Privacy DeFi : Realism VS Idealism

The actual problem with current privacy solutions is that honest people who just want to make privacy transactions are treated in the same way as criminals.

Privacy pools aims to allow legitimate users to maintain their privacy while isolating illicit funds for regulatory scrutiny.

Privacy pools could potentially ease the tension between the fundamental principles of blockchain (privacy and anonymity) and regulatory concerns about financial crimes.

The speakers argue that privacy is a human right and that users should not be forced to disclose their transactions publicly. They compare this to the privacy of traditional bank accounts, which are not public by default.

However, the idea of privacy pools has faced criticism from some quarters of the blockchain community. The critics suggest that this resistance may stem from a belief that everyone should be forced to associate with all transactions, regardless of their nature.

The speakers, however, argue that given the choice, they would prefer not to associate with illicit funds, such as those from hackers or terrorist organizations. This, they suggest, requires building better compliance systems into these privacy tools.

Privacy Pools design(4:15)

• The protocol does not have any centralized access or admin keys, and it does not collect any information
• Users decide who they are willing to associate with, and the services that provide those lists collect data, not one central group.

This could create a better atmosphere for institutions like hedge funds and banks to participate in DeFi by ensuring that they are not commingling assets with unknown parties.

Furthermore, the speakers suggest that there could be an intersection between blockchain and traditional finance, with traditional banks potentially using privacy pools to protect their customers' privacy

Some examples :

• A privacy pool could obfuscate which specific exchange a user has a relationship with, preventing someone from trying to obtain their data by bribing an exchange
• Banks, especially those in Switzerland, could use privacy pools to participate in DeFi without revealing their competitive edge.

Anti-Money Laundering Methods are outdated(8:05)

The current methods of Anti-Money Laundering (AML) and Know Your Customer (KYC) procedures used by governments and companies like Finsan are becoming outdated. For example, people are generating AI wallet IDs, making it harder to track and verify identities

The focus is shifting from knowing who you are to ensuring that your money isn't illicit.

One such alternative to privacy pools is what Oxbow is doing. Oxbow has a compliance solution called Oxpo. It monitors all deposits and decides whether they're acceptable to join the association set. This set includes all users who withdraw and are part of that association.

In the future, these new systems could potentially replace KYC to some extent. The important thing is not necessarily knowing your name but ensuring that you're not a sanctioned individual, a North Korean, or someone intending to do harm.

Weaknesses of Privacy Pools (9:55)

However, privacy pools have their weaknesses :

• The original privacy pools demo required users to manually exclude other deposits, which isn't a scalable solution.
• These systems also require data analytics roles to monitor and create lists, which might not be accessible to everyone in the future
• There are time delays when someone deposits before they're added to the association set. This delay allows for retroactive tracing of funds to ensure that illicit funds aren't allowed into the system.

Despite these challenges, efforts are being made to improve these systems and address their gaps.

Defending against malicious actors (11:15)

One of the challenges with privacy pools is preventing malicious actors from being included in the association set.

To address this, the system needs to have internal checks and balances, like having multiple stakeholders with transparency into the decision-making process can help mitigate personal attacks.

Furthermore, implementing social consensus could be beneficial. If a user is part of multiple association sets, they can attest to their peers within those sets, adding a degree of hardness to their identity and associating them with being one of the good actors.

Oxbow is currently working on being the first association set provider, vetting lists to ensure that no sanctioned entities, hackers, or other bad actors are present within the association set. They plan on scaling their operations and providing more tools that allow other users to create their own association sets.

Regulatooors 13:20)

Educating regulators and governments about privacy pools and their benefits is crucial. Many are unaware of the compliance opportunities these systems offer.

For example, privacy pools allow users to publicly dissociate from illicit funds, something that traditional banks can't provide. While progress has been made in educating some regulators, it's an ongoing process.

The hope is to gain their support and recognition of the benefits they offer. As the technology continues to develop, it could significantly change the way we approach privacy and compliance in the financial sector.