Confidential

Jakub Rehor, CFA Chief Investment Officer [email protected] telegram: LucyLabs007

Privacy Coins

Every engineering design involves tradeoffs. There are no perfect solutions in software. Programmers and designers must choose which features they will prioritize and which they will downplay. This is the case for too. During its evolution, developers valued certain features higher than others, opening the door for other alternatives that make different choices.

Privacy protection, while important as one of the core values of Bitcoin creators and early adopters, has not been emphasized in recent Bitcoin development. More attention has been given to scaling issues, fast propagation of transactions across the network, promoting decentralization, and fixing security vulnerabilities. The Bitcoin roadmap does make reference to adding privacy features in the future, but in the short term, the situation is unlikely to change.

We believe that the low priority given to privacy by most cryptocurrency development teams creates a need for anonymity that privacy coins, such as , , and , are able to fill. However, each privacy coin has adopted different technology to create anonymity on its . In the end, as in all economies, a combination of the market and regulators will decide which coins/technologies will ultimately be adopted at scale.

The Problem: Bitcoin Misses the Mark on Privacy

The original Bitcoin whitepaper recognized the need for anonymity in a financial system and attempted to achieve that goal through randomly generated wallet addresses.

The traditional banking model achieves a level of privacy by limiting access to information to the parties involved and the trusted third party. The necessity to announce all transactions publicly precludes this method, but privacy can still be maintained by breaking the flow of information in another place: by keeping public keys anonymous.

Bitcoin Whitepaper

However, Bitcoin has failed to achieve its goal of user privacy. Advances in analytical techniques and processing power now enable cutting edge researchers to track and estimate the provenance of in circulation. Over time, these techniques will become more common and widespread. Already, at least two commercial products (Chainalysis and Bitfury Crystal) are being offered to law enforcement agencies and private customers who want to follow the transaction history of suspicious activities or other parties of interest. Once the chain of transactions touches a well-known address (such as a publicly advertised donation wallet) or passes through an entity whose records can be accessed or subpoenaed, real-life identities can be associated with the transactions. A recent example of this work came from the investigation and subsequent capture

Downloaded from www.hvst.com by IP address 192.168.176.10 on 10/01/2021 of the operator of the BTC-e exchange, who was involved in the Mt. Gox hack and tried to launder stolen coins through his exchange.

Why Privacy Matters

1. Blockchain Surveillance

While the ability to obfuscate identities on privacy coin such as Monero have been demonized in some circles as mere cover for criminal activity, financial transaction anonymity is a fundamental human right and a necessity for a competitive economy to thrive. Legitimate use cases for privacy are numerous, including the need for businesses to protect pricing and turnover information, to protect payroll information, and to restrict the ability of verifiers from censoring transactions on the blockchain – just to name a few. A world where financial transactions are open to unlimited scrutiny by anyone would be a dystopian nightmare.

The danger of deanonymization of Bitcoin transactions became evident quickly after its 2009 release, and by 2012 the crypto community was working to develop anonymity solutions. These solutions were crude in the beginning. The first solution came in the form of coin mixers or tumblers, which group multiple transactions together in a way that makes it difficult to associate senders with recipients. Coin mixers have not really caught on: using them remains difficult and the clear majority of Bitcoin transactions avoids them. That makes traffic analysis of coin mixers easier because there are fewer senders and receivers to track. Advances in metadata analysis also continuously threaten to unmask past transactions.

2. Fungibility

Privacy is also connected to the concept of fungibility in the crypto world. Interestingly, where low-tech paper currency easily retains fungibility, the technological advances associated with the public blockchain are a step backwards.

Paper currency is fungible by law: all banknotes have the same status and the banknotes are freely interchangeable. A vendor cannot refuse to accept dollar bills because they have been associated with a bank robbery or a drug deal five years ago. Real property, however, doesn’t have this protection. If you buy a stolen bike from someone who bought it from someone who bought it from someone who stole it, the rightful owner can claim the bike from you, even if you didn’t know of its provenance and paid market value for it.

Cryptocurrencies can have their transaction history traced and are considered property (at least in the United States). They lack the attribute of fungibility and are vulnerable to being reclaimed by an original owner if stolen, or to being confiscated by authorities if they violated any regulations in any jurisdiction anywhere in the world. This lends itself to a two- tiered system. Freshly mined coins with a brief history could become more valuable than coins that have been circulating longer and that may have been used for illegal purposes

2 Downloaded from www.hvst.com by IP address 192.168.176.10 on 10/01/2021 at some point (such as trading on an exchange not licensed in a particular jurisdiction). Ironically, the decentralized, public nature of the Bitcoin blockchain technology could create a situation where Bitcoin as property lacks fungibility.

The fungibility concerns are theoretical for now and may be completely solved by legislation declaring cryptocurrency to be a legal form of payment (such as Germany has done) but they remain open – and privacy coins provide a technological solution to the fungibility problem.

The Solution: Privacy Coins

Since 2014, several alternative coins have been created to specifically address Bitcoin’s privacy shortcomings. Lucy Labs is now publishing research reports on three leading privacy coins: Dash, Monero, and Zcash. Dash and Zcash rank among top 20 coins by trading volume, and Monero in the top 50. All of these coins offer the option of better anonymity than Bitcoin (Monero has this by default for all transactions) but they take different individual approaches towards this goal.

Dash, the first of these coins, was launched under the name Darkcoin. It built coin mixers into the protocol by creating a class of nodes, called master nodes, that were compensated for providing mixing services. Users can, for an additional transaction fee, keep selected transactions private. With time, the team reduced their emphasis on privacy (symbolized by rebranding Darkcoin to Dash) and focused on other services that master nodes could provide: instant payment confirmations and blockchain governance rights. Dash is now aiming to become widely accepted among traditional merchants for payment processing. Its privacy features, however, remain operational and are the easiest to use among the leading privacy coins, even if they are used in less than 10% of all Dash transactions.

Monero was also launched in 2014, with more uncompromising attitudes towards privacy. All transactions on the Monero blockchain are required to be private. While mandatory privacy transactions make the coin less flexible than other privacy coins, it does make the coin more effective in protecting users than “opt-in” coins such as Zcash. Monero has adopted ring signatures as their primary privacy technology and the development team continues to strengthen the anonymity features of the entire Monero network. At the same time, the Monero team has indicated little interest in making Monero more compatible with the objectives of law enforcement officials and regulators.

Zcash launched in 2016 and features zkSNARKS, a form of zero knowledge proofs, to create private, or “shielded” accounts. zkSNARKS are generally recognized as a leading-edge technology in comparison to Monero’s ring signatures because zkSNARKS hide a transaction among all previous privacy transactions rather than just the current 7 transactions in the Monero algorithm.

Zcash is opt-in privacy and users can create either shielded addresses or transparent addresses. This allows users to choose whether a transaction will be fully shielded, partially shielded or completely transparent. Most users have chosen not to shield transactions. Over 85% of Zcash

3 Downloaded from www.hvst.com by IP address 192.168.176.10 on 10/01/2021 transactions are not shielded and less than 1% of transactions are fully shielded. At face value, the data seems to support the notion that privacy is not yet highly valued by the crypto community. However, another explanation for the low privacy utilization rate in Zcash may be that more wallets offer transparent Zcash addresses than private Zcash addresses.

Providing users with privacy does result in tradeoffs for developers. Ring signatures, zkSNARKS and other privacy technologies expand the data associated with any single transaction, making transaction confirmation times and network scaling a significant issue for both coins. Future breakthroughs, or at least significant additional progress in chip processing power, are a prerequisite for privacy coins to become ubiquitous transaction currencies.

Conclusion: Privacy is Here to Stay, but the Winner Remains to be Determined

Despite scaling issues, we believe that all three privacy coins highlighted in our reports (Dash, Monero, and Zcash) have demonstrated staying power, technological differentiation, community engagement, usage growth, and development roadmaps that will keep them viable for years to come.

The biggest threat is governmental or regulatory efforts to reduce financial privacy. Zcash is likely to co-operate most willingly with regulators; their attitude made it possible for them to be the first privacy coin approved by New York Department of Financial Services for listing on a New York-based regulated exchange, . At the other end of the spectrum is Monero which strives to provide maximum privacy at any cost.

We believe that privacy coins will eventually be fully accepted by financial regulators and law enforcement once they realize that their control of the on-ramps and off-ramps between the traditional payment systems and cryptocurrencies gives them the tools they need to fulfill their responsibilities. In the meantime, however, there will be overreactions such as the recent Japanese ban on all privacy coins.

As for which privacy technology will eventually prove most successful, that is a decision determined by the market under eventual regulatory guidance. In the world of hundreds of crypto assets with questionable backgrounds and technological differentiation, including a recent proliferation of privacy coins, the privacy coins profiled in our report stand out as legitimate instruments worthy of consideration by investors. Ultimately, privacy will matter.

4 Downloaded from www.hvst.com by IP address 192.168.176.10 on 10/01/2021 Disclaimer

Lucy Labs, Inc. is a crypto-currency merchant bank, publishing information about markets, industries, sectors and investments in which it believes subscribers may be interested. The information in this article is not intended to be personalized recommendations to buy, hold or sell investments. Lucy Labs, Inc. is not permitted to offer personalized trading or investment advice to subscribers. The information, statements, views and opinions included in this publication are based on sources (both internal and external sources) considered to be reliable, but no representation or warranty, express or implied, is made as to their accuracy, completeness or correctness. Such information, statements, views and opinions are expressed as of the date of publication, are subject to change without further notice and do not constitute a solicitation for the purchase or sale of any investment referenced in the publication. Readers should do their own research before trading in any investments referenced herein. Investing in crypto-currencies is highly speculative and may carry a high degree of risk. Readers may sustain significant losses in these securities.

Advisors to Lucy Labs, Inc. serve as investment advisers to clients, including limited partnerships and other pooled investment vehicles. The affiliates may give advice and take action with respect to their clients that differs fromthe information, statements, views and opinions included in this publication. Nothing herein or in the subscription agreement shall limit or restrict the right of affiliates of Lucy Labs, Inc. to perform investment management or advisory services for any other persons or entities. Furthermore, nothing herein or in any subsequent agreement between Lucy Labs, Inc. and the readers shall limit or restrict advisors to or affiliates of Lucy Labs, Inc. from buying, selling or trading securities or crypto-currencies for their own accounts or for the accounts of their clients. Advisors to or affiliates of Lucy Labs, Inc. may at any time have, acquire, increase, decrease or dispose of the securities or crypto-currencies referenced in this publication.

Lucy Labs, Inc. shall have no obligation to recommend securities or crypto currency investments in this publication as result of its affiliates’ investment activities for their own accounts or for the accounts of their clients.

If you have received this communication in error, please notify us immediately by electronic mail or telephone. This disclaimer applies to all versions of publications for Lucy Labs, Inc.

Copyright 2018 Lucy Labs, Inc. Lucy Labs, Inc. is a service mark of Lucy Labs, Inc.

5 Downloaded from www.hvst.com by IP address 192.168.176.10 on 10/01/2021