Don’t invest unless you’re prepared to lose all the money you invest. This is a high-risk investment and you should not expect to be protected if something goes wrong. Take two minutes to learn more.
Learning outcomes:
By the end of this article, you will understand:
- The definition of a privacy coin
- The mechanics of transactional privacy
- The most popular privacy coins
- The ethical challenges of privacy coins
What is a privacy coin?
A privacy coin is a type of cryptocurrency designed to prioritise the privacy and anonymity of the user. Popular examples of privacy coins include Monero, Zcash and Dash.
Privacy coins highlight the misconception that all cryptocurrencies are anonymous when the majority are pseudonymous by default.
Though cryptocurrency transactions contain no personal information or IP addresses, their pseudonymity means the information about the sender or recipient can be inferred from analysing transaction data and patterns.
For example, a Bitcoin transaction records the following information on the blockchain:
- Transaction hash/id
- Sender and recipient address: Shown as a 34-character hexadecimal string
- Change address: If there is unspent transaction output (UTXO) it is returned to a change address
- Unix timestamp: The time the transaction was sent
- Amount: How much was sent in BTC
Here’s how that information might be used to erode your privacy.
Address re-use –Reusing the same Bitcoin address ties all your transaction behaviour to that one piece of public information. Over time, this could reveal the services you use as online registries aggregate known Bitcoin addresses.
If you add a Bitcoin address to your social media profile or blog, perhaps as a means of tipping/payment, this again creates an association. As a result, third parties could reveal your identity through your social media handle, interactions, profile or domain registration.
Common input-ownership – If a Bitcoin transaction has more than one input, there is a reasonable assumption that all inputs come from the same identity. Those additional inputs may reveal a broader picture of your transaction behaviour from one transaction.
Exchange KYC –If you send or receive a Bitcoin transaction from a centralised service which requires you to verify your identity (also known as KYC or Know Your Customer), then the exchange can tie your identity to your transactional history. Some exchanges will also ask for information about your withdrawal addresses to comply with anti-money laundering regulations.
Wallet fingerprinting – Some wallets handle transactions in a distinct way, enabling a clearer picture of your overall transaction history.
Blockchain analytics
An entire industry exists to track transactions and build intelligence about blockchain transaction paths and connections. Companies in this space sell their services to governments, law enforcement, and blockchain-based businesses.
Blockchain data platforms use bespoke tools for inferring the identity of address holders. The platforms combine blockchain transaction information with common data science techniques and in-house models.
Though blockchain analytics is primarily a means to guard against illicit activity, such as money laundering and hacking, by its nature it erodes cryptocurrency privacy.
Privacy coin designs
Since anonymity isn’t a default feature of blockchain transactions, privacy coins were designed to fill that need. They employ several design features to obfuscate or remove transaction data that compromises the privacy of the sender or recipient such as:
Ring signatures: Allow for a group of users to sign a transaction together, making it difficult to identify which user initiated the transaction.
Stealth addresses: Allow users to create unique, one-time addresses for each transaction, making it harder for outside parties to link transactions to a specific user.
Confidential transactions: Allow the transaction amount to be hidden from public view, adding an extra layer of privacy.
Coin mixing: Mixes coins from multiple users together in a way that makes it difficult to trace the original source of the coins.
Popular privacy coins
There are hundreds of privacy coins that employ a combination of privacy-enhancing design features, but their total market capitalisation and trading volume represents less than 1% of overall numbers. We’ll focus on the most used privacy coins: Monero, Zcash and Dash.
Monero (XMR)
Launched in 2014, Monero is a decentralised, open-source cryptocurrency designed for privacy by default. It uses a combination of ring signatures, stealth addresses, and confidential transactions to maximise the privacy of its transactions and make them hard to trace.
The Internal Revenue Service in the USA offered a bounty of €625,000 for anyone that could crack Monero transactions. Two contracts were awarded to Chainalysis and a Texan IT firm called Integra FEC.
Zcash (ZEC)
Zcash was launched in 2016. Based on the Bitcoin protocol, ZEC has optional privacy features built in called zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge).
Zcash users can leverage transparent addresses or the zk-SNARK feature for shielding addresses to hide the sender, receiver, and transaction amount details. The downside of zk-SNARKs is the extra computational effort makes transactions slower.
Dash (DASH)
In common with Zcash, DASH is a popular cryptocurrency that offers privacy as an optional feature rather than as standard.
DASH has a built-in coin mixing feature called PrivateSend. PrivateSend allows multiple users to mix their coins, making transactions more private and less traceable. The feature uses a modified version of a popular protocol called CoinJoin, which mixes multiple inputs and outputs. Other popular privacy wallets such as Wasabi and Samurai also use the CoinJoin protocol.
The ethics of privacy coins
The use of privacy coins divides the blockchain community. Some believe that privacy is a fundamental human right that cryptocurrencies should maximise, while others believe that privacy cannot come at the cost of protecting bad actors.
In 2018, South Korea banned the trading of privacy coins, while Japan introduced an outright ban on their use. In 2020, exchanges in Australia began delisting privacy coins.
At the same time, broader international regulations on money transfers have put pressure on privacy coins. For example, Anti-Money Laundering Directives from the EU and the international guidelines from the Financial Action Task Force (FATF), a global money laundering and terrorist financing watchdog.
Regulatory pressure on privacy coins has increased, but a blanket ban is impossible, leaving users and developers to decide which side of the fence to sit on. Some coins have reduced their privacy features; notably Dash, which was originally called Darkcoin until it rebranded in March 2015.
There is no denying that criminals prefer privacy coins. Still, illicit activity represents only a tiny proportion of crypto activity, and privacy coins have legitimate use cases. Arguing that they should be banned is like saying the internet should be shut down because it facilitates some criminal behaviour.
The battle looks set to continue, though the increasing pace of regulation and enforcement actions are creating lines in the sand. The US Treasury’s sanctioning of Tornado Cash in August 2021, a popular Ethereum mixing service, followed by an arrest in the Netherlands of one of the project’s developers, raised the stakes in the battle for the privacy of cryptocurrency transactions.
What are privacy coins? A recap
A privacy coin is a type of cryptocurrency designed to prioritise the privacy and anonymity of the user.
It is a misconception that cryptocurrencies are anonymous; most are pseudonymous by default.
Details in cryptocurrency transactions can reveal information about the sender or recipient and, potentially, their identity, especially under these circumstances:
Address re-use
Common input-ownership
Exchange KYC
Privacy coins employ some of the following features:
Ring signatures
Stealth addresses
Confidential transactions
Coin mixing