Navigating the pseudonymous and anonymous facets of blockchain transactions resembles weathering sudden shifts between warmth and cold. Developers find it challenging to maintain an equilibrium between transparency and privacy in the blockchain landscape, caught between hard rock and the deep blue sea as they grapple with the decision to either maintain the traditional banking system status quo that gives preference to pseudonymity or adopt an approach that reaffirms the decentralized ethos of blockchain technology. In the September 2023 edition of ETHWarsaw in Poland, an event organized by a passionate group of local Ethereum enthusiasts connecting a global community of Web3 builders, founders, and educators, Adam Gagol, one of the four co-founders of Aleph Zero, spoke expressively about the future of anonymity and how Aleph Zero's blockchain innovatively compensates for the falling standards of blockchain privacy.

Pseudonymity, Anonymity, and Blockchain

Pseudonymity, the default state in most blockchains, provides users with a layer of privacy by allowing them to transact using a wallet address rather than their real name. Sounds familiar? Of course, it is. Banks often use account numbers or pseudonyms to represent account holders, and these identifiers are not publicly disclosed. However, the actual account activity and details are accessible to the bank and authorized entities for regulatory and security purposes. This, however, poses challenges when examining the sender-receiver relationship. For instance, when Alice sends cryptocurrency tokens to Bob, the transaction is recorded on the blockchain, and visible to anyone. While Alice's identity remains concealed behind her pseudonym, the transparency of blockchain raises concerns about traceability. By interacting with Bob, Alice risks revealing her entire transaction history! However, Anonymity, the next level in the spectrum, introduces a degree of privacy by concealing the identity of the sender or the party involved in a transaction. If, for example, Alice sends tokens to an undisclosed recipient, the on-chain record shows the action but the identity of the transacting parties is entirely undisclosed, is less common in traditional banking, and is a distinguishing feature of certain blockchain systems. Privacy, the most stringent level, ensures that only the fact that a transaction occurred is visible to the public. Cryptographic techniques are employed to mask the actual content of the transaction. For instance, if Alice initiates a transaction, cryptographic data is published on-chain, making the details indecipherable to anyone except the transacting parties.

Challenges in Anonymity

The practical implementation of anonymity in blockchain encounters various challenges, as illustrated by the sender-receiver dynamics. One prevalent issue is the linkability problem. Even if Alice utilizes multiple addresses to obfuscate her transactions, determined actors, such as Bob, could employ sophisticated tracking methods and potentially trace and link her actions, unveiling her entire transaction history. This poses a significant threat to user privacy, exposing sensitive information to potentially malicious entities. The challenge becomes apparent as users find it difficult to achieve true anonymity due to the traceability of transactions. To address these challenges, users like Alice often resort to third-party mixing services, where a centralized entity, like an exchange such as Binance, acts as an intermediary for transactions. Alice deposits tokens on Binance, and the exchange facilitates their transfer to a new address, enhancing privacy. However, this centralized solution contradicts the decentralized ethos of blockchain technology, introducing a centralization paradox.

Aleph Zero's Response

Aleph Zero recognizes the limitations of existing solutions and introduces innovative approaches to enhance privacy without relying on centralized services. Leveraging cryptographic advancements, specifically zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge), Aleph Zero introduces a form of invisibility cloak, a technique that allows multiple users to deposit tokens into a pool and withdraw them using cryptographic proofs, creating a seemingly untraceable link between the sender and receiver.

The Dilemma of Misuse

Privacy-enhancing techniques, such as Aleph Zero's, offer significant advantages but also raise concerns about potential misuse. Cryptocurrency mixers, including well-known ones like Tornado Cash, have been exploited by hackers for money laundering. There have been cases where illicit funds accounted for a substantial percentage of transactions within anonymity pools. According to federal investigators, mixing services is increasingly popular among cybercriminals as a means of hiding and moving illegal profits. Tornado Cash was accused of knowingly allowing the Lazarus Group to launder money on behalf of the North Korean government in the spring of 2022. This misuse prompts governments to take action, impacting both malicious users and those seeking legitimate privacy.

Introducing Liminal: Aleph Zero's Secret Sauce

In response to the challenges posed by misuse and regulatory actions, Aleph Zero explores a multifaceted approach to strike a balance between user privacy and countering illicit activities. According to Aleph Zero's co-founder, one of the oldest tricks in the books is the voluntary review mechanism, otherwise known as the concept of viewing keys, which allows users to maintain full anonymity while providing cryptographic proofs when necessary. This empowers users like Alice to selectively reveal transaction details for legitimate purposes, such as financial audits, without compromising their overall privacy. Proof of innocence, another avenue explored by Aleph Zero, attempts to address the linkability problem. By providing cryptographic proof that funds did not originate from a blacklist of addresses, users like Alice can demonstrate the origin of their funds and hence, the legitimacy of their transactions. However, challenges such as the dynamic nature of blacklists and the need for frequent updates present hurdles in the practical implementation of this approach. Aleph Zero's unique proposition lies in the introduction of external review controllers. These controllers act as external entities with knowledge of user IDs and possess the authority to make decisions when illicit activities are detected in an anonymity pool. The review controller concept involves assigning an ID to Alice within the system. When a hack is detected, the external controller, potentially a KYC provider or a committee, decides whether to reveal or withhold entire trades associated with the illicit address. This controller can be a single party, a group sharing a secret, or even a Decentralized Autonomous Organization (DAO) determining which addresses are considered illicit. Unlike traditional blacklists, the challenge lies in safeguarding the secret within the review controller. Creating a DAO for this purpose is trickier than blacklisting, as it requires not only a decision-making mechanism but also a secure storage solution for the sensitive secret. While more challenging, sharing secrets in larger committees remains feasible for this purpose. This introduces an additional layer of oversight, offering a potential solution to the problem of misuse. The controller's decision to reveal or withhold transaction details provides a dynamic mechanism to counter illicit actions. In Adam Gagol's closing remarks, he addresses the challenges posed by the complex issues of pseudonymity, anonymity, and the centralization paradox in blockchains. He explored three strategies to counter these challenges: proof of innocence, voluntary reviews, and review controllers. Gagol states,

The Future of Anonymity

Aleph Zero's Liminal is the first hybrid interchain privacy framework that offers innovative security measures based on a unique combination of zero-knowledge proofs (ZK-SNARKs) and Secure Multiparty Computation (sMPC). It is a hybrid privacy protocol that seeks to provide a robust and holistic approach to safeguarding sensitive information, covering both reactive and proactive dimensions of privacy and security. In review controllers, the external entity (controller) makes decisions post-hack, determining whether to disclose or withhold information. This mirrors the need for privacy in the ZK-SNARKs scenario, where a prover produces concise proof, convincing a verifier of correct computations without revealing personal data. Similarly, sMPC addresses privacy concerns by keeping sensitive data off-chain on multiple nodes. Access requires a secure handshake among nodes, preventing any single entity from accessing encrypted contents without unanimous consensus. This aligns with the challenge of safeguarding secrets within the review controller, requiring secure storage and decision-making mechanisms. Together, these approaches contribute to a comprehensive strategy for protecting sensitive information at various stages of data handling within the Liminal privacy framework.

Conclusion

In conclusion, as we navigate the thicket of pseudonymity, anonymity, and the centralization paradox in blockchains, the innovative solutions presented by Aleph Zero, particularly the Liminal framework, showcase the ongoing efforts to strike a delicate balance between user privacy and countering illicit activities. The challenges posed by misuse highlight the importance of continually refining these privacy-enhancing techniques. Anonymity in blockchain technology calls for not only technical breakthroughs but also an understanding of the ethical and regulatory dimensions associated with privacy and security. As Adam Gagol rightly emphasizes, the journey toward a more private and secure blockchain future involves experimenting with various strategies, such as proof of innocence, voluntary reviews, and external review controllers. The technical complexities may be challenging, but they pave the way for a future where blockchain users can enjoy the benefits of privacy without compromising the integrity of the decentralized ethos.