According to Christopher Goes, the co-founder of privacy-focused blockchain Namada, many privacy protocols have not gained traction primarily because “the user experience hasn’t been up to par.” Part of the reason for this is that existing solutions such as Zcash “often require that users use a specific asset in order to receive privacy.” Another privacy solution, Tornado Cash, offers what Goes described as “suboptimal privacy in order to maintain efficient compatibility with a legacy transparent system.”
‘Privacy Loves Company’
Meanwhile, in his written answers sent to Bitcoin.com News, the Namada co-founder stated that while privacy-preserving protocols have seemingly gained traction, this has not translated to better privacy for users. Goes explained that this may be because the “anonymity sets are currently fragmented across an ecosystem of separate tokens, applications, and platforms.”
In order to bring about an improved and better experience for users, Goes said protocols like Namada — a “proof-of-stake L1 for interchain asset-agnostic privacy” — are working on “providing a unified privacy set in which all assets can partake and all chains can connect to.” The co-founder also confirmed reports that Namada has proposed “a shielded airdrop of its NAM token to holders of Zcash and Osmosis.”
Below are Christopher Goes‘ answers to all the questions that were sent to him via Telegram.
Bitcoin.com News (BCN): Most of the blockchains out there are pseudonymous and transparent. Now there is this misconceived notion among the general public that using blockchain is anonymous and even “shady.” In your view, where does this notion come from and what needs to be done to change the perception?
Christopher Goes (CG): I don’t know all the memetic history, but I’d guess that this notion comes primarily from two factors:
First, a confusion between pseudonymity and anonymity. Identities in transparent blockchains like Bitcoin and Ethereum aren’t real names, but rather pseudonymous public keys or addresses. This may seem like sufficient privacy, but the problem is that as soon as an adversary figures out the link between an address and a real identity, they can use the transaction graph to find all the other associated addresses, transactions, and funds. Even if an adversary doesn’t know your real identity directly, they can use statistical linking techniques which take into account metadata such as timing, amounts, and fees, and crawl the internet for messages referencing an address on social media, emails, or payment providers.
Second, the network effects of surveillance technology. Bitcoin and Ethereum’s privacy models haven’t changed, but at first, they didn’t have so many users and starting a surveillance company wasn’t worth the effort – so early users might not have been de-anonymised even though they could have been. Now that these systems have lots of usage, many surveillance companies have optimised their algorithms, collected lots of data, and formed relationships with various parties who purchase their surveillance services.
I think the perception is already changing – primarily as people see surveillance in action. Now the technology must catch up, for privacy is not a feature that can be added on top but rather a part of the definition of a system itself. Privacy is the freedom to selectively reveal oneself to the world, and people want to be free.
BCN: There is no shortage of privacy-preserving protocols and solutions out there. However, what do you think is the biggest privacy problem that these protocols or solutions have not been able to solve yet and why?
CG: Personally, I think that there is a great shortage of privacy-preserving protocols. There are thousands of blockchains, smart contracts, and wallets – 99% of them aren’t privacy-preserving, and all of them should be. Transparent blockchain protocols are easier and cheaper to surveil than the existing financial system by an order of magnitude. In the long run, none of them will survive.
I think by and large privacy protocols haven’t gained traction simply because the user experience hasn’t been up to par. Privacy is hard to build well, and existing solutions often either require that users use a specific asset in order to receive privacy (such as Zcash), or offer suboptimal privacy in order to maintain efficient compatibility with a legacy transparent system (such as Tornado cash). Designing a system which avoids these tradeoffs requires control over the architecture and extensive cryptographic, distributed systems, and system design expertise, which don’t coexist in many places.
BCN: Namada, the Layer-1 blockchain you co-founded, refers to itself as “Anoma’s first fractal instance.” For our readers, can you explain what Anoma, fractal instance, and Namada are?
CG: At the risk of being pedantic, I’m not sure what it means to co-found a blockchain. I have co-founded an organisation which plans to propose a genesis block for a blockchain that we call Namada. Whether or not the blockchain starts is up to the community, not us – we only develop software and make proposals.
Anoma is an intent-centric architecture for decentralised, privacy-preserving counterparty discovery and settlement. Anoma can be used in many different specific configurations and with different security models. While everyone benefits from agreeing on a sufficiently general protocol, there is no one-size-fits-all security model, as appropriate security choices can only be made for a particular context of interaction. Specifically, we expect security domains to correspond to the real topology of commerce, which is localised – if you live in Seattle, you trade most with people in Seattle, somewhat less with people in North America, and very rarely with people in Tibet. Interactions within the context of Seattle should be settled on an instance of the protocol controlled by the people of Seattle – this is what we call a “fractal instance,” and we expect many of them to emerge, specialised to specific areas of commerce, physical localities, and circles of trust.
Namada is a sovereign proof-of-stake blockchain, using Tendermint BFT consensus, which enables multi-asset private transfers for any native or non-native asset using a multi-asset shielded pool derived from the Sapling circuit. Namada includes full IBC protocol support, a natively integrated Ethereum bridge, a modern proof-of-stake system with automatic reward compounding and cubic slashing, a stake-weighted governance signalling mechanism, and a dual proactive/retroactive public goods funding system.
Users of shielded transfers are rewarded for their contributions to the privacy set in the form of native protocol tokens. Namada does not implement the full Anoma protocol, which is still in development. Rather, it is focused on providing, supporting, and promoting privacy, now – and the design of Namada makes choices to that end. Namada is not a fractal instance focused on a specific locality (such as Seattle), but rather one focused on a shared interest and value: privacy, and the freedom for which it is required.
BCN: With the growing number of blockchains, it has become more important than ever before to enable communication and transfer of assets between different chains. What are some of the challenges in ensuring composable user privacy across different blockchain ecosystems?
CG: Privacy-preserving protocols are gaining traction, but this doesn’t necessarily lead to better privacy for users, as anonymity sets are currently fragmented across an ecosystem of separate tokens, applications, and platforms. By and large, these privacy-preserving protocols have been designed separately, without consideration as to how they would work with each other. Namada aims to unify these anonymity sets by providing a unified privacy set in which all assets can partake and all chains can connect to. Privacy loves company – the more assets, the more chains, and the more users, the more privacy for everyone.
BCN: Can you tell us how Namada works to facilitate privacy-first interchain transactions and whether it’s capable of making privacy accessible at scale? What chains does it support?
CG: Namada implements something we call the multi-asset shielded pool (MASP). The MASP is an upgrade to the Sapling circuit (originally developed by the Electric Coin Company) which adds multi-asset functionality so that different assets can be used in the same shielded pool and an observer cannot distinguish between them. The MASP treats all assets equally, so it can scale to any number of them users might like. At launch, Namada will connect to the Cosmos ecosystem through IBC and to the Ethereum ecosystem through an integrated Ethereum bridge, so any chains or assets accessible in either of those ecosystems can be sent to Namada, held privately in order to earn shielded set rewards, and transferred privately with the MASP.
BCN: Namada is reported to have recently proposed a shielded airdrop of its NAM token to holders of Zcash and Osmosis, both of which happen to be privacy-focused chains. What’s the logic behind forging closer ties with competitors?
CG: I consider Zcash, Osmosis, and other privacy-preserving chains more generally to be allies, not competitors. Either privacy-preserving systems survive or George Orwell will no longer be considered a fiction writer. We need to work together, and there will be plenty of pie to share around in the end. We’ve chosen to propose alliances with Zcash and Osmosis in particular because those two projects have contributed to essential public goods without which Namada couldn’t exist and because we have high hopes for continued collaborations in the future. More broadly, we hope to do our part to contribute to a positive-sum blockchain ecosystem, forged in a recognition of the preeminent importance of public goods and backed by economic relations of mutual credit between chains and assets.
What are your thoughts about this interview? Let us know what you think in the comments section below.