Private Magic Internet Money Movement
Musing about some newish tools.
Privacy means different things to different people. It boils down to, how much can others observe my impact on various surfaces.
A couple of newer blockchain solutions1 propose new privacy approaches, which appear to provide a form of confidentiality. We mostly already have anonymity2.
A brief aside on American values
In the United States, we famously had a culture of "masks are for the bad guys". In the game of Cowboys and Indians that is no longer played by kids, banditos wear bandanas to cover their faces, while heroes show who they are.
We also expect police officers to identify themselves while exercising the government's monopoly on violence. No need to discuss masked ICE agents' need for privacy. Just recall the exception that proves the rule: police are allowed to go undercover, under tighter terms of engagement than the general public.
We also had a long history of rejecting surveillance tech with multiple uses, such as license plate scanners, which could identify speeding violations but could also be appropriated to catch deadbeat dads. We used to prefer the freedom to drive fast, over better alimony enforcement. This changed slowly. After 9/11, US citizens accept that surveillance provides social benefits, much more than they used to.
Ways to be private
(New) Approach A:
Present your credentials3 to enter a walled garden, inside which you no longer have to present credentials each time you transact. Furthermore, maybe only you and your counterparty and a privileged function4 can see the details of the transaction. You don't enforce blockchain rules (e.g., "no double spending") with public consensus of permissionless network participants, but with private rules and possibly mathematics.
The walled garden's gatekeeper can eject you, or keep you from re-entering. This mostly involves forfeiture of (access to) funds.5
(Existing) Approach B:
Make a new account using math. Fund that account via a path that is incentivized by the market to keep its route open for you6. Never link to any account linked to identifiable information. Never provide a company, that holds your KYC details, with patterns of IP-address activity or wallet identifiers that can be linked to your identity.
On x402 Payments
When you onramp via any regulated exchange, that exchange knows you. It is useful to have multiple onramps, but let's consider Coinbase which subsidizes its USDC onramp/transfers on Base more than anybody else.
Send from your CEX account to an onchain account that you create on your computer, using code like Poor Richard's Wallet.
Send these funds to a mixer, which deposits to another account that you own.
Pay for something using x402. If as an end user, your vendor has chosen to use the default paywall interface provided by x402.org, then your computer's activity gets sent to Coinbase analytics services.
If your vendor chooses to use the official Coinbase facilitator (wired up in the backend, one hop away from you; you never see it or touch it directly), it can link all your address's activities with other information it has access to. In an extreme scenario, it could simply refuse to serve your address.
If your vendor uses an unofficial Coinbase facilitator, those facilitators could charge a ransom for enabling traffic they cannot distinguish from criminal traffic. Or, they could do other stuff with your traffic.
My free, self-hosted facilitator runs on a Raspberry Pi or a potato, and can be configured to use "stupid" technology to ensure no single RPC node operator can censor your transactions.
Weirdness
It's useful that x402 is optimized for micro-payments. Any meaningful criminal activity should be easy to identify based on size.
It's notable that Coinbase acquired Spindl.
It's weird that Veil.cash had a "misconfigured Groth16 verifier" that allowed "ZK proof forgery" until an exploiter demonstrated this by hacking the contracts, and eventually returned funds in full without further communication or coordination.
https://x.com/Veildotcash/status/2025293773891404225
I have no visibility into how things are configured there now, only a vague sense that this pathway has been live for several years but has not been tested as much as other mixer tech.
Canton, Tempo↩
anonymity provides privacy, forever, but only once you have achieved true anonymity. Anonymity leaks are fundamental issues. Separate, but related, issues are that networks can censor/block based on whether an actor gives up part of their anonymity, via methods such as KYC or geo-blocks↩
KYC↩
an auditor, a sequencer, a privileged block proposer↩
note that this new approach is technically equivalent to how Arbitrum's SC seized ~$70m USD in rsETH-related stolen funds. $5 and $5mm are both safe to put inside such walled gardens, but maybe $500 yoinked in a miscarriage of justice would not be worth the cost of recovering it↩
a regulated, or a less fully regulated, exchange. maybe a criminal money laundering network↩