The U.S. Treasury is exploring whether identity verification should be embedded in decentralized finance (DeFi) smart contracts, with critics warning that this could rewrite the foundations of permissionless finance.

Last week, the agency began consultations under the (U.S. Stablecoin Innovation Act) (GENIUS Act), which came into effect in July and requires the Treasury to assess new compliance tools to combat illegal financing in the crypto market.

One idea is to embed identity credentials directly into smart contracts, meaning that DeFi protocols could automatically verify users' government IDs, biometrics, or digital wallet certificates.

Supporters argue that embedding Know Your Customer (KYC) and Anti-Money Laundering (AML) checks into blockchain infrastructure can streamline compliance and intercept criminals.

Fraser Mitchell, the Chief Product Officer of the smart search company SmartSearch, stated that these tools can reveal anonymous transactions and attract the networks of criminals.

However, critics argue that this proposal could undermine the core of DeFi. Mamadou Kwidjim Toure, CEO of Ubuntu Tribe, likened the plan to 'putting cameras in every living room.'

Toure warned that if biometric or government IDs are linked to blockchain wallets, 'every transaction could potentially be permanently traced back to a real identity, losing anonymity and resulting in surveillance in transactions.'

Toure stated that financial freedom relies on the right to private economic life, and embedding IDs at the protocol level undermines this, potentially setting a dangerous precedent where governments could scrutinize transactions, blacklist wallets, or even automatically tax through smart contracts.

Another issue is exclusion. Billions of people globally lack formal identity, and if DeFi protocols require government credentials, many communities, immigrants, refugees, and unbanked populations may be left out.

Data security has also become a point of contention, with the association of biometric databases and financial activities potentially leading to more severe hacking incidents, exposing funds and personal identities.

Critics emphasize that the solution is not merely a choice between criminal safe havens and mass surveillance. Privacy-preserving tools like Zero-Knowledge Proofs (ZKPs) and Decentralized Identity (DID) standards can validate qualifications without exposing full identity.

Through ZKPs, users can prove they are not on sanctions lists or are over 18, while the DID framework allows users to hold verifiable credentials and disclose them selectively.