Author: Antoni Zolciak, Translation: Shanooba, LianGuai
The Hypocritical Privacy Promises in the Summer DeFi Craze
When it comes to personal privacy, the promises of the DeFi summer seem hollow.
During the 2021 DeFi boom, projects flooded in, filled with trendy buzzwords like “financial privacy” and “crypto security,” setting high user expectations for an industry still in its early stages. However, once the dust settled, it became apparent that most DeFi projects’ bold privacy statements fell short of expectations. With the rise of new on-chain analysis services like Arkham Intelligence and Chainalysis, their data dashboards revealed that DeFi users’ on-chain activities were indeed traceable, further highlighting this issue.
- Opinion The Federal Reserve is unlikely to cut interest rates in the short term, but recession is inevitable, testing global risk assets.
- EVM vs Non-EVM Which is the Future Direction?
- Review | Balancer Vulnerability Analysis
Now, the DeFi industry faces increasing regulatory pressure to de-anonymize certain transactions and user data, while also dealing with a decline in user confidence in data privacy rights. But do these challenges signify the death of privacy in DeFi? We don’t think so.
DeFi Faces Regulatory Pressure and User Data Privacy Concerns
The fact is, the most pressing issue today is not criticism of the nature of DeFi itself, but criticism of its current state of development. More specifically, developers face the challenge that much of the hype is built on immature technology that has yet to meet expectations. However, the infrastructure is rapidly maturing, and the development paradigm of Web3 is shifting away from the notion that “transparency” is inevitably linked to “lack of privacy.”
When it comes to privacy in cryptocurrencies, there is a significant difference between the libertarian approach (ignoring anti-money laundering efforts and acting as one pleases) and privacy that enables new use cases in a regulated manner (as long as your funds come from legitimate sources, you can do as you please).
Fortunately, most privacy laws allow for this distinction, which is why the majority of existing regulations focus more on customer protection rather than outright opposition to “privacy.”
For example, the U.S. government supports privacy-enhancing technologies as long as they comply with current AML/CFT rules. However, when organizations use private blockchains without following these guidelines or operate services outside of current laws, they create unnecessary risks for their users.
A key to making this privacy approach practicable for regulatory agencies and acceptable to users may be decentralized data storage of user credentials, such as idOS—a GDPR-compliant identity system announced at this year’s TOKEN2049 conference. With such a solution, no single party controls a user’s credentials, while the system can verify that the user is not on any authorized sanctions list.
Rapidly maturing technologies like zero-knowledge proofs and decentralized identity systems eliminate the need (and possibility) to disclose excessive user data to any external party. At the same time, they enable regulatory agencies to confidently and swiftly identify and take action against malicious on-chain activities. Combining this storage system with privacy-enhancing DeFi applications creates a comprehensive suite of privacy transactions that also comply with AML regulations.
In summary, the builders of Web3 are listening to the voices of regulatory agencies and end users and developing more nuanced solutions to meet the needs of both extremes. There is no doubt that the entire industry has not yet met the expectations of both parties.
The Potential of DeFi Development and the Possibility of Regulatory Compliance
Fortunately, most privacy laws allow for this distinction, which is why the majority of existing regulations focus more on customer protection rather than outright opposition to “privacy.”
For example, the US government supports privacy-enhancing technologies as long as they comply with current AML/CFT rules. However, when organizations use private blockchains without following these guidelines or operate services outside of current laws, they create unnecessary risks for their users. Making this privacy approach practically viable for regulatory agencies and acceptable to users may be the key to decentralized data storage for user credentials, such as idOS, a GDPR-compliant identity system announced at this year’s TOKEN2049 conference. With such a solution, no single party controls a user’s credentials, while the system can verify that the user is not on any authorized sanction list.
Rapidly maturing technologies such as zero-knowledge proofs and decentralized identity systems eliminate the need (and possibility) to disclose excess user data to any external party. At the same time, they enable regulatory agencies to confidently identify and take action against malicious on-chain activities. Combining this storage system with privacy-enhancing DeFi applications forms a comprehensive suite of privacy transactions that also comply with AML regulations.
In summary, the builders of Web3 are listening to the voices of regulatory agencies and end users and developing more nuanced solutions to meet the needs of both extremes. There is no doubt that the entire industry has not yet met the expectations of both parties.
However, it can also be said that the modern internet has undergone a similar evolution in terms of development and regulation to DeFi. To better understand: the birth of the internet can be traced back to an academic initiative conducted by the Advanced Research Projects Agency (ARPA) in the United States, but the internet as we know it today is mainly the result of a series of informal interactions and decisions made by improvers and enthusiasts in the following years. Small experimental “testnets” and applications that were considered unimportant at the time gave rise to key internet protocols still in use today, including file transfer and TCP/IP.
During this period, the internet was essentially unregulated. It wasn’t until the mid-1990s, when the internet expanded and commercialized, that governance of the internet became a decentralized model based on informal standards and protocols voluntarily adopted by developers, with a focus on enabling network interoperability.
Regulation eventually followed, and developers made adjustments. Today, the vast majority of global financial activities take place online—a scenario that would have been unimaginable decades ago considering the chaotic origins of the internet. Despite all the challenges, there is no doubt that the internet is a force in the world: the rapidly maturing DeFi industry has the potential to have a similar impact on the financial system and other areas.
As DeFi continues to grow and mature, regulatory agencies will develop new frameworks to govern the industry, and developers will create new, responsible privacy protection technologies. That’s why builders of Web3 should recognize that today’s privacy shortcomings are a problem to be solved, not an indictment of the industry. If someone outside the industry can’t imagine a Web3 protocol that addresses regulatory privacy concerns and meets user privacy needs, it’s simply because that solution has not yet been built by insiders in the industry.
Like what you're reading? Subscribe to our top stories.
We will continue to update Gambling Chain; if you have any questions or suggestions, please contact us!
