At the Privacy Enhancing Technologies Symposium in Barcelona last week, two researchers presented a plan to bring the anonymity of monero to the ethereum network. With the catchline “Trustless Tumbling for Transaction Privacy”, the protocol uses mixing solutions to obscure the payment information of ether transactions.
Unlike monero, bitcoin and ethereum do not offer transaction privacy, and users interested in anonymity must use third party tumbling services that obfuscate transactions by mismatching origins and destinations until the link is severed between sender and recipient.
Instead of relying on a centralized tumbling service, Mobius obfuscates transactions on the network by using a smart contract which employs the same cryptographic devices as Monero—ring signatures and stealth addresses—to complete the process without reliance on a third party.
Tumbling services require a significant amount of trust to use, and are in a unique position to steal bitcoin sent to them. They are also limited by their reliance on having enough customers with similar amounts of bitcoin that can be mixed up effectively enough to prevent someone from tracing the transaction back. As researcher Rebekah Mercer said at the symposium, avoiding this process could expedite the process and help prevent theft:
“Mobius achieves great things in terms of availability and theft prevention but without compromising on communication, which hopefully will encourage people to mix more often.”
The demand for privacy
Even though the pseudonyms used in Bitcoin and Ethereum transactions are not directly linked to real-world identities, all the movement of money between these pseudonyms is traceable, and identities can be disclosed either through revealing the public key, or using statistical methods like clustering that make inferences by looking at transactions from addresses belonging to the same party.
This was the method used in the case of Shaun Bridges, a former US Secret Service agent who was convicted – twice – for stealing thousands of bitcoin that were seized in the Silk Road investigation that he was working on in 2015. Bridges admitted to transferring the seized funds to his own private wallets at different exchanges.
Those looking for total privacy must use anonymous currencies like Monero and Zcash, or use bitcoin tumbling services, which according to CipherTrace have gained massively in popularity over the last few months.
Their quarterly report suggests that bitcoin tumbling is the preferred way for cyber extortionists, dark markets and ransomware perpetrators to cleanse stolen cryptocurrency. The amount of which is rapidly increasing—with three times as much crypto stolen in the first half of 2018 as in the whole of 2017.
The right to anonymity
As privacy technology grows, so do the concerns of authorities and regulators, who claim these currencies are enabling theft, extortion and money laundering.
Governments around the world have issued calls for cooperation in enforcing Anti-Money Laundering regulations, and some jurisdictions, like Japan, have even gone as far as pressuring exchanges to delist privacy coins like Monero, Zcash and Dash.
Privacy supporters on the other hand, argue that transparency can also be dangerous—giving criminals the opportunity to pinpoint lucrative targets, and governments the ability to wield a disproportionate amount of power.
Founder of Ethereum Vitalik Buterin came out strongly in favour of privacy technology earlier this year, voicing his concerns of government and corporate power in a lengthy reddit post.
Ethereum however, remains transparent as ever, but Mobius is not the only privacy-enhancing tech for the network. Another project, Enigma’s “Secret Contracts,” aims to help decentralized application developers conceal data, and Parity’s “Secret Store” aims to allow the managing of cryptographic secrets on Ethereum, achieved by providing the encryption keys only to selected authorities.
Ethereum equipped for privacy
The most well-known privacy protocol is the Zk-snark (“Zero-knowledge Succinct Non-Interactive Argument of Knowledge”), as developed by Zcash, which addresses confidentiality and scalability issues when they are implemented on the network at some point in the future. Ethereum also added support for a Zk-snark feature in October 2017 with its network upgrade to Metropolis 3.0 and the project has been working closely with ZCash to implement them in Metropolis 3.1.
These developments, in conjunction with projects like Mobius, could add another layer of privacy to the decentralized ecosystem, potentially allowing anonymised data in smart contracts, decentralized applications that deploy privacy tech (some call them Zapps), and anonymous token transfers.
True privacy however, is a constant game of catch-up—not just between innovators and authorities, but between privacy protocols and their inevitable flaws. To put it in the words of Monero’s Riccardo Spagni: “Privacy isn’t a thing you achieve, it’s a constant cat-and-mouse battle.”