Source: a16zcrypto; Compilation: AIMan@Golden Finance
From telegraphs and telephones to the internet, new technologies have always sparked fears about the impending demise of privacy. Blockchain is no exception, and privacy on the blockchain is often misunderstood as creating dangerous transparency or a haven for crime.
But the real challenge is not choosing between privacy and security, but building tools that can support both—whether on a technical or legal level. From zero-knowledge proof systems to advanced encryption techniques, privacy protection solutions are continually expanding. Blockchain privacy extends far beyond the financial sector; it also opens doors for applications in identity verification, gaming, artificial intelligence, and more that benefit users.
With the recent signing into law of stablecoin legislation in the U.S., the demand for blockchain privacy is more urgent than ever. Stablecoins represent an opportunity for a billion people to participate in cryptocurrencies. However, for users to feel secure using cryptocurrencies to pay for everything from coffee to medical bills, they need to ensure that their on-chain activities are private. Now is not the time to create myths, but to build.
The debate about privacy is not new, nor is the answer: innovation, rather than myths and misunderstandings, will shape the future of privacy.
Misunderstanding 1: The internet is the culprit for modern 'privacy issues.'
Truth: Nearly a century before the internet emerged, the communication revolution of the late 19th century propelled the development of privacy rights in the United States. Technologies developed by entrepreneurs brought information (news, text, images, and other media) transmission to unprecedented heights, including the first commercial telegraphs, telephones, commercial typewriters, microphones, and more. Historian and professor Sarah Igo observed that, in the America of that time, "privacy conflicts evolved alongside new communication modes," raising new privacy issues: Could the news media use others' names, images, or photos for commercial purposes? Could law enforcement wiretap phone lines to overhear conversations or use photography and fingerprint identification to establish permanent records or registries to identify criminals?
Shortly after these technologies were introduced, legal scholars began to address the privacy challenges they presented. In 1890, future Supreme Court Justice Louis D. Brandeis and lawyer Samuel D. Warren published an article titled 'The Right to Privacy' in the Harvard Law Review. Since then, privacy law has steadily evolved throughout the legislative, tort, and constitutional realms of the 20th century. More than a century after Brandeis and Warren published their legal commentary article, in 1993, the first widely used commercial internet browser Mosaic was released, and privacy issues related to the internet increased.
Misunderstanding 2: The internet can function normally without privacy.
Truth: The early internet lacked privacy protection, severely hindering its wider adoption. Generally speaking, before the internet emerged, people's privacy was better protected. As Simon Singh noted in 'The Code Book,' early cryptography pioneer Whitfield Diffie pointed out that when the Bill of Rights was approved, "any two people could have a private conversation just by walking a few meters down the road and looking to see if someone was hiding in the bushes—something that certainly cannot be done in today's world." Similarly, people could engage in commodity or cash-based financial transactions and have the privacy and anonymity that most digital exchanges today lack.
Advancements in cryptography have reduced concerns about privacy and spurred new technologies that facilitate the exchange of confidential digital information and ensure reliable data protection. Cryptographers like Diffie predicted that many users would demand basic privacy protections for their digital activities, leading them to seek new solutions capable of providing such protections—namely, asymmetric public key cryptography. Diffie and others developed new cryptographic tools that have become foundational to e-commerce and data protection today. These tools have also paved the way for other confidential digital information exchanges, which are now also applicable to blockchain.
The development of Hypertext Transfer Protocol Secure (HTTPS) is just one example of privacy tools that have propelled the internet's flourishing. In the early days of internet development, users (i.e., clients) communicated with web servers using Hypertext Transfer Protocol (HTTP). This web protocol allowed data to be transmitted to a web server but had a significant drawback: it transmitted data without encryption. As a result, malicious actors could read any sensitive information submitted by users to websites. Years later, Netscape developed HTTPS for its browser, adding a layer of encryption to protect sensitive information. Thus, users could send credit card information over the internet and engage in private communications more broadly.
With cryptographic tools like HTTPS, internet users are more willing to provide personal identification information—name, date of birth, address, and social security number—through online portals. This has made digital payments the most common payment method in the U.S. today. Businesses also bear the risks associated with receiving and protecting such information.
These changes in behaviors and processes gave rise to numerous new applications, from instant messaging to online banking to e-commerce. Internet activity has become an essential part of today's economy, bringing unprecedented communication, entertainment, social networking, and other experiences.
Misunderstanding 3: Public chain transactions are anonymous
Truth: Public chain transactions are transparently recorded in an open shared digital ledger, making transactions pseudonymous rather than anonymous—this is an important distinction. Pseudonymity, which has a history of hundreds of years, played a significant role even in early America: Benjamin Franklin published his early works under the pseudonym 'Silence Dogood' in the New England Courant, while Alexander Hamilton, John Jay, and James Madison used 'Publius' to signify their contributions to the Federalist Papers (Hamilton used multiple pseudonyms in his writings).
Blockchain users transact through wallet addresses associated with a series of algorithmically generated unique alphanumeric characters (i.e., keys), rather than using their real names or identities. Distinguishing between pseudonymous and anonymous is crucial to understanding blockchain transparency: while the alphanumeric characters of wallet addresses cannot be immediately associated with specific users' identity information, the level of privacy protection for key holders is far lower than people imagine, let alone anonymity. The function of crypto addresses is akin to usernames, email addresses, phone numbers, or bank account numbers. Once a user interacts with another person or entity, the counterparty can associate the pseudonymous wallet address with a specific user, thus exposing the user’s entire on-chain transaction history and potentially revealing their personal identity. For example, if a store accepts cryptocurrency payments, the cashier can see what those customers purchased at other stores and their cryptocurrency holdings (at least concerning the wallet used for that transaction on the blockchain network, as experienced cryptocurrency users would have multiple wallets and tools). This is akin to publicly disclosing your credit card usage records.
The original Bitcoin white paper addressed this risk, stating that "if the identity of the key owner is revealed, the association may expose other transactions of the same owner." Ethereum co-founder Vitalik Buterin also wrote about the challenges of "making a large portion of your life’s information public for anyone to view and analyze," proposing solutions such as "privacy pools"—zero-knowledge proofs allow users to prove the legitimacy of funds and their sources without revealing the complete transaction history. Thus, some companies are also exploring solutions in this field, not only to protect privacy but also to develop new applications that combine privacy with other unique attributes of blockchain.
Misunderstanding 4: Blockchain privacy leads to rampant crime.
Truth: Data from the U.S. government and blockchain analysis companies indicate that the proportion of cryptocurrencies used for illegal financing remains lower than that of fiat currency and other traditional sources, with illegal activities accounting for only a small portion of all activities on the blockchain. This data has remained consistent over the years. In fact, as blockchain technology has continued to evolve, the occurrence rate of illegal activities on-chain has decreased.
It is well known that in the early days of the Bitcoin network, illegal activities accounted for a large portion of its overall activities. As noted by David Carlisle quoting researcher Sarah Meiklejohn, "The primary Bitcoin address used by Silk Road once accounted for 5% of the total Bitcoin at the time, and the site accounted for a third of Bitcoin transactions in 2012."
However, since then, the crypto ecosystem has successfully integrated effective mechanisms to curb illegal financing, and the total volume of legitimate activities has increased. A recent report from TRM Labs estimates that in 2024 and 2023, the volume of illegal transactions accounted for less than 1% of total cryptocurrency transactions (based on the dollar value of stolen funds in cryptocurrency hacks and the dollar value transferred to blockchain addresses associated with illegal categories). Chainalysis and other blockchain analysis companies have also published similar estimates (including data from previous years).
Similarly, government reports, especially those from the Biden administration's Department of the Treasury, have revealed that the risk of illegal financing through cryptocurrencies is lower compared to off-chain activities. In fact, the U.S. Treasury has recently discussed reports on cryptocurrencies—including its 2024 National Risk Assessment, Decentralized Finance Illegal Financing Risk Assessment, and Non-Fungible Token Illegal Financing Risk Assessment—all of which acknowledge that, by transaction volume and transaction amount, the majority of money laundering, terrorism financing, and proliferation financing occurs using fiat currency or more traditional means.
Moreover, many transparency features of blockchain (such as those discussed in Misunderstanding 3) make it easier for law enforcement to capture criminals. Since the flow of illicit funds is clearly visible on public chain networks, law enforcement can trace the flow of funds to 'cash-out points' (i.e., cryptocurrency withdrawal points) and blockchain wallet addresses associated with wrongdoers. Blockchain tracking technology has played a crucial role in combating illegal markets (including Silk Road, Alpha Bay, and BTC-e).
For these reasons, many criminals are aware of the potential risks of using blockchain to transfer illicit funds and therefore stick to more traditional methods. While enhancing blockchain privacy may make it more challenging for law enforcement to regulate on-chain criminal activities, new cryptographic technologies are being developed that can protect privacy while meeting the needs of law enforcement.
Misconception 5: You can choose between combating illegal financing and protecting user privacy, but cannot balance both.
Truth: Modern cryptographic techniques can reconcile users' privacy needs with the information and national security needs of regulators and law enforcement. These technologies include zero-knowledge proofs, homomorphic encryption, multi-party computation, and differential privacy. Zero-knowledge proof systems may be the most likely to help achieve this balance. These methods can be applied in various ways to curb crime and implement economic sanctions while preventing surveillance of U.S. citizens or the theft or laundering of funds within the blockchain ecosystem.
Zero-knowledge proof is a cryptographic process that allows one party (the prover) to convince another party (the verifier) that a statement is true without revealing any information other than the fact that the statement is true. For example, to prove someone's U.S. citizenship. Using zero-knowledge proof, a person can prove the truth of that statement to others without disclosing their driver's license, passport, birth certificate, or any other information. Zero-knowledge proof allows for the confirmation of the truth of a statement without exposing specific or additional information that could jeopardize privacy (whether it be an address, date of birth, or indirect password hints).
Given these characteristics, zero-knowledge proof solutions are one of the best tools to help detect and prevent illegal activities while protecting user privacy. Current research indicates that enhanced privacy products and services can reduce risk through various means, including:
Deposit screening to prevent assets from sanctioned individuals or wallets from being deposited;
Withdrawal screening to prevent withdrawals from sanctioned addresses or those related to illegal activities;
Voluntary selective de-anonymization, providing an option for those who believe they have been mistakenly listed on a sanctions list to de-anonymize their transaction details for selected or designated parties;
Involuntary selective de-anonymization, involving a private key-sharing arrangement between gatekeeper entities (such as non-profit organizations or other trusted organizations) and the government, wherein the gatekeeper entity assesses government requests to use private keys to de-anonymize wallet addresses.
With the concept of 'privacy pools,' Vitalik and others also advocate using zero-knowledge proofs so that users can prove their funds do not come from known illegal sources—without revealing their entire transaction graph. If users can provide such proof when exchanging cryptocurrency for fiat currency, then cash-out points (i.e., exchanges or other centralized intermediaries) will have reasonable assurance that these cryptocurrencies are not derived from criminal proceeds, while users can also protect the privacy of their on-chain transactions.
Despite critics' long-standing concerns about the scalability of cryptographic privacy technologies like zero-knowledge proofs, recent advancements have made them more suitable for large-scale implementation. By reducing computational overhead, scalable solutions are improving the efficiency of zero-knowledge proofs. Cryptographers, engineers, and entrepreneurs are continually enhancing the scalability and usability of zero-knowledge proofs, making them effective tools for meeting law enforcement needs while protecting individual privacy.
Misunderstanding 6: Blockchain privacy only applies to financial transactions
Truth: Privacy-preserving blockchains can unlock various financial and non-financial use cases. These capabilities highlight how privacy-preserving blockchain technology fundamentally expands the scope of secure and innovative digital interactions across use cases. Examples include:
Digital identity: Privacy transactions enhance digital authentication, allowing individuals to selectively (and verifiably) disclose attributes such as age or citizenship without exposing unnecessary personal data. Similarly, digital identity can help patients maintain the confidentiality of sensitive information while transmitting relevant test results and other information precisely to doctors.
Gaming: Cryptographic technology allows developers to hide parts of the digital world (e.g., special items or hidden levels) until players unlock them, creating a more engaging gaming experience. Without privacy tools, blockchain-based virtual worlds would be transparent to users, diminishing their immersion; players who are well-versed in the digital world would lack the motivation to explore.
Artificial intelligence: Privacy-preserving blockchain tools also open new possibilities for artificial intelligence, enabling encrypted data sharing and model verification methods without disclosing sensitive information.
Finance: In the financial sector, cryptographic technology enables decentralized finance applications to provide a broader range of services while ensuring privacy and security. Novel designs for decentralized exchanges can leverage cryptographic technology to enhance market efficiency and equity.
Voting: In DAOs, there is a strong desire for private on-chain voting to avoid potential repercussions from voting in support of unpopular measures or groupthink that may arise from mimicking the voting behavior of specific individuals.
These are just some obvious applications; like the internet, once privacy protection features are added, we expect to see many novel applications.
Conclusion
The debate about privacy—who controls it, how to protect it, and when it is stripped away—has existed for at least a century before the digital age arrived. Each new technology has sparked similar panics at the time: telegraphs and telephones, cameras and typewriters have all led to debates impacting generations of society.
To think that blockchain only jeopardizes privacy or that blockchain is particularly easy to use as a weapon for wrongdoing is a misunderstanding of history and technology. Just as cryptography and encryption protocols have enabled secure online communication and commerce, emerging privacy protection technologies such as zero-knowledge proofs and advanced encryption techniques can provide practical ways to protect privacy while achieving compliance goals and combating illegal financing.
The real issue is not whether new innovations will reshape privacy, but whether technical experts and society can address challenges through the implementation of new solutions and practices. Privacy will not be lost or compromised; it will continually adjust to fit society's broader and more pragmatic needs. As with previous technological revolutions, the question is how to achieve this.
