Aleo Evolution of Privacy Series

# [[Aleo]] Evolution of Privacy Series ## Part 1 https://aleo.org/post/how-zero-knowledge-is-rebalancing-the-internet A consequence of living our lives online is the exponentially-growing amount of data we produce. This has been a major driver for better products and better services. But the power that these algorithms (and their owners) wield through feeding us the news we read, the shows we watch, and the social connections we make cannot be overstated. This trove of data produced by our online interactions has led to the creation of a new economy defined by who owns access to this data, and who does not. ==This intangible data economy is massive - larger than any commodity, including oil.== And just like oil in the early 20th century, data has grown increasingly centralized in the hands of a few companies. These data monopolies not only pose threats to data privacy and censorship. Monopolies are bad for economies. They encourage rent seeking, stifle growth, depress innovation, and harm consumer welfare. And yet, Web 2.0 companies that could be considered data monopolies can't deliver a personalized web experience. For all the capability of the algorithms that power them, today’s web applications are personalized for shadows of ourselves, not for us as unique individuals. YouTube doesn’t actually know what you like, only what you click on. The results can be frustrating, even comical. Accidentally click on an Instagram ad for a mattress once, and Facebook will assume you need a new mattress for months. And to make matters worse, this is happening without our permission and beyond our control. So the potential of the internet to provide consumers with a hyper-personalized and deeply fulfilling digital experience is far from realized. The state of the internet of today is a few monopolies that collect vast amounts of data yet fail to deliver a personalized user experience. But how can we expect to fix this without being even more liberal with the data we share? The good news is that there is a solution that does allow us to achieve both a more private and more personalized web experience: zero knowledge proofs. Subscribe How Zero Knowledge is Rebalancing the Scales of the Internet December 18, 2020 Alex Pruden The Breakdown of Data Ownership A decade ago, the extent to which we rely on the internet now would have been hard to imagine. Today, however, the majority of our economic and social activity occurs online. The benefits of this change are especially clear amid the COVID-19 pandemic. Businesses that never relied on the internet before are using it to reach new clients and customers in order to remain afloat. Families are using it to stay connected while physically-distanced over the holiday season. A consequence of living our lives online is the exponentially-growing amount of data we produce. This has been a major driver for better products and better services. But the power that these algorithms (and their owners) wield through feeding us the news we read, the shows we watch, and the social connections we make cannot be overstated. This trove of data produced by our online interactions has led to the creation of a new economy defined by who owns access to this data, and who does not. This intangible data economy is massive - larger than any commodity, including oil. And just like oil in the early 20th century, data has grown increasingly centralized in the hands of a few companies. These data monopolies not only pose threats to data privacy and censorship. Monopolies are bad for economies. They encourage rent seeking, stifle growth, depress innovation, and harm consumer welfare. And yet, Web 2.0 companies that could be considered data monopolies can't deliver a personalized web experience. For all the capability of the algorithms that power them, today’s web applications are personalized for shadows of ourselves, not for us as unique individuals. YouTube doesn’t actually know what you like, only what you click on. The results can be frustrating, even comical. Accidentally click on an Instagram ad for a mattress once, and Facebook will assume you need a new mattress for months. And to make matters worse, this is happening without our permission and beyond our control. So the potential of the internet to provide consumers with a hyper-personalized and deeply fulfilling digital experience is far from realized. The state of the internet of today is a few monopolies that collect vast amounts of data yet fail to deliver a personalized user experience. But how can we expect to fix this without being even more liberal with the data we share? The good news is that there is a solution that does allow us to achieve both a more private and more personalized web experience: zero knowledge proofs. An Evolution in Privacy - Zero Knowledge A zero knowledge proof is a cryptographic protocol where one party (the prover) proves to another party (the verifier) that something is true without revealing how it is true. For example, you could prove to someone that you are immune to COVID without revealing how you are immune (antibodies through illness or vaccine) or when you became immune. The underlying cryptography ensures that neither the verifier nor any party observing the transaction learns any information at all about why the statement is true. Yet those same parties can be convinced even if they don’t trust the prover making the claim. This sounds like magic, yet it’s all just math. In fact, it’s the same math that underlies the encryption algorithms that we rely on every day for e-commerce. But how does zero knowledge solve our original, society-wide problem? It turns out that proving the truth of something without revealing the information itself can be a powerful primitive. Zero knowledge allows us to use the internet more powerfully than we do today without leaving extractable traces of our data everywhere. Think of each of us as a “prover” and any service on the internet as a verifier: We could log in to Facebook by proving who we are without having to reveal our email, password, location, birthday, mother’s maiden name, or favorite pizza topping. We could prove our credit score qualifies us for a loan without needing to initiate a hard inquiry that would hurt our credit score. We could file insurance claims that can be reviewed, verified, and approved without needing to expose the rest of our insurance identity, which creates unethical reasons for claims to be denied. We could prove relevant facts about ourselves and our identity to any application without fear that the information could be lost, stolen, or abused. This use case in particular is increasingly relevant as we anticipate a future where much of our biological data/genetic information is used to provide personalized medical care and services. **So if zero knowledge proofs are so powerful, why aren’t they used for these applications already?** It took decades from the invention of the computer for it to be miniaturized into a PC. Similarly, zero knowledge proofs have only recently become practical. The cost of generating them is still expensive compared to the traditional way of doing things. And the reality is that very few people would accept a slower, less efficient system; even one that preserves their privacy and gives them more control over how their data is shared. However, this field has witnessed substantial advances over the past decade. In 2019, we founded Aleo to accelerate the integration of zero knowledge into the internet of the future. Aleo’s specific zero knowledge solution - known as Zexe - ensures we don’t need to accept the performance tradeoff. ## Part 2: What does Transparency Cost You? https://www.aleo.org/post/what-does-transparency-cost-you Blockchain technology was, from its inception, architected to be transparent by default. This architecture is a sharp contrast to today’s Web 2.0, defined by closed ecosystems owned by corporations that profit from information asymmetry. This asymmetry exists because these companies act as gatekeepers, collecting more data from you than you realize and monetizing that data at your expense. Public blockchains have created an open alternative to this system. Networks like Bitcoin and Ethereum are transparent by default, and all users have equal access to the data within the network. It would seem that public blockchains eliminate the unique information asymmetry that supports the current monopolies of Web 2.0. But in fact, networks that establish transparency by default create their own kind of information asymmetry that costs network participants and demands a solution that is sustainable. ### Asymmetry on Public Networks Links: [[Blockchain Extractable Value]] Transactions on a public blockchain are visible to everyone, whether they are active participants on the network or not. The fact that these networks are open prevents any single entity from monopolizing user data, as Web 2.0 monopolies do today. However, a fully transparent system opens the door to exploitation by a potentially much larger number of actors. Anyone that submits an on-chain transaction reveals their hand to everyone else in the system. This allows strangers to learn more details about our personal and commercial activities than we might be willing to share. Worse, it creates opportunities for other network participants to profit from the information we reveal through our transactions. This is not theoretical; it’s costing users money today. Consider a common use case for DeFi: trading. Critics of centralized stock brokerages (like Robinhood) claim that those entities sell the order flow to hedge funds that can then “front-run” user-submitted trades. But on Ethereum, anyone can see the order flow (either by running a node themselves or using a service). So even though the system isn’t intentionally “rigged”, it’s easy for opportunistic individuals (or bots) to capitalize on the publicly-available data on an open blockchain. This is the fundamental idea of the “Dark Forest'' problem described here. A concrete example is front running. Front-running describes a scenario in which bots scan pending transactions on Ethereum for arbitrage opportunities. For example, a bot may recognize an opportunity to profit by buying or selling just ahead of a large trade on a decentralized exchange. By offering a slightly higher gas price, these bots incentivize miners to execute their transaction before the already-pending DEX transaction. This results in a transfer of profit to the front running bot at the expense of the initial trader. Miners can also front-run, in a scenario known as Miner Extractable Value (MEV). MEV refers to the amount of profit ecosystem miners can extract from the network by reordering the mempool to execute self-benefiting transactions. For example, miners may recognize that pending transactions in a mempool include a considerable number of transactions between a token pair on a DEX. With that knowledge, miners can optimally place their trades. Because the miners are responsible for ordering transactions, they can ensure their transactions occur at the most profitable time. In short, anyone using a public blockchain network is vulnerable to opportunistic actors in the system. Decentralized networks are vastly fairer than those available through centralized alternatives. However, the examples of front-running and MEV cited above illustrate how information asymmetry still levies a cost on users in decentralized systems. With a public network, we may have removed the centralized gatekeepers. But now we find ourselves in the “dark forest” facing not one, but potentially many potential adversaries who could exploit and use our data at our expense. ### Towards a Solution: Absolute Privacy by Default A naive approach to solving this asymmetry on public networks is to hide everything and make the system fully private. But absolute privacy eliminates one of the most significant benefits of an open network: composability. In an open network defined by data transparency, smart contracts can autonomously interact with and access any on-chain information. The DeFi ecosystem, DAOs, and other composable contracts all rely on transparent access to data. Networks that establish absolute privacy by default ensure that no data can be exploited, but also preclude the creation of the incredibly powerful decentralized applications that define why crypto is revolutionary. Moreover, privacy is not binary. It exists along a spectrum, and matters more or less to different individuals and/or institutions depending on the context. Take Venmo for example. You may want to show how much money you donated to a particular charity this past year. And you probably don’t mind that the details of a payment you make to a friend of yours are visible to that friend. But you most likely would prefer not to disclose the amount of your paycheck to everyone. Similar decisions should be available to people transacting on blockchain networks. Each person should be able to toggle each transaction to tune what they want to share and what they want to conceal. Today’s blockchain ecosystem does not enable that choice. **Transparency is the default, and users cannot opt-out, let alone choose degrees of privacy. But absolute privacy by default limits the capabilities of a decentralized network. The solution exists in the middle; a network that establishes opt-out privacy by default, in which transactions are automatically fully private, but allows users to selectively decide what to make public to ensure we can still build a powerful and performant decentralized system atop the protocol.** ### Aleo: Opt-out Privacy by Default When information asymmetry exists, it costs users. While public blockchains like Bitcoin or Ethereum remove centralized rent-seekers, they do not fundamentally solve the problem of information asymmetry. Total privacy, however, weakens a killer feature of these emerging networks by preventing contract composability that enables DeFi, DAOs, and other smart contracts. The winning solution is a decentralized network defined by opt-out privacy that achieves the best of both worlds. It gives users the freedom to share whatever information they wish with whomever they wish. If no party can leverage information or access asymmetry, then no party can make self-interested and unfair decisions. And it puts the control back in the hands of the users, who can themselves decide how much or how little they want to share about themselves or interact with others. This is why we founded Aleo - to address the paradox of asymmetry on public networks by accelerating the adoption of zero-knowledge into the blockchain ecosystem. Aleo’s specific zero knowledge solution, Zexe, supports complete programmability and privacy. Just as important, Aleo provides opt-out privacy, ensuring ultimate control lies with the user, who can choose what information they wish to be public. Aleo enables network participants to interact on a public network with complete privacy without sacrificing any degree of performance or power that decentralized networks enable.