Will Ethereum go private? Assessing Layer-2 and accountability
In the push to upscale Ethereum, some options on the table could have big consequences
- Coming to grips with the terms
- Don’t Trust, Verify
- Mixers and Monero: The bigger threat to traceability?
- Will Ethereum become ZCash 2.0?
- The ethics of blockchain privacy
Big changes are on the horizon for Ethereum. With the impending launch of Ethereum 2.0 and the rollout of Layer-2 technologies, the world’s largest smart contract platform could soon become an entirely different beast to the one we know today.
Privacy is one area destined to be an ideological battleground, shaped by zero-knowledge technology and other Layer-2 scalability protocols, which Ethereum co-founder Vitalik Buterin has touted in blog posts as far back as 2016.
The Ethereum 2.0 roadmap has been constantly delayed, extended and modified. Regardless, what implications for accountability and on-chain traceability could such technologies have, should they be implemented? Will enhanced privacy features hinder law enforcement and forensic blockchain operations? If so, is this a good or a bad thing?
To find out, we looked into the various technologies on the Ethereum 2.0 maybe pile to see how, for better or worse, they might shape the future of traceability on the Ethereum blockchain.
Coming to grips with the terms
zk-SNARKS, zk-STARKs, optimistic rollups, zero-knowledge rollups, Layer 2 protocols, sharding, Ethereum 2.0… you might have heard these terms floating around and wondering what the hell they all mean. Even readers with a basic understanding might be curious to know what they have to do with accountability in the crypto space. So let’s get to grips with them.
First, it is important to know that Layer-2 (L2) and Ethereum 2.0 (Eth2) are separate concepts. Layer-2 is a collective term for protocols intended to make Ethereum more scalable. Despite being by far the most popular smart contract platform, Ethereum is plagued by poor transactional throughput and very high gas fees. L2 protocols, then, are a range of technologies specifically designed to address these issues.
Ethereum 2.0 is more straightforward, referring to the blockchain’s transition from the proof-of-work (PoW) consensus method to proof-of-stake (PoS). This transition, set to occur at some point in 2022, is also referred to as “The Merge”.
Rollups refer to a category of Layer-2 protocols which perform transactional processing “off-chain”, meaning that Ethereum’s workload is substantially lighter, thus faster and more efficient. Rollups come in two flavours: optimistic and zero-knowledge, each with their own advantages and disadvantages. Without getting too technical, optimistic rollups assume that network validators are acting in good faith, and only challenge transactions upon request. Zero-knowledge rollups, on the other hand, run fraud checks on each transaction. This process makes optimistic rollups a more efficient data link layer, but zero-knowledge rollups a faster one.
Zero-knowledge rollups come in two main “sub flavours”, if you will, being zk-SNARKs (zero-knowledge succinct non-interactive argument of knowledge) and zk-STARKs (zero-knowledge succinct transparent argument of knowledge). Without getting technical once again, zk-SNARKs have a proven track record in numerous cryptocurrencies including ZCash, while zk-STARKs are touted as a more efficient, potentially faster version of the technology.
Sharding, set to be implemented on the Ethereum network at some point in 2023, is a Layer-2 concept referring to the process of splitting the Ethereum blockchain into distinct parts. In its basic form, sharding will simply (hopefully) make Ethereum even more efficent when used alongside rollups.
Despite sounding complex, these concepts all have the same purpose: Making Ethereum a more scalable and cheaper smart contract platform, without sacrificing security. But will there be other sacrifices along the way?
Don’t Trust, Verify
“The blockchain doesn’t lie.” “Don’t trust, verify.” They are two axioms popular among the crypto community. Given the public nature of on-chain transactional data, any individual with a working knowledge of how a blockchain scanner works can, and often does, act as a something of a private investigator, digging deep into the blockchain data to uncover fraud and other malicious behaviour.
Take popular “internet detective” Coffeezilla, aka. Stephen Findeisen. Through meticulous analysis of blockchain data, Findeisen has successfully uncovered large-scale crypto scams and ponzi schemes, including the infamous Save the Kids scandal, with help from fellow investigative YouTube channel SomeOrdinaryGamers.
Crypto forensics has become a sizeable industry outside of activist YouTube channels. Companies such as Elliptic use sophisticated tracing techniques to visualise transactional relationships, follow money trails, monitor wallets and investigate user activity. Such companies regularly work with the authorities, including the FBI, on large-scale crypto-tracing investigations.
These techniques helped to trace the movement of assets after the 2020 Twitter hijack which led to a bitcoin money laundering scheme, and the Bithumb exchange hack of 2018. In 2021, Elliptic successfully identified the wallets of the DarkSide ransomware group by tracing ransom payments sent on-chain by victims.
Will the Layer 2 network make this type of forensics harder? According to Duncan Townsend, chief technology officer of the smart contract security platform Immunefi, “zero-knowledge doesn’t necessarily imply unlinkability”. However, “If systems that support strong unlinkability become widespread and interoperable, then yes, it might compromise on-chain traceability.”
Could Ethereum morph into a platform like Monero, where transactional data is largely kept hidden? “Probably not,” according to Townsend. “Ethereum’s Layer-1 is inherently public. Unless the majority of transaction volume moves to zero-knowledge rollups, shards, or sidechains, traceability will be a fact of life for blockchains.”
Mixers and Monero: The bigger threat to traceability?
Larry Pang, head of business development at the Silicon Valley-based blockchain company IoTeX, believes that from an accountability and traceability perspective, “token mixers” such as Tornado Cash present a greater risk than zero-knowledge.
Pang told Currency.com: "These token mixers can be used to break the chain of traceability, so there is no way to find out where tokens originated… For example, say I have illicitly obtained Ethereum, which I got from a blacklisted entity. I could put these assets into a token mixer where I combine them with a larger pool of tokens from other sources. This process mixes the illicit tokens with a pool of larger tokens, removing the traceability of the illicitly obtained tokens.”
“From an AML/Terrorism financing perspective, non-traceability promotes crime,” Pang said. Because of this, tokens that use mixers are often blacklisted by regulatory bodies (the efficacy of these blacklists is another story).
Monero, on the other hand, uses the concept of “stealth addresses”. Stealth addresses generate a one-time public key per transaction, while keeping users’ personal keys private.
Because of these privacy features, Monero has “become an increasingly sought-after tool for criminals such as ransomware gangs, posing new problems for law enforcement,” according to a report by the Financial Times, which said: “The absence of a digital trail for Monero is proving increasingly problematic for law enforcement, which typically works with private sector analytics groups to trace suspect transactions.”
A Europol investigation concluded that “Monero is gradually becoming the most established privacy coin for Darkweb transactions, followed by ZCash and Dash. All these privacy coins may present a considerable obstacle to law enforcement investigations, despite the competing altcoin communities uncritically favouring their implementation over the others.”
So while Monero might be the granddaddy of dark money cryptocurrencies, ZCash has also entered the crosshairs of law enforcement. Furthermore, the very protocols that ZCash uses to achieve said privacy are the very protocols touted by Buterin as vital to Ethereum’s sustainability.
Will Ethereum become ZCash 2.0?
The privacy coin ZCash has been using zk-SNARKs since 2016, so it could give a window into what implications the protocol might have for privacy on Ethereum. “Zero-knowledge proofs make ZCash’s privacy possible,” the official ZCash explainer says.
According to ZCash: “SNARKs are the engine that can quickly and efficiently verify a transaction and add it to the blockchain without revealing any details to the public.”
Below, you can see a visualisation of a private ZCash transaction on the blockchain explorer. As you can see, while evidence of a transaction has been logged, the user addresses and transaction values are not.
When we compare a random transaction on Ethereum, we can see the addresses of both sender and receiver, as well as the value of tokens transferred.
It is this transparency that helps to make Ethereum and Bitcoin publicly traceable, and helps forensic experts to trace and freeze stolen assets. But will the traceable nature of Ethereum diminish should the developers go all in on zero-knowledge technology?
Paul Sibenik of the blockchain investigation company CipherBlade said: “Ultimately, entities that do business with other individuals have some sort of obligation, at least in our opinion, to be diligent. The public nature of blockchain transactions allows those entities to get by doing maybe less due diligence because the transactions are publicly traceable.
“It’s important to understand the source of funds that your customers have if nothing is traceable.”
Sibenik does not believe that Layer-2 is set to herald a money laundering paradise, “although it’s ultimately based on the exchanges and what type of business they want to facilitate”.
So even if blockchain data becomes less visible from the front end, such as is the case with ZCash (which, Sibenik says, rarely comes across his desk as a blockchain investigator), “it doesn’t necessarily lead to a dead end per se, as there are avenues not just involving ZCash” that can be pursued, again pointing to the exchanges as an inroad to tracing on-chain transactions.
However, these inroads rely on robust KYC policies, “which many of [the exchanges] don’t have," according to Sibenik.
Even the Layer-2 Lightning Network, touted as an off-chain bitcoin protocol, has traceability, according to Sibenik. He said: “Although we cannot see all the individual transactions that happened on Lightning, we can see amounts coming in and out. There’s still certain things that can be assessed”.
The ethics of blockchain privacy
According to Katharine Wooller of the crypto wealth specialist Dacxi, “anonymity is a very interesting broader question, because if increased AML gave rise to knowledge about the ownership of addresses, we are in grave danger of people being able to abuse that information on a public ledger”.
Wooller pointed to the importance of anonymity in more authoritarian regimes. “While I may not be that concerned to share exactly when and where I purchased coffee this morning, I may take a different view around my privacy if lived in a country with a dubious human rights record that was trying to clamp down on journalists criticising their government. Traceability, then, is a question of automated vs challenged. Yes, Layer-2 reduces the ability to trace automatically, but to what end?”
Privacy is a good thing, according to Townsend. “Zero-knowledge systems, ZCash included, can or do provide a way to reveal the source and destination of funds to appropriate regulatory authorities. It doesn’t undermine regulators' abilities to regulate, just snoopers’ ability to deanonymize all of finance.”
Townsend added that “ZCash already exists and forensic blockchain analysis works just fine… Zero-knowledge is not the be-all-end-all of anonymity.”
Sibenik has a different opinion. Asked if publicly available data is essential for blockchain transparency, Sibenik said: “For sure. It allows another party to assess and view what happened. It allows for some degree of accountability… The nature of cryptocurrency is that it needs to be open and distributable across countries.
“If it was made more private, there would be a lot more uproar about money laundering and accountability.”
Experts seem to agree that accountability is, or should be, the purview of the exchanges. Using the analogy of a bank heist, Wooller asked: “If someone gets away with a load of cash at the bank, should we blame the car they drove away in?
“I don't think Layer-2 actively promotes crime… Large amounts of cash should be hard to clean, which brings us back to robust sources of funds checks. Banks have protocols for recognising suspicious behaviour and blocking accounts quickly. Crypto platforms need the same powers wielded.”
Even if “there’s a bit more legwork,” Sibenik believes that Layer-2 protocols will not impact traceability to a significant degree, although that could be contingent on how and to what extent they are implemented.
The bigger question could be, does the public have a right to transactional data, or should that be solely the purview of the authorities?
Whatever your thoughts might be, Ethereum 2.0 should arrive by the end of the year (barring yet further delays), ushering in an era of zero-knowledge rollups, sharding and other Layer-2 protocols. Whether this proves a blessing or a curse, we will be sure to keep you updated at Currency.com
Layer-2 is a collective term for technologies and protocols designed to make the Ethereum network faster and more scalable.
Much of Layer-2 revolves around moving certain transactional data “off chain”, thus lightening the requirements of Ethereum as a whole. Because of this, Ethereum can process more transfers at any time.
Layer-2 and Ethereum 2.0 refer to different things. The former is a collective term for protocols designed to make Ethereum more scalable, whereas Ethereum 2.0 refers to the network’s transition from the proof-or-work (PoW) consensus method to the proof-of-stake (PoS) consensus method. However, they do have the same purpose of making Ethereum more scalable and affordable.