"Biggest Problem": Can the ETH L1 Enable Privacy Transfers?
Author: Wublockchain Joey
On September 23, ETH developer Tim Beiko posted that he wants private ETH L1 transfers, rather than relying on third-party apps such as Tornado Cash or L2 apps such as zkMoney, "which is the #1 problem on Ethereum I'd love to see someone come up with a solution to".
Previously, Tornado Cash was sanctioned by OFAC and zkMoney was affected by FTX. As you can see, third-party DApps are more susceptible to scrutiny and regulation by centralized institutions. In contrast, if a private transaction occurs on the ETH mainnet, the only way to stop the transaction is to not package it on the chain, which requires control of all ETH nodes, making it significantly more difficult.
So, can blocks of ETH achieve perfect privacy transfers? This question depends first on policy factors, i.e., censorship resistance, and second on technology.
Policy
The discussion of censorship resistance intensified after ETH completed the Merge. Because in the PoW era, ETH, like BTC, was a "mineral" resource, not an interest-bearing asset. But after the move to PoS, ETH can automatically generate interest, which has the property of a security, so centralized institutions like OFAC have a stronger case for censorship. But even so, the increased censorship does not mean that on-chain transactions cannot be completed.
There are two ways of censorship, the first is not to allow some non-compliant transactions to be submitted on the chain, which means that some centralized node service providers will reject your submitted transactions. However, not all nodes are controlled by regulators, and can eventually be packaged on the chain by unregulated nodes if you can be patient. Unless a node has more than 50% ETH staked, but this clearly defies the underlying logic of the blockchain, in which case ETH faces more than just the problem of being unable to resist censorship.
The second is to install censorship-enabled software on MEV relays. Previously, developer Micah proposed censorship of ETH addresses by relays operated by Flashbots at the 145th ACD meeting. However, most developers objected to this and supported the creation of non-censored relays, such as Bloxroute's proposal to create a censorship-resistant relay for verifiers. So, the end result is similar to the first case, as long as there are still validators who choose a censorship-resistant relay, it is only a matter of time before even non-compliant transactions are finally recognized.
This is why Vitalik previously stated in his Endgame article that future ETH block output will become more centralized, but the verification of blocks will remain decentralized, and users will need to compromise on censorship resistance, but not worry about security.
Technology
Privacy transfers have long been implemented on blockchains based on the UTXO model or in third-party applications, but have never been available on ETH L1, mainly due to the truism about network performance. Blockchains based on the account model require high gas consumption to implement privacy features, so ETH developers have been looking to L2 (mainly ZK technology) for this task.
In early August, Nerolation proposed a privacy solution in the community based on Vitalik's "stealth address" proposal: EIP-5564. This EIP defines a standardized way of creating stealth addresses for smart contract wallets and is therefore more suitable for account-based blockchains. According to the solution, senders of transactions/transfers to generate private stealth addresses for their recipients that only the recipient can eventually unlock. Also, no one else can link to the recipient's private address to learn their identity. Currently, the EIP is in draft form.
Another solution idea is to rely on Danksharding's crList feature, which is a censorship-resistant list where the verifier must prove that the transactions in the crList are included in the block, or the block is considered invalid. This block proponent/builder separation (PBS) scheme raises the cost of censorship, which loses significant MEV revenue for nodes that have to exclude a fraction of transactions each time. This approach does not rely on altruism and is more sustainable in terms of economics.
With current technology, ETH L1 can enable simple privacy transfers, but more complex functionality will need to wait until Danksharding technology is implemented. In addition, the biggest challenge in the future lies not in technology but in regulation. For now, complete decentralization and and resistance to censorship can only be a utopia, I'm afraid. If the blockchain ecosystem wants to develop further, it must involve traditional financial institutions and large investors, so embracing regulation is the only way forward for ETH. However, this does not mean that ETH will be completely under regulatory control. Even non-compliant transactions can eventually be recognized unless the "authority" have the ability to attack 51% of the time. This is not only based on an idealized consensus of the community, but also on an egoism that is more in line with economic laws.
Follow us
Twitter: https://twitter.com/WuBlockchain
Telegram: https://t.me/wublockchainenglish