Paulie’s Paradox: Anonymity and Transparency
Updated: Aug 15, 2021
Data can be both anonymous and transparent at the same time on Secret Network.
Although this may seem impossible, the simple clarification is that it depends on the person or entity trying to view the data. For example, let's say that a user’s data is anonymous to person A. This doesn’t necessarily mean that the data has to be anonymous to person B. If the user wishes, they can share viewing access for the data via a “viewing key” to person B. In this case, the data is both anonymous and transparent at the same time on Secret Network, it just depends on the person trying to view the data. This of course means that data can’t be both anonymous and transparent at the same time for a single user. The article will explain later how this is possible on Secret Network.
Defining Data Privacy
Let’s define data privacy in a manner that paints it as a necessary public good rather than something for shadowy super coders. As shown in the example above, privacy should be heavily associated with choice. Therefore, privacy isn’t the same thing as anonymity although it may have some similarities. Privacy means having the option to keep to yourself what you deem sensitive and to only share it with others that you trust. For your closest friend, you may share all of your darkest secrets and for acquaintances, you may share the bare minimum. Regardless, it is you who has the power to choose what to share and with who. To use an analogy, having privacy is like having a door to a bathroom stall in a public restroom. It is in no way shameful to have privacy in this context and it is your choice to close the door. In many circumstances, people don’t have a door, they don’t have an option to keep certain things to themselves, away from prying eyes.
Most often when it comes to digital data, no one is choosing to share sensitive information with anyone besides centralized corporations. The way I think of data privacy is that it allows you to choose a point on a spectrum, one end being anonymity and the other being transparency.
As you can see, privacy may mean being fully anonymous for some people and it may mean being fully transparent for others. The key thing to note is that a person has the choice. As always, too much of one thing is an issue and it is best to be somewhere in the middle. It can be quite limiting if you are on either end of the spectrum. If you are fully anonymous, businesses and other people may be reluctant to interact with you because you are unwilling to share useful information for them to assess the interaction. For let’s say a loan, if you don’t provide any info, how could the loaner assess your credibility? If you are fully transparent, your life gets put in the spotlight. Anyone can know anything about you. This is equivalent to not using the bathroom door which in my opinion is ridiculous. Being in the middle means protecting yourself from prying eyes while also not limiting yourself in terms of interacting with the world.
The Shortcoming of Most Crypto
In the context of cryptocurrencies, privacy is heavily misunderstood and understated. Many people unfamiliar with crypto believe that privacy on the blockchain lands very close to the anonymity side of the spectrum. However, it's the contrary. A blockchain is essentially the history of transactions made with a cryptocurrency. All transactions on a cryptocurrency’s network are public-by-default meaning anyone with an internet connection can parse the blockchain history for a particular transaction. For any given transaction, they will see the sender address, the recipient address, the amount, and a timestamp. With blockchain explorers, searching for a transaction is as easy as looking for an old text message on your phone with some keyword. These features were designed in such a way to make the blockchain auditable, verifiable, and immutable. Blockchains are pseudo anonymous meaning that your identity is not directly tied to your transactions. Instead, it is your wallet address. The problem is that this is the only line of defense. Once your address is “doxxed” and your identity is associated with it, anyone with an internet connection can surveil all your transactions, past, present, and future. All they have to assume is that that address was and is in fact you.
This by itself is concerning in the transactional sense and it is why Bitcoin has a major privacy issue. If you don’t think it’s possible for you to be doxxed, you are sorely mistaken. To buy crypto, you must enter through some fiat on-ramp meaning you can enter the crypto world with your everyday money i.e. the US dollar. These fiat on-ramps are essentially centralized exchanges such as Coinbase and Binance. For you to buy crypto with cash, you must sign up for an account. From that moment forth, they have an identity to tie to your address. When you take the crypto off the exchange and put it in a wallet, they just associate your new address with your identity. When you switch to another address via a transaction, again they just follow the publicly available trail known as the blockchain. What we have here is something extremely close to full transparency. All it takes is to be doxxed once and pseudo-anonymity becomes surveillance.
This becomes even more of a risk with the use of smart contracts. Users can provide data to smart contracts in order to interact with them, however, this too would be public via the blockchain. This means that using any type of sensitive data on these chains is not feasible because there would be no protection, no choice, no “door”. This means that applications are limited to much simpler use cases and their ceiling is much lower than promised. Applications on public-by-default blockchains like Ethereum can’t even compete with traditional apps in the long term because of this inherent flaw.
Secret Network's Private-By-Default Solution
Step in Secret Network, a layer one protocol built with Cosmos SDK. Secret Network solves this flaw with a well-known solution called TEE’s or trusted execution environments.
You can think of them as black boxes. Essentially, it is a hardware solution that takes in encrypted data, decrypts it, performs the desired computation on it, and then encrypts the output to send back to the user. The privacy preserving computation is handled by validators of the network, those who confirm the transactions that are added to Secret’s blockchain. This is all hidden from the user and the experience is close to what you see on public-by-default chains with a few novelties.
An extremely important aspect to understand about this use of TEE’s is that sensitive data can be computed on without ever revealing it to another party. For many cases, this means you don’t even need to fall on the traditional spectrum as seen above. There is no need to choose what to share since computation can be done while never revealing the data. Now, sensitive data does not have to be stored on a centralized database. You also don’t have to worry about your data being shared for profit without your consent. This in itself is powerful and it finally enables crypto to not only match traditional apps, but surpass them in what’s possible. Data privacy is the last missing piece that can make crypto a valid contender to traditional finance and beyond.
Let’s say you do want to fall on the traditional spectrum and share unencrypted viewing access of your data, then use viewing keys on Secret Network. These keys basically let those who have them see transactions and data just as the user would see them. This is how the paradox can be interpreted as true. It doesn’t have to be viewing access for all of the user’s data, but just exactly what they would like to share. Yet another innovative solution for the private-by-default model that Secret has put forth. No other smart contract platform has this capability and is on mainnet, let alone with proven dapps already in public use. Nothing is ever 100% in terms of security but this model is a massive step forward in the right direction which must be made at some point. The status quo of public-by-default is not sustainable but a solution is thankfully already here.
If you want to learn more about Secret Network and better understand the technology enabling this novel development, read more here: https://scrt.network/