[Below is my contribution to CoinDesk's Privacy Week]
The Privacy That DeFi Needs to Succeed
The transparency of blockchains is often marketed as a benefit. It's not. Main Street financial consumers are never going to adopt blockchain-based financial tools as long as blockchains are radically transparent. Regular folks have secrets that they want to keep.
One of the most promising use cases for blockchains is decentralized finance (DeFi). The people who are building DeFi tools aspire for DeFi to be something more than a skate park for the risk-loving crypto-rich. They want their tools to solve real-world financial problems faced by individuals and companies, including America's 31.7 million small businesses.
Imagine a cash-starved manufacturer in Toledo, Ohio, that has a good idea for a product. It could go to its banker for financing, but instead it turns to DeFi. In a jiffy, it tokenizes a bunch of receivables onto a blockchain and lodges them as collateral on a decentralized lending platform in return for U.S. dollar stablecoins. A few moments later, it swaps these dollars for Euro stablecoins using a decentralized exchange, sending them to its French supplier to purchase inventory.
This chain of transactions has the promise of being cheap, fast and avoiding the walled garden of regular banks. Unfortunately, our Toledo manufacturer probably won’t bother.
All blockchain transactions are public by default. The government, your competitors and your mother can all see what you are doing. Blockchain analytics firms like Chainalysis and CipherTrace make it their business to track, analyze and interpret every trade and transaction.
Secrecy is vital to commerce. Not only is it important for businesses to protect the privacy of their customers, they must also keep their competitors in the dark lest their long-term strategy be divined and countered or copied. Our Toledo manufacturer doesn’t want its intentions to be telegraphed by their on-chain financial preparations.
As for individuals, they don't want their friends and colleagues to know what their salary is, or what kinds of porn they're purchasing. No one wants to be doxxed. We like our secrets.
Bricks-and-mortar finance is already capable of providing the secrecy that Main Street requires. Individuals and corporations generally trust their old-school bankers not to reveal information about their financial dealings to others. It's not quite cash-level anonymity. Yes, there are leaks and hacks. And under certain conditions, a banker must disclose information to law enforcement. But in general, Main Street trusts the confidentiality and probity of their financial provider.
So if Main Street users are ever going to migrate over to DeFi, privacy will have to be built first. But not just any privacy.
Tornado Cash has become the DeFi world's go-to tool for achieving anonymity. A user can send funds to a Tornado Cash smart contract where it gets mixed up and obfuscated with other people's funds. Later, that user can surreptitiously withdraw the same amount of money to a separate address. A technology called zk-SNARKs is used to reduce the ability of third parties to trace funds through Tornado.
Unfortunately, Tornado Cash has become a popular venue for thieves to clean stolen funds. The presence of criminals will make Main Street businesses like our Toledo-based manufacturer hesitate. Depositing company funds into a Tornado Cash smart contract may be construed as mixing them with criminally-derived funds. That's probably not the sort of money laundering risk that licit money wants to take.
The best solution for bringing privacy to DeFi is native anonymity. That is, all blockchain transactions have to be opaque by default. That way, Main Street users get the privacy they require without having to take the risk of jumbling up their coins with crooks. (Approaches like the Aztec Network, a privacy layer implemented on top of the base Ethereum layer, might be a solution.)
While native anonymity would solve Main Street's very real need for secrecy, it will lead to the next hurdle to widespread adoption: too much anonymity.
If a Main Street financial user like our Toledo manufacturer can't risk tumbling their coins with dirty money on Tornado Cash, neither can they risk commingling their funds on decentralized exchanges or lending tools that grant unconditional access to everyone, including thieves' dirty funds.
To make their tools palatable for Main Street, DeFi tool makers will have to unwind some of the native anonymity (potentially) afforded by blockchains by collecting and verifying identifying information from users. This way the tools can screen out criminals, assuring legitimate businesses that their clean funds aren't being tainted by dirty money.
The implication is that DeFi tools will have to become privacy managers, just like old-school banks are. Users will have to trust the tools to be discreet with their personal information, only breaking their privacy when certain conditions are required, such as law enforcement requests.
It’s possible that DeFi succeeds in doing a better job of preserving privacy than traditional financial institutions. By using zero-knowledge proofs for collecting identity, DeFi tools may be able to control the spray of personal information required to gain access. This may reduce the amount of information that gets lost to hacks.
In sum, if DeFi wants to attract Main Street users, an odd mix of more secrecy and less secrecy is required. Secrecy is important to businesses and individuals. They don’t want their information to be naked for all to see. But Main Street doesn't want complete anonymity. It wants to use DeFi tools that strip away just enough secrets to assure that dirty money is being excluded.
Only when this balance has been achieved will businesses like our Toledo, Ohio, manufacturer venture onto the blockchain.