ARTICLE AD BOX
Web3 has a “fundamental” privacy problem that needs to be solved for it to achieve mass adoption, Shahaf Bar-Geffen, CEO of confidential computing platform COTI, told Decrypt.
While blockchain advocates have long celebrated the technology’s transparency, that feature is also a bug, Bar-Geffen said.
“People confuse transparency with a lack of privacy,” he said, adding that, “If 100% transparency is such a great idea, why do you have a shower curtain?”
He explained that, “any data that is transmitted on a public blockchain becomes public by definition.” That ranges from crypto transactions—link a pseudoanonymous wallet address to a real-world identity, and you have a complete record of that individual’s financial history—to the vital data on which applications depend.
“What it means is that we can’t store data on a public blockchain, anything sensitive or commercially important or anything like that,” he said. “Because the minute that data needs to be useful, it becomes exposed.” While you can encrypt data and put it on a public blockchain, the moment you decrypt it to use it, “it immediately becomes public domain.”
Privacy for dapps
That makes privacy an essential feature for decentralized applications (dapps), Bar-Geffen said. “The reality is that it's not just a good idea to have privacy,” he said. “It's also the law, and it's a huge problem that we need to solve if we believe that Web3 is the future.”
A number of privacy projects have sprung up with different solutions to the problem; some use trusted execution environments (TEEs), others employ fully homomorphic encryption (FHE). Those methods involve compromises, said Bar-Geffen; hardware solutions have a central point of failure in the manufacturer, while the costs and latency involved with FHE “just makes the whole thing not useful again.”
Instead, COTI uses a different technology, garbled circuits. “It does the same thing as homomorphic encryption in the sense that you can use encrypted data without needing to decipher it,” said Bar-Geffen, but using cryptography in such a way that it’s able to do so “over a thousand times faster and 250 times lighter than FHE.”
The technology unlocks an array of applications that wouldn’t previously have been possible. “The same way any dapp is better when it’s scalable, the same thing goes for privacy and selective disclosure,” Bar-Geffen said. “Any dapp is better if some of the transactions or some of the data can be kept private.”
He pointed to potential early wins in sectors such as decentralized finance (DeFi), where public blockchains enable front-running of trades. “Let's say you’re an institution and you have proprietary trading or systems, you can't have everybody knowing that,” said Bar-Geffen.
Real-world assets (RWAs) are another opportunity, he said. “The fiduciary duty of institutions that use real world assets is to keep privacy of their transactions—what they hold, client data, etc,” he said. “That's mandatory. That's not even just a good idea—again, it's the law.”
COTI is also working with the Central Bank of Israel on the country’s central bank digital currency (CBDC), in the Digital Shekel Challenge, he said, adding that, “governments understand how important it is for transactions to have a private nature.” He pointed to decentralized identity solutions and AI as other areas where data privacy is a vital component in the toolkit. “Show me the dapp, and I’ll show you why it’s better to have some of it kept private,” he said.
Privacy vs anonymity
At the same time, decentralized privacy technology has come under growing scrutiny from governments and law enforcement, with a crackdown on services like coin mixers that some in the crypto space have dubbed a “war on privacy.”
Bar-Geffen is keen to make the distinction between privacy and anonymity, pointing out that users of coin mixers aren’t able to prove themselves that transactions they’ve made were legal, as compared to confidential transactions that seek to balance privacy and control.
“It's a matter of design and how you build things,” he said. “We've not built a solution that is all or nothing, completely anonymous and can’t be traced back,” he added, explaining that it offers “selective disclosure,” enabling users to “decide what you disclose to whom, and it means that you can uphold the law in any moment.”
COTI has also joined other decentralized confidential computing (DeCC) projects in the DeCC Alliance, an advocacy group that seeks to raise awareness of the technology and explain the distinction between the transactional privacy offered by coins such as Monero and Zcash, and services that use smart contracts with encrypted data on-chain.
“Privacy is the new narrative, but it’s more than that, it’s a meta narrative, in the same sense that scalability is,” said Bar-Geffen. “By that, I mean that it should be thought of as a building block, a column that we can build other things on, because it touches every sector and every vertical. This is fundamental, and this is why I think it's so important.”
Daily Debrief Newsletter
Start every day with the top news stories right now, plus original features, a podcast, videos and more.