think there’s more aspects that are very important to privacy than the on-chain considerations. One additional area that I find interesting and we’re working on with HOPR is network-level metadata privacy. A specific example is that you’re in my co-working space and connected to my wifi. Now you make an on-chain txs with mixers, change of address separate account for each dapp and everything that has been discussed in the thread above.

There are now at least two angles from which I can identify you:

  1. As your wifi operator, I know that you are using Ethereum, I know that you just connected to some node (like Metamask / Infura) or that you’re using some wallet (like MyCrypto). With minimal additional meta data info (e.g. I know you’re into crypto kitties from your Twitter profile or I have some additional timing information or I know what gas price you commonly use) I should be able to guess fairly reliably which txs has been broadcasted by you.
  2. Even without making you connect through my wifi, a global passive adversary (someone who smartly connects to Ethereum nodes in order to get a global overview of the topology) could probably find out which tx is known to which node at what time. That should allow for a triangulation of where the tx originated (which node knew it first) and from there it should be possible to identify or attack the sender (get their IP address etc).

Bottom line: Ethereum relies on broadcasting which (in contrast to mix nets) is not designed to be privacy-preserving and does not have as strong privacy guarantees. We need some bottom-layer privacy-preserving networking and that’s what we’re working on. Ideally to be implemented as a libp2p transport module at some point to reduce switching costs.

#26

Just reading through the thread and it sounds like there are two low hanging fruit.

  • using BIP-32 as stated above
  • A mixer targeted at small amounts of eth used for paying gas

Is that fair to say? Or am I missing some?
Focusing on simple composable parts over a complete privacy solution proposal.

2 Likes