top of page

Can Blockchain Help Us Protect Our Privacy?


With the rapid development of the Internet and the advent of the big data era, people accept to bear a lot of risks associated with the convenience and speed that they enjoy. This is the era of reduced privacy. The emergence of web crawlers and “human flesh search engines” puts people's lives under various microscopes. Intrusive advertisement and harassing calls are getting overwhelming and anyone can be the victim of fraud reporting.

Faced with such issues, many people can't help but wonder: Is there a technology that can help us protect our privacy? The answer is “Yes! Blockchain can!”. In response to the blockchain privacy mechanism, we interviewed the relevant R&D staff of the InterValue team.

01

Why can blockchain technology keep our privacy?

Blockchain technology is a distributed Internet database technology. Its decentralization, de-trust, transparency and other characteristics establish P2P nodes value without relying on third-party trusted organizations.

In the traditional IT architecture, data is usually stored in a centralized server, and managers can resist various attacks by improving the defense capabilities of the central node. The data in the blockchain is stored in scattered nodes, and there is no unified manager.

The focus of privacy protection in the blockchain is to ensure the anonymity of the transaction, that is, the attacker cannot obtain the identity information of the user by analyzing the transaction data. This security requires a targeted privacy protection mechanism. Compared with the traditional centralized architecture, the blockchain mechanism does not rely on specific central nodes to process and store data. Thus, it can avoid the risk of single-point crash and data leakage of centralized servers. Therefore, blockchain technology naturally has partial security and privacy attributes.

Blockchain privacy protection has great advantages: P2P network is difficult to implement network monitoring (sending method of neighbor nodes); blockchain address is created by users and has nothing to do with user identity; decentralized architecture can effectively deal with network attacks (not Need to store accounts and passwords in the central server to avoid data leakage), can achieve identity privacy and transaction privacy. (Identity privacy refers to the relationship between user identity and blockchain address; transaction privacy refers to the knowledge behind the transaction records and transaction records stored in the blockchain.)

02

Is blockchain privacy 100% perfect?

Blockchain privacy protection is divided into three categories. The first is network layer privacy protection, the second is transaction layer privacy protection, and the third is application layer privacy protection.

Network layer privacy protection

Network layer privacy protection technology can restrict access, authorize nodes, detect and block malicious nodes. Of course, network layer privacy technology also has some shortcomings. Restricted access is only suitable for application in the alliance chain and private chain; malicious node detection and shielding is only an after-the-fact remedial measure, and the attacker can change the IP in time; the anonymous communication protocol is complicated and has loopholes.

Transaction layer privacy protection

The focus of the transaction layer protection mechanism is to prevent malicious nodes from obtaining accurate transaction data on the basis of satisfying the normal operation of the blockchain.

At present, the data distortion-based privacy protection scheme is simple to implement and is applicable to existing blockchain applications such as Bitcoin. However, the protection of such methods is limited, and analysts may still find hidden information by analyzing the correlation between transactions.

Encryption-based protection schemes can effectively deal with attacks that based on data analysis, but such methods must make significant changes to the underlying protocols and do not apply to existing blockchain applications such as Bitcoin. Such a solution usually requires more computing resources and has a bottleneck in efficiency.

Technology-based on restricted publishing can effectively reduce the amount of sensitive data and reduce the possibility of privacy leakage from the source. However, such technologies usually require modification of the underlying protocol, which is difficult to implement. In addition, this technology needs to solve the problems faced by transaction reliability and consensus mechanism by changing the characteristics of all transaction data disclosure in traditional blockchain technology.

Therefore, in the transaction layer privacy protection technology, the most important thing is the coin-rich mechanism. The core idea is to disrupt the correspondence between the sender and the receiver of the original transaction with the support of the central node or the decentralized protocol. In the end, the attacker cannot directly discover the association and amount of the transaction parties, thus making the attack method cannot be implemented.

At present, the currency mechanism in the market is mainly divided into two types: the first one is based on the central node-based hybrid mechanism, including Mixcoin technology, Blindcoin technology, Dash. The second is a decentralized coinage mechanism.

The decentralized and centralized node-based hybrid mechanism is different. The central node-based hybrid mechanism requires users who participate in the coin to first send funds to the third-party node, and then receives multiple mixed-coin users. After the funds are sent, a series of funds are allocated, and the funds of the specified amount are finally transferred to the designated collection address; the decentralized mechanism is to merge the multiple transactions into one transaction, hiding the two parties. The correspondence between input and output, and each user completes the signature independently and decentralized. Only when all the signatures are provided and merged, the transaction can be judged legally.

The advantage of the central node-based hybrid mechanism is that it is simple and easy, and does not require additional technical improvements. The disadvantages are extra charges and transaction delays. The usual delay time is 48h and the transaction cost is 1%-3%. And there may be a process in which a third party may steal funds and leak coins. The advantage of the decentralized coinage mechanism is that it can provide the anonymity of all user transactions, and solve the problem of fund theft and the cost of the money from the root cause; the disadvantage is that the third party node is required to assist in the process of finding the user of the coin, and the user is negotiating. The process may expose its own currency information, and it is impossible to guarantee that all the coin participants are trustworthy. If the coin fails due to some node violations, the attacker may take the opportunity to launch a denial of service attack. The multi-input and multi-output transactions formed by the decentralized coin mechanism will be recorded in the global ledger, and the user cannot deny that he has participated in the coin.

Application layer privacy protection

In the application aspect, a blockchain program with privacy protection technology is used, and a targeted protection method is adopted for the unused aspect. At present, the existing solutions of the application layer mainly reduce the risk of privacy leakage by improving user security awareness and ability. However, as the number of users increases, it is difficult to ensure that all users have the same security awareness and protection capabilities.

Therefore, this poses a problem. In order to reach a consensus in the distributed blockchain nodes, usually all transaction records in the blockchain must be disclosed to all nodes, which will significantly increase the risk of privacy leakage, and its digital currency application. In the analysis, the analyst can obtain the transaction rule of the user by analyzing the transaction record, and even can speculate that the identity information and location information of the user is in the financial application, and the analyst obtains all the transaction records, and can trace the transaction details of the individual account, or Analysis of macro-financial trends In the energy industry, blockchain technology is often used to achieve P2P energy exchanges, in which case blockchain transaction data may reveal sensitive information such as energy transmission.

03

How to solve the problem of blockchain privacy protection technology?

Based on these problems, the next step is to configure the on-demand network layer security protection mechanism, develop an efficient transaction privacy protection mechanism based on the new cryptographic algorithm, and strengthen the security key protection technology.

As a blockchain 4.0 infrastructure, how is InterValue privacy protected?

(1) Through anonymous transactions to achieve anonymous transactions and privacy protection, InterValue 1.0 beta to 3.0 beta draws on the privacy protection method of the cryptocurrency Monero, using a key and ring signature technology to achieve confidential transactions.

(2) InterValue 4.0 test version draws on the current Zcash anonymous protection method, adds strict design non-interactive zero-knowledge proof based on the previous version, and uses non-interactive zero-knowledge proof as an optional function to support the complete anonymity of the transaction. Resist malicious verifiers to meet the privacy protection needs of different application scenarios.

The issue of global privacy protection is constantly evolving into new changes in privacy protection technology. Whether InterValue can truly realize the privacy anonymity protection of the blockchain and provide an open and credible technical support for the digital world, we are looking forward to it.

bottom of page