Navigating Privacy: Understanding Anonymity and Confidentiality in Web3

COTI

Published in

COTI

6 min readApr 16, 2024

TLDR

Enshrined in the Universal Declaration on Human Rights, privacy is a fundamental human right afforded to each and every person on the planet. As a human right, privacy is crucial for ensuring freedom of association, thought, expression, and protection against discrimination.
In our day to day lives, we can expect a certain level of privacy. However, if we want to do things like engage in business or seek medical treatment, we are required to identify ourselves or reveal certain information.
For this reason, it makes sense to further define two concepts within privacy: anonymity and confidentiality. While anonymity includes the hiding of one’s identity and actions, confidentiality aims to selectively share information only with those authorized to view it.
Anonymity in Web 3 has traditionally been met with negative regulatory enforcement as it eventually becomes a hotbed for bad actors and illegal money laundering.
Confidentiality, on the other hand, has become a cornerstone of the traditional systems within Web 2, enjoying regulatory clarity and widespread adoption as a result.
COTI V2 brings confidentiality to the blockchain, enabling exciting new use cases in machine learning, on-chain elections, the potential elimination of MEV and so much more.

More than just a convenience, privacy is a human right recognized and protected by the United Nations Human RIghts Commission. Within privacy, there exists a certain degree of nuance, especially around what information is considered private and who is entitled to see it.

In this article, we’ll explore the difference between “anonymity” and “confidentiality”, and find out how each of these privacy concepts apply in the fast-evolving Web3 landscape.

Let’s dive in.

What is Anonymity?

In most classical definitions, anonymity refers to the complete masking of an individual’s identity. This means that an individual can act, speak or transact without anyone knowing who was involved.

Do We Have the Right to be Anonymous?

Anonymity as a right depends on the situation. In commerce, people have the right to pay with cash, preventing vendors from aggregating data about them. There are methods to send anonymous messages, make anonymous charitable donations and anonymously report illegal activity to the authorities.

However, despite the protection it affords, complete anonymity can act as a barrier in society. Without a verified identity, individuals are restricted from accessing necessary services (e.g. healthcare, utilities, driver’s license etc). Anonymity has also been traditionally used by criminals and those wishing to subvert the surveillance of authorities for nefarious purposes. For these reasons, true anonymity isn’t compatible with most services, institutions, and their regulations.

Take the example of TornadoCash; a decentralized protocol offering transactional anonymity on the Ethereum blockchain. Functioning as a “mixer”, TornadoCash allowed users to deposit several types of cryptocurrency into a shared pool, before receiving a transaction key in return. Users could then later input the key to withdraw crypto from the pool into a different wallet.

TornadoCash’s promise of true anonymity faced significant regulatory pushback, with authorities citing concerns over illicit finance, money laundering, and the financing of terrorism. This led to sanctions, arrests, and the eventual shutdown of the platform altogether.

Similar outcomes have followed other privacy-preserving crypto projects including ZCash, Monero, Decred and many others. These privacy-first coins have faced outright bans in many parts of the world. Regardless of the intentions of the service, anonymity will always be a target for regulatory action.

What is Confidentiality?

Confidentiality is the selective withholding of private information from unauthorized access. It explains what information can be viewed and who has permission to access it.

Do We Have the Right of Confidentiality?

Generally speaking, individuals have the right to keep certain information about themselves out of public view. In many cases, such as medical and financial information, the right to confidentiality is actually protected by law. However, in some circumstances, this information is required by professionals for a variety of reasons. Confidentiality allows you to consent to having specific information accessed by qualified or eligible third-parties (doctor, accountant, lawyer etc).

As a service, confidentiality inspires trust from users. Banks, medical providers and other financial institutions wouldn’t have nearly as many customers if they didn’t safeguard their personal and sensitive information.

But even more than that, confidentiality is a regulatory requirement in a lot of circumstances. To be compliant, many organizations need to be able to prove that they not only protect user information from data breaches, but also make fair and appropriate use of the data.

Anonymity vs Confidentiality on the Blockchain

Echoing the sentiments of Chris Dixon from a16z, it’s a popular misconception that blockchains enable secrecy and anonymity. In fact, Blockchains are so public by default that their innate transparency could actually slow adoption. People may not use blockchains if they fear doing so will expose sensitive information, such as salaries, medical bills, or payment history.

In other words, sensitive data on a public blockchain is a bug, not a feature.

In order to protect sensitive information on the blockchain, you essentially have two options: anonymity or confidentiality.

Anonymity focuses on shielding the identities of participants, ensuring transactions can occur without revealing who is conducting them, often through mechanisms like pseudonymous addresses or advanced cryptographic methods. Confidentiality, conversely, safeguards the content of transactions, ensuring that sensitive data within a transaction is accessible only to authorized parties.

With true anonymity on the blockchain proving itself to be incompatible with the majority of regulators, it’s clear that the only path forward is to introduce the same confidentiality features that we already enjoy within Web2. With blockchain confidentiality, you have a system that has the security, robustness, and the decentralization of blockchain, while also being able to seamlessly integrate and interact with the traditional financial systems of the world

Even beyond regulatory compliance and securing private information, blockchain confidentiality also plays a critical role in safeguarding individual autonomy. One prevalent example is the exploitation known as Maximal Extractable Value (MEV), where malicious actors leverage the transparency of public blockchains to their advantage. They scan incoming transactions, identify legitimate trades, and insert their own before them. This front-running manipulation alters the asset price for the unaware parties, allowing the malicious actors to profit once the transaction completes. This exploitative practice thrives solely on the full visibility of pending transactions on the blockchain. Confidential transactions, however, disrupt this dynamic by obscuring their details. This eliminates the ability to frontrun legitimate trades for illicit gain, potentially rendering MEV losses a relic of the past.

With blockchain confidentiality, everything we already have in Web 3 gets an additional layer of security with some exciting new capabilities. This includes Artificial Intelligence/Machine Learning (AI/ML) models that can be trained on sensitive data without compromising the anonymity of individuals, dynamic decentralized identity solutions and confidential DeFi. On-chain elections can also be held in which vote numbers are visible but who you voted for isn’t. These elections can also be audited and verified without leaking any private information. With COTI V2, data confidentiality can be extended to protect a whole range of different private information types. Everything from sensitive medical records to criminal history and financial data.

While anonymity on the blockchain has potential benefits in certain circumstances, regulatory compliance just isn’t compatible with that type of privacy feature. COTI V2 introduces a robust and innovative version of transactional confidentiality, based on Garbled Circuits.

From mainstream adoption and regulatory compliance to integration with the traditional systems of the world, confidentiality on the blockchain is the final piece of the puzzle.

For all of our updates and to join the conversation, be sure to check out our channels:

Website: https://coti.io/

X: https://twitter.com/COTInetwork

YouTube: https://www.youtube.com/channel/UCl-2YzhaPnouvBtotKuM4DA

Telegram: https://t.me/COTInetwork

Discord: https://discord.gg/9tq6CP6XrT

GitHub: https://github.com/coti-io