I had the great pleasure of sitting down for an extended chat with Reuben Yap, project steward of Zcoin, on the nature of privacy in cryptocurrency and the various privacy coins. We discussedthe ongoing tech battle between forms of obfuscation and de-anonymization techniques, including the different ways of correlating bits of leaked information together in order to infer enough to completely reveal transaction details. We went over the complexity of the privacy issue with different elements of a cryptocurrency to be obscured: transaction graph, send amounts, and network information, and misconceptions that all “privacy coins” obscure all three rather than just one, when most simply affect the transaction graph, as well as the false idea that coins which attempt to obscure multiple aspects are inherently better at obscuring the transaction graph than a coin that specifically targets that one aspect.
Significant tradeoffs in privacy, especially inflation risk and user experience detriments
We also covered the various tradeoffs between privacy techniques such as Dash’s PrivateSend and other CoinJoin-based variants, ring signatures such as Monero uses, and the various zero-knowledge proofs from Zcash to Zcoin. The strongest tradeoff tends to be user experience, with advanced encryption taking more time to process, more fees, more data, and more room for issues to crop up, dissuading the general public from attempting to take advantage of advanced privacy techniques. A more edge case but still real problem is the ability for inflation bugs and other catastrophic issues to befall a chain which has hidden supply, a problem that completely transparent blockchains such as Dash and Bitcoin don’t have.
Finally, we got an outline of the upcoming Lelantus protocol, which promises the best-in-class privacy by default when released by burning and then releasing coins from the burn state to new addresses in completely separate amounts. This may remove some of the bigger data leaks that privacy coins deal with, as well as maintain a smooth user experience, allowing Zcoin (and potentially other coins which may adopt the technology) to have default privacy with an optional transparent state for more well-regulated reasons.
The full interview is included above.