After a Decade of Promises, Blockchain Still Fails to Deliver Privacy
The first blockchain was launched more than 10 years ago and since then, it has evolved from simply being a backbone for Bitcoin (BTC) to a global technological phenomenon. In some sense, the distributed ledger became more popular than Bitcoin itself. Even the harshest cryptocurrency critics — like the government of China and JPMorgan Chase’s Jamie Dimon — recognize blockchain technology’s potential, while corporations as large as Microsoft and Accenture have adopted it to their needs.
However, there is another view of blockchain technology. One that is based on the assumption that the technology has stalled in certain areas it has been trying to disrupt — privacy being one of those fields.
In mainstream culture, Bitcoin is still viewed as a digital currency that allows users to stay fully under the radar. In reality, most cryptocurrencies based on public blockchains merely offer pseudonymity. Meanwhile, tracking cryptocurrency transactions is only getting easier for law enforcement agents. Therefore, how much privacy does blockchain really offer?
The feds are no longer scared
Back in 2012, at the dawn of blockchain and crypto, an internal FBI report leaked a warning to security service employees that Bitcoin provides a tool “to generate, transfer, launder and steal illicit funds with some anonymity.” The word “some” is key here, because according to the original white paper, “the risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner.” Therefore, Bitcoin, as well many other cryptocurrencies based on public blockchains, are pseudonymous and not fully anonymous — meaning that there is only a limited amount of privacy they can provide.
Indeed, as time went by, authorities started successfully tracking down criminals who used Bitcoin to cover their tracks. One of the most high-profile cases in that regard was the arrest of Ross Ulbricht, an American national who operated the renowned deep web marketplace “Silk Road.” As told by a former FBI special agent, Ilhwan Yum, in court during the trial, he managed to track more than 700,000 BTC from Silk Road to what appeared to be Ulbricht’s personal wallets. Suddenly, buying things with Bitcoin on the dark web was no longer seen as foolproof.
But that’s what bad guys get, one might argue, and law-abiding citizens have nothing to be afraid of. That’s not likely to be the case, as average cryptocurrency users could also be of interest to authorities. In 2018, top American exchange Coinbase informed approximately 13,000 of its customers that it was handing over their private information to the United States at the demand of the IRS. That data included social security numbers, names, birth dates, addresses and transaction records from 2013–2015.
In 2018, researchers from Qatar published a paper showing how easy it is to identify sloppy users through their years-old Bitcoin transactions — even for people who don’t work in the intelligence services. Upon collecting thousands of visible Bitcoin wallet addresses and searching for direct links between them and Tor-sensitive hidden services like Silk Road and The Pirate Bay, they were able to find 125 unique users along with their public accounts.
Pseudonymity is not good enough
“Public blockchains were not created for privacy,” Pavlo Radchuk, the blockchain security lead at Hacken, a self-described “ecosystem of white-hat hackers,” told Cointelegraph, explaining that an active Bitcoin or Ethereum user can be tracked in different ways like if “an account bought something on a website [with crypto]. Now, this website has this account’s related IP address; delivery physical address, receiver name, etc.”
Pseudonymity “is clearly not enough” when it comes to protecting one’s identity, Ghassan Karame, the manager and chief researcher at Security Group of NEC Laboratories Europe, confirmed in a conversation with Cointelegraph, elaborating:
“The main issue with pseudonymity is that it does not hide the user profile including: transaction amounts, expenditure habits, time of payments, etc. Pseudonymity also does not attempt to hide the binding between the user profile and the user’s IP. All these issues make it relatively straightforward to deanonymize users in systems that rely on simple pseudonymity.”
Hartej Sawhney, the CEO and co-founder of cybersecurity agency Zokyo Labs, painted an even grimmer picture where knowing the victim’s address is enough for the attacker to use physical force and get what they’re after: “A thief with some effort can trace an IP address, show up at your house and apply rubber hose cryptography to get your keys.”
“We don’t believe that blockchain has the privacy benefits that I think some of its supporters first hoped,” Catherine Tucker, a professor of management at MIT Sloan and a co-founder of the Cryptoeconomics lab, told Cointelegraph, referring to the 2018 paper she co-authored with Susan Athey, a professor of economics at the Stanford Graduate School of Business, and Christian Catalini, a fellow MIT professor, who also works at Facebook’s Calibra.
Blockchain technology’s trademark immutability has large privacy consequences, Tucker added. She argued that sensitive information — like health care records — is not necessarily fit to be stored on a blockchain, contrary to what a number of industry startups are trying to achieve:
“Ultimately, when it comes to the privacy of data, I worry most about the kind of data that if it is public, has persistent consequences for me economically — such as my genome, my underlying health factors — things that I can’t change. I don’t worry about data that tells an advertiser I want a particular pair of shoes on a day — that is temporary data, which may change tomorrow, and is unlikely to have persistent consequences. And the danger of blockchain is we may be creating immutable data that we have no idea what the consequences of it will be for an individual 10 years in the future.”
But what about permissioned blockchains — the ones that grant access only to relevant parties and market participants? “I’m not sure if there’s much difference between a permissioned blockchain and a shared database,” Harry Halpin, the CEO of privacy mixnet NYM Technologies, told Cointelegraph, adding that it “all depends on who has access or who is in your federation.” Karame went further, explaining that permissioned blockchains mostly rely on Crash fault tolerant or Byzantine fault tolerant — which have been studied better than proof-of-work and proof-of-stake — adding:
“As the name indicates, CFT only tolerates crashes and does not provide any security against misbehavior otherwise. BFT systems, on the other hand, provide full tolerance to Byzantine behavior. Both CFT and BFT offer final consensus. This means that the confirmation output of such systems is final; most permissionless blockchains only offer eventual consensus guarantees, meaning that one’s transaction could be dismissed later in time — e.g., in case a block fork happens.”
While blockchain technology has been deemed hack-proof (in the sense that it has yet to be compromised on a systematic level), the crypto industry is basically a land mine when it comes to security breaches. Over $292 million and over 500,000 pieces of customer data were stolen from cryptocurrency exchanges in 2019 alone (it was the biggest year for cryptocurrency hacks so far, although the amount of stolen funds was much smaller compared to previous years).
Related: Crypto Exchange Hacks in Review
If blockchain technology is so secure, why are industry actors getting hacked? There’s a variety of different techniques that attackers use, although most of the aforementioned breaches involved social engineering — i.e., some participation on behalf of the victim, like opening an infected email, using public Wi-Fi to log into cryptocurrency wallets, installing malicious apps, etc. There are also more niche methods like clipboard hijacking, cryptojacking and bug exploiting — but in most cases, hackers target people or company servers, and not blockchains.
Privacy coins can ensure some level of anonymity
Immutability doesn’t mean that blockchain technology cannot offer additional privacy, however. There are several privacy-oriented services, with Monero (XMR) and Zcash (ZEC) being the most popular examples. Both of them aim to protect the privacy of users by hiding transactions and their receivers through different methods. However, although privacy coins do offer a “decent level of privacy,” they still don’t make their users absolutely anonymous and leave some trail behind, said Karame:
“Such systems are geared to provide sender anonymity, recipient anonymity, unlinkability of transactions, and hide as well the payment amount. They do not offer ‘absolute privacy’ though in the sense that the time that transactions are made is still publicly available. Such timing information could leak information about the geographic location of users.”
Normally, there are ways to trace even anonymity-focused technologies, as Jonathan Levin, a co-founder and the CSO of blockchain and crypto analytics firm Chainalysis — one of the primary sources of crypto transaction data for U.S. agencies — affirmed in an email exchange with Cointelegraph: “While not impossible, anonymity is very difficult to achieve due to humans needing to implement and use them.”
Moreover, regulators are overall not impressed with privacy coins and the anonymity they provide. Some jurisdictions, like South Korea and Poland, have gone as far as to force local exchanges to delist them, citing guidelines set out by the Financial Action Task Force. That drives those coins even deeper underground, applying additional stigma. Furthermore, as Halpin noted in a conversation with Cointelegraph, private blockchains such as Zcash and Monero “have all had critical bugs within the last year,” meaning that there is still a risk of getting exposed.
Other blockchains are not immune to regulatory problems
It’s not just niche blockchain products whose privacy-enabling features are being scrutinized by regulations, added Nir Kshetri, a University of North Carolina-Greensboro professor who studied blockchain’s roles in strengthening cybersecurity and protecting privacy. In fact, the Chinese government has already introduced regulations in that area in February 2019. Kshetri told Cointelegraph:
“The regulation requires users to provide real names, as well as national ID card numbers, mobile phones or company registration to use blockchain services. User anonymity is thus not allowed. Blockchain services are required to remove ‘illegal information’ quickly in order to stop it from spreading among users. Providers of blockchain services are also required to retain backups of user data for six months. Moreover, law enforcement must be able to get access to data whenever it is necessary.”
The European Union’s General Data Protection Regulation law that attempts to supervise blockchain data is another concern for blockchain technology’s privacy, Kshetri continued: “The GDPR assumes that there is a data controller. Data subjects enforce their data protection rights against the controller. Blockchain’s decentralization feature means that there is no single center of control.” Moreover, regulations are unclear on how blockchain’s data controller is determined so it’s unclear who’s legally accountable if personal data is abused. Kshetri concluded that immutability is also a cause for concern:
“When a block is added, it is extremely difficult or even impossible to delete or modify data in the block. The difficulties of deleting blockchain data violates data minimization and purpose limitation provisions of the GDPR. The idea here is that personal data should not be held longer than needed to achieve the purpose for which the data is collected.”
Despite problems, blockchain has made progress
Nearly 10 years in, privacy remains a controversial topic for blockchain technology. Still, there has been “lots of progress” on this front, says Karame of NEC Laboratories Europe: “Privacy has been increased in most blockchains — both permissionless and permissioned — over time, and this also includes the privacy of lightweight clients that connect to these platforms as well.”
Indeed, anonymity-focused coins like Zcash, Dash (DASH) and Monero didn’t emerge until the mid-2010s, introducing a whole new level of privacy for cryptocurrency users. There are also cryptocurrency mixing services that picked up pace last year (they cloak the user’s info by creating temporary wallet addresses), although some governments are already onto them as well.
Besides, how anonymous can one really get in the digital age where data is the main currency? “Complete transparency is not necessarily an ideal place,” as Levin previously told Cointelegraph, because privacy can empower bad actors to facilitate illicit behavior like money laundering and illegal trading. Indeed, despite some privacy-related problems, blockchain remains an innovative technology with much greater yet fewer controversial use cases.