Think Bitcoin is completely anonymous? Think again. While it’s true that your name, address, or other personally identifiable information (PII) is not required to make a transaction from a Bitcoin wallet, all your wallet’s transactions are still fully traceable in a public ledger called the Blockchain. Whether you cash out at an exchange or make a purchase from a merchant, once your wallet is linked to your personal identity, your privacy is compromised.
Bitcoins and other cryptocurrencies only provide a surface level of anonymity, and it’s for this reason that things like Bitcoin ATMs, coin mixers, and privacy coins exist. In this post we’re going to focus on privacy coins, and how they keep your transactions anonymous.
What are privacy coins?
Privacy coins are simply cryptocurrencies built with anonymity in mind. While the methods of delivering anonymity vary, the goal remains the same: keep the amount of coins in your wallet hidden, untraceable, and insulated from your identity.
Before we dive into the different coins, it’s helpful to define three privacy-related metrics:
- Traceability: Transactions are recorded in a distributed ledger system called the blockchain by design. A good privacy coin will have some system that still allows you to verify the validity of transactions without revealing the transaction history and balance of an individual’s wallet.
- Fungibility: All coins are of equal value and thus completely interchangeable. Coins can’t be blacklisted based on their association with past transactions.
- Decentralization: The degree to which a coin is owned, operated, or influenced by a central authority. All nodes should be equal with no one person or entity controlling.
To be considered a privacy coin, the cryptocurrency must mask traceability in some way. While fungibility and degree of decentralization aren’t hard requirements, they can further improve a privacy coin’s ability to protect your PII.
Let’s take a look at two leading privacy coins to see how they tackle anonymity.
What is Monero? (XMR)
Monero (XMR) is a fork of the Bytecoin blockchain, the first real-world implementation of the CryptoNote application layer protocol.
The CryptoNote protocol improves on the Bitcoin protocol in a few key ways to make transactions more private, most notably:
- Ring signatures allow you to sign transactions as an anonymous member of a group. This makes outgoing transactions untraceable.
- One-time addresses derived from a user’s public key can only be redeemed by the receiver. This makes incoming transactions unlinkable, preventing people from viewing your transaction history with your public address.
- Double-spending proof ensures that nobody spends the same money twice. Every anonymous signature still contains a key image derived from a user’s secret key. The key is protected by a one-way cryptographic function that prevents the secret key from being regenerated.
Let’s look at the key features that help Monero anonymize user transactions:
- Ring Confidential Transactions (RingCT) build off of CryptoNote’s ring signature technology to also conceal the amount of a transaction. The correct amount is still verified under the hood.
- Stealth Addresses build upon CryptoNote’s one-time addresses to prevent linking any one person’s address to another’s. The underlying concept remains the same: senders generate one-time addresses based off the recipient’s public address.
Monero enforces cryptographic privacy by default. Untraceability and unlinkability on both sender and receiver side make it computationally infeasible to trace transactions to PII. Since all coins are worth the same value and are mutually interchangeable, Monero coins are truly fungible. Monero is also decentralized, with an open-source community of over 400 contributors. All Monero development decisions are transparent and open to public discussion.
What is Zcash? (ZEC)
Zcash is a privacy coin that tries to strike a balance between transparency and privacy, by providing a novel approach to masking the traceability of transactions. You can also use these transaction id to calculate your Bitcoin taxes or any other Crypto Taxes and Accounting with the help of Crypto tax service: zk-SNARK.
Short for zero-knowledge Succinct Non-Interactive Argument of Knowledge, zk-SNARKs rely on zero knowledge proofs that can prove to a recipient that the transaction was performed correctly without revealing intimate details such as the amount of a transaction or who was involved.
zk-SNARKs are slow and computationally expensive. It takes roughly 4GB of RAM for a couple of minutes to send a transaction. For this reason, privacy is optional in Zcash, with the majority of the blockchain functioning as a typical cryptocurrency.
Funds in Zcash are divided into two groups:
- Shielded accounts called z-addresses which use zk-SNARKs to mask traceability.
- Transparent accounts called t-addresses which hold normal transparent blockchain history.
Because Zcash isn’t private by default and uses this dual-address system, it’s possible to trace transactions between t-addresses and z-addresses by monitoring the inputs and outputs and inferring the transfer funds. This means Zcash is inherently not fungible and susceptible to blacklisting.
Regarding decentralization, it’s worth pointing out that Zcash (initially released in 2016), while open-source, is still run by Zerocoin Electric Coin Company, a US-based for-profit company that takes 20% of all coins mined for the first four years to be distributed to its constituents as a founders reward. The founders, investors, employees, and advisors that fall under this founders reward could potentially collectively own as much as 10% of all coins in circulation once the 21,000,000 coin cap is reached.
What can we gather from these two case studies on privacy coins? Traceability may be a fundamental part of how blockchains and cryptocurrencies work, but it isn’t mutually exclusive with anonymity. Monero takes a privacy by default approach, with additional features to enable fungibility and true decentralization as an open source project. Zcash shows the flipside, a traditional blockchain operated by a private company that allows users to opt-into privacy.
No matter which style you prefer, privacy coins show that there are many ways to mask traceability while preserving the anti-fraud benefits of the blockchain.