Welcome to another issue of Secrets of Privacy where we discuss personal privacy related topics and provide practical tips to immediately boost your personal privacy.

If you’re reading this but haven’t yet signed up, join the growing Secrets of Privacy community for free and get our newsletter delivered to your inbox by subscribing here 👇

It’s becoming harder and less convenient to maintain personal privacy in day-to-day financial transactions. Modern tech makes nearly every financial transaction traceable and easy to scrutinize. Younger generations are all in on social financial apps like Venmo that publicize your individual financial transactions (crazy if you ask us). At the same time, cash is being phased out at a seemingly increased speed.

Cryptocurrencies have introduced a new dimension to personal finance that is only beginning to have an impact. In fact, cryptocurrency offers the potential to combine the benefits of innovative fintech products with the privacy and comfort of old-fashioned fiat cash. But mainstream crypto is not private by default, which led to the creation of a unique subset of crypto – privacy coins.

A full exploration of cryptocurrency is beyond the scope of this post, though we will hit on the high notes. Our primary focus is on providing a beginner’s guide and overview for the specialized world of privacy coins.

Cryptocurrency: A Brief Overview

If you’re a crypto OG, feel free to skip this section.

Cryptocurrencies are digital or virtual currencies that use cryptography for security and operate on a technology called blockchain. Most mainstream cryptocurrencies, such as Bitcoin and Ethereum, operate on public blockchains, recording all transactions in a transparent and immutable manner. This decentralized technology is spread across many computers that manage and record transactions.

The allure of cryptocurrencies, particularly Bitcoin and Ethereum, lies in their potential to facilitate secure and transparent transactions without the need for traditional financial intermediaries. However, the very transparency that makes blockchain technology revolutionary also raises privacy concerns.

A common misconception among newcomers to the world of cryptocurrency is the belief that all cryptocurrency transactions are private and anonymous by default. The reality of cryptocurrency is that it’s transparent and only offers pseudo-anonymity. This misunderstanding can lead to a false sense of security and potential privacy risks if one is not aware of the actual privacy features (or lack thereof) of different cryptocurrencies.

The transparency of public blockchains is a double-edged sword. It ensures integrity and trust in the system by allowing anyone to verify transactions. However, it also means that anyone, including marketers, data analysts, and even malicious actors, can potentially scrutinize the flow of funds. While public addresses do not directly reveal the identity of the users, transactions can be traced, and patterns can be analyzed.

With enough determination, resources and basic information, it's possible to link transactions to real-world identities, compromising users' privacy. In fact, that’s exactly what happened to Mark Cuban a few years back (source).

Furthermore, a cottage industry of private sector companies has emerged to trace blockchain transactions. The major players are Chainanalysis, TRM Labs, Elliptic and Ciphertrace. If just one crypto transaction can be traced back to a fiat on/off ramp (such as Coinbase), virtually all of one's non-privacy coin activity can be identified and attributed via the KYC (know your customer) information from the exchange.

The Emergence of Privacy Coins 

In response to the privacy concerns with mainstream crypto, developers created a new class of cryptocurrencies known as privacy coins. The first privacy coins went live in 2014.

Privacy coins are designed to protect users' anonymity and transaction details. These coins make it significantly more challenging, if not impossible, to trace activities back to real-world identities.  Unlike more traditional cryptocurrencies like Bitcoin or Ethereum, which have public blockchains where transaction details can be traced, privacy coins use various cryptographic techniques to obfuscate the transaction details, including the identities of the parties involved and the amounts transferred. For this reason, crypto holders in general sometimes use privacy coins as a conduit to tunnel crypto assets through, thereby reducing traceability.

It's important to recognize that the privacy offered by these specialized coins is not an intrinsic feature of all cryptocurrencies. Choosing to use a privacy coin is a decision that should be made with a clear understanding of its implications, the specific use case it addresses and the regulatory risks, which are greater than even mainstream crypto.

Privacy Coins – How They Work

Put simply, privacy coins closely mimic the discretion afforded by cash transactions but in the digital realm. By concealing the details of transactions (similar to cash), they ensure that information such as the sender, receiver, amount transferred and purpose remain confidential and untraceable. Said differently, the transaction history linked to a public address is exclusively accessible to the individual who possesses the corresponding private key.

Privacy coins generally fit in one of two buckets:

1. Privacy by default - no user action is needed to activate the privacy features

2. Privacy as an option – users can choose to make a transaction private or public

Common methods used by privacy coins to maintain anonymity include:

1. Stealth Addresses

2. Ring Signatures

3. Zero-Knowledge Proofs

These technologies help privacy coins achieve a higher level of anonymity and security compared to traditional cryptocurrencies, protecting users' financial privacy on the blockchain.  Here are the most common methods explained in greater detail.

Stealth Addresses

Stealth addresses are a technique used to ensure the anonymity of the receiver in a crypto transaction. When someone sends funds to a recipient using a stealth address, they are essentially creating a one-time address for that transaction. This process involves cryptographic techniques where the sender generates a random one-time address based on the recipient's public address. The recipient can then use their private key to scan the blockchain and claim funds sent to these one-time addresses. This method ensures that transactions to the recipient cannot be linked to the sender’s public address or to each other, maintaining the privacy of the recipient.

Ring Signatures

Ring signatures add another layer of privacy by obfuscating the sender's identity. This cryptographic technique combines the sender's digital signature with a group of other users' signatures, making it impossible to determine which member of the group initiated the transaction. When a transaction is signed, it's mixed with other transaction signatures in a way that ensures the actual sender is indistinguishable from the others in the "ring." This process does not require the cooperation of the other users whose signatures are included in the ring, preserving the sender's privacy while maintaining the integrity of the transaction.

Zero-Knowledge Proofs (ZKPs)

Zero-knowledge proofs are a method by which one party (the prover) can prove to another party (the verifier) that they know a value x, without conveying any information apart from the fact that they know the value x. In the context of privacy coins, ZKPs, particularly zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge), allow for the verification of transactions without revealing any sensitive information about the transactions themselves. This means that the validity of a transaction (that it is not double-spent, for example) can be confirmed without disclosing the transaction's sender, receiver, or amount, thereby ensuring complete privacy.

Privacy Coin Use Cases

The mainstream debate around privacy coins often focuses on their potential for misuse, particularly unlawful activity. However, privacy coins do have legitimate and beneficial use cases. Privacy coins are not solely tools for illicit or shady activities; they offer critical privacy protections for a range of lawful and ethical purposes.

Here's a look at some genuine use cases for privacy coins:

Financial Privacy and Autonomy

Privacy coins offer individuals the ability to maintain financial privacy, akin to the privacy one expects when using cash. Just as not every cash transaction is illicit, not every use of privacy coins is for illegal purposes. They provide an option for individuals who wish to keep their financial affairs private, away from the prying eyes of marketers, data aggregators, or even potential hackers. How would you feel if every time you purchased an item, the seller can see how much money you have in your bank account?  Not very good if you value your privacy!

Protection Against Financial Surveillance

In some regions, individuals face significant risks of financial surveillance, censorship, and control by oppressive regimes. Privacy coins can offer a lifeline by enabling citizens to bypass state-controlled financial systems, safeguarding their assets and facilitating low cost and private economic transactions.

Safe Haven for Whistleblowers and Activists

Whistleblowers and activists often operate in environments where financial privacy is crucial for personal safety and the success of their efforts. Privacy coins allow these individuals to receive donations and support their activities without exposing their identities or the identities of their supporters, providing a critical tool for free expression and social change.

Secure and Private Business Transactions

Businesses that handle sensitive transactions or operate in industries requiring high levels of confidentiality can benefit from privacy coins. They enable companies to negotiate deals and conduct business without exposing transaction details to competitors or the public.

Share

Mitigating Risk of Price Discrimination

Price discrimination based on purchasing history is a limited, but growing concern. By anonymizing transactions, privacy coins can help prevent companies from using purchase history to target individuals with higher prices for goods and services. This is a risk that will grow as AI becomes more sophisticated and effective.

Top Privacy Coins

Here's a closer look at some of the leading privacy coins based on market cap:

Monero ($XMR)

Monero is a leading privacy coin known for its emphasis on anonymity and security. Launched in April 2014, Monero utilizes sophisticated cryptographic techniques to ensure that transactions are confidential and untraceable. At its core, Monero employs ring signatures to mix the digital signatures of transactions, stealth addresses to create one-time addresses for each transaction, and RingCT (Ring Confidential Transactions) to hide the transaction amounts. These features collectively safeguard the privacy of both the sender and recipient, making Monero transactions highly resistant to blockchain analysis and surveillance. Unlike many cryptocurrencies where privacy is optional or limited, Monero provides privacy by default, making it a preferred choice for users seeking to protect their financial transactions from prying eyes.

Zcash ($ZEC)

Zcash is a privacy-focused cryptocurrency that offers users the option of conducting shielded transactions, which fully encrypt transaction details to ensure they remain confidential. Launched in October 2016, Zcash is based on the Zerocash protocol and utilizes a groundbreaking cryptographic method known as zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Arguments of Knowledge). This allows the network to maintain a secure ledger of balances without disclosing the parties or amounts involved in transactions. Zcash offers users the choice between transparent transactions, which operate similarly to Bitcoin and are visible on the blockchain, and shielded transactions, which provide complete privacy. Zcash's dual transaction mode caters to a broad user base, offering a potential balance between transparency for regulatory compliance and privacy for those who need it.

Dash ($DASH)

Dash is a cryptocurrency that originally focused on privacy and speed but has evolved to emphasize more on being a medium for daily transactions. Launched in January 2014 as XCoin, and later rebranded to Darkcoin before settling on Dash, it introduced features like InstantSend for fast transactions and PrivateSend, an optional coin-mixing service that enhances user privacy by obfuscating the origins of funds. While Dash's privacy features are not as inherently strong as those of Monero or Zcash, the coin aims to provide a balance between transactional privacy and speed. Dash operates on a unique two-tier network structure that uses both miners (for block creation) and masternodes (for governance and special transaction processing), facilitating quick and private transactions. Over time, Dash has positioned itself as a digital currency suitable for everyday transactions, aiming to improve financial freedom and accessibility worldwide

Decred ($DCR)

Decred is a unique cryptocurrency that combines elements of governance with privacy features, positioning itself as a community-driven and secure digital currency. Launched in February 2016, Decred employs a hybrid consensus system that integrates both Proof of Work (PoW) and Proof of Stake (PoS) mechanisms, aiming to balance security, fairness, and self-governance. While Decred's main focus is on creating a decentralized governance model where stakeholders have a significant say in the decision-making process, it also offers privacy features to protect users' financial transactions. These privacy enhancements are implemented through mixing techniques, which anonymize transactions by blending them with others, thus providing users with greater discretion over their financial activities.

The Government Stance on Privacy Coins

Privacy coins, while celebrated for their ability to protect user privacy, often find themselves under the scrutiny of governments and regulatory bodies worldwide. This concern stems from the perceived potential for misuse of these technologies. Understanding why governments may be wary of privacy coins is crucial for a comprehensive grasp of the privacy cryptocurrency landscape.

Concerns Over Illicit Activities

The most prominent concern revolves around the potential use of privacy coins for illicit activities. The enhanced privacy features that make transactions untraceable and anonymous can theoretically be exploited for money laundering, tax evasion, and financing illegal activities.

However, the law firm Perkins Coie concluded in a 2020 report that while privacy coins pose an inherent money laundering risk, the risk is comparable to that of other cryptocurrencies and even cash. The same report found that 90% of the crypto wallets used on dark web markets and forums were Bitcoin wallets while major privacy coins such as Dash, Monero and Zcash accounted for only 0.3%. The obvious takeaway is that privacy coins are not the first choice of bad actors and the primary use case of privacy coins is for legitimate privacy protections.

Regulatory and Compliance Challenges

Another critical issue is the difficulty in enforcing regulatory compliance and oversight. Financial institutions are often required to perform Know Your Customer (KYC) and Anti-Money Laundering (AML) checks to prevent financial crimes. Privacy coins, by their very nature, make it difficult for these institutions to track the flow of funds and identify parties involved in transactions. This lack of transparency challenges existing regulatory frameworks and complicates compliance efforts.

National Security Concerns

From a national security perspective, the difficulty or even inability to monitor transactions is problematic. Governments and law enforcement agencies rely on financial intelligence to prevent and investigate crimes, including terrorism financing and international criminal networks. Privacy coins can potentially obscure the financial trails for these investigations, impeding national security efforts.

Anonymizing Standard Crypto Transactions

As noted earlier, non-privacy focused coins are only pseudonymous. For that reason, there’s been a lot of effort to try and anonymize crypto transactions, with varying success.

Mixing services, also known as tumblers, are one of the more common methods used to obfuscate the trail of cryptocurrency transactions. These services pool together funds from multiple users and then redistribute them, breaking the direct link between the sender's and recipient's addresses. Some mixers even stagger the distribution into chunks over time to further increase opacity. This makes it difficult to trace the origin and destination of the funds. However, the trustworthiness of the mixing service is crucial, as users must temporarily relinquish control of their coins to the service, introducing counterparty risk.

Arguably the most well known tumbler type service is Tornado Cash, a decentralized, non-custodial privacy solution built on the Ethereum blockchain. It uses smart contracts to enable private transactions by breaking the on-chain link between source and destination addresses. This is achieved through the creation of a privacy pool where users can deposit and withdraw funds.

Here's how Tornado Cash (generally) works:

1. Deposit: A user deposits a certain amount of Ethereum or Ethereum-based tokens into the Tornado Cash smart contract. In return, the user receives a private note (essentially a secret claim code).

2. Anonymity Pool: The deposited funds are mixed with others in the anonymity pool, obscuring the link between the deposited and withdrawn amounts.

3. Withdrawal: At a later time, the user (or someone in possession of the private note) can withdraw the deposited amount to a different address. Because of the mixing process, it is significantly more challenging to trace the connection between the deposit and withdrawal addresses.

The use of Tornado Cash and similar privacy tools has been controversial, to say the least. They have been scrutinized for potential misuse in money laundering, tax evasion, and other alleged illegal activities due to the anonymity they provide. As a result, Tornado Cash has faced regulatory actions, including being sanctioned by the United States Treasury Department's Office of Foreign Assets Control (OFAC) in August 2022. It’s now illegal for US citizens to receive or send money through the service and a number of Tornado Cash developers have been arrested on allegations of various financial crimes.

Outlook for Privacy Coins

For our more experienced crypto readers, you’re well aware that we’re in the beginning of a new crypto bull run (how early is up for debate). In each crypto cycle, certain types of “narratives” are front and center. For this cycle, expected narratives are AI, GameFi, and DePINs. We have yet to find a non-privacy coin focused commentator place privacy coins in their list of top narratives for this cycle.

And that’s probably for good reason. While privacy coins have value and may ultimately have broader adoption and utility, they are high-risk in an already high risk sector.

Japan has outright banned privacy coins. South Korea has banned exchanges from listing privacy coins. Even outside those two countries, major crypto exchanges will no longer list Monero or have recently delisted it. Zcash still retains some mainstream credibility, but we’ll see if that lasts.

Exchange delisting poses a particular risk to users that acquire crypto and privacy coins for investment purposes. If you’re holding a significant amount of a particular privacy coin and the coin gets delisted from an exchange where it enjoyed high volume, the price is likely to crash or be highly volatile due to lack of an observable market price.

Wrap Up

Privacy coins address a fundamental need for financial privacy in the digital age. They offer individuals the ability to conduct transactions without exposing sensitive financial information or linking their identity to their financial activities. This is particularly crucial in regions where financial privacy is a matter of personal safety or political freedom.

However, the use of privacy coins is not without risk. Their perceived potential for misuse in illicit activities has drawn scrutiny from regulators and law enforcement agencies worldwide. If you choose to dabble in this niche area of crypto, it’s essential to stay informed and consider all the risks.  We’ll periodically provide updates on this space, particularly throughout the current crypto bull run as interest in crypto and privacy coins picks up.

Disclaimer: None of the above is to be deemed legal or financial advice of any kind. And this post is for informational purposes only and is not intended for use in furtherance of any unlawful activity.

• Check out our Personal Privacy Stack here.

• Learn about disposable/anonymous/temporary email addresses here.

• If you have a LinkedIn profile, you’ll want to read this.

• Proton is running a limited time promotion right now on their core offerings like Proton VPN and Proton Mail. Up to 50% off select packages for the Secrets of Privacy community.

• Start removing your personal information from Google, data broker and people search sites today. Set up an account, pay a monthly/annual fee and forget about it - super easy, and an enormous time saver. Get started right away with DeleteMe here or PrivacyBee here.