A new research paper led by Ethereum creator Vitalik Buterin proposes “Privacy Pools,” a new approach to balance privacy protection and regulatory compliance in cryptocurrencies.
The article outlines how Privacy Pools allows users to prove that their crypto withdrawals are not from illegal sources, without revealing their full transaction history. Users can generate zero-knowledge proofs that show their withdrawals are related to approved “sets” of previous deposits.
Privacy pools.
According to the newspaper, this voluntary disclosure system encourages honest users to distance themselves from criminals. By excluding suspicious actors from their association sets, legitimate users can indicate regulatory compliance while still preserving privacy within their sets.
Public blockchains like Buterin’s Ethereum are pseudonymous, meaning transactions are publicly visible, but not directly linked to identities in the real world. Privacy-enhancing protocols like Tornado Cash obscure the source of money, but have enabled crime by hindering surveillance.
Privacy pools are designed to balance openness to regulators with user anonymity. The article states that the protocol is sufficiently adaptable to meet different global regulations by allowing users to customize the disclosures of their association sets.
Buterin has long advocated for “regulatory clarity” in cryptocurrencies, while preserving personal privacy. This research represents his latest effort to foster constructive dialogue between crypto developers, regulators, and policymakers.
The founder of Ethereum co-authored the paper with researchers from the University of Basel and the Swiss Federal Institute of Technology in Zurich.
Inclusion and exclusion sets.
Buterin and colleagues describe two primary strategies for constructing association sets in the paper. The “inclusion” method includes only low-risk deposits based on criteria such as transaction screening tools or membership in trusted communities.
Alternatively, the “exclusion method” means that known suspicious deposits are omitted, but all other activities are kept as potential sources. The article provides examples of how both approaches allow legal users to prove they are not associated with illicit funds.
The researchers argue that association sets should aim to be accurate, stable over time, and large enough to provide meaningful privacy. However, meeting all the criteria may require a trade-off.
While supporting the Privacy Pools concept, Buterin and co-authors warn against centralized parties controlling access. They claim this poses governance issues and could enable data monopolies.
The article says additional research is needed to thoroughly analyze Privacy Pools’ privacy guarantees, incentives, and legal compliance requirements.
The Privacy Pools paper represents Buterin’s latest effort to encourage productive collaboration between the crypto industry and regulators. With thoughtful design, he argues, blockchains can achieve policy goals without sacrificing user privacy.