Cryptocurrency is super secure, but far from private

On April Fool’s Day, I managed to trick 20 readers and friends from all over London, as well as from places like Chelmsford, Reading, and as far as Bristol, into a private club next to Wembley Stadium. To everyone’s surprise, an author really did show up from Hong Kong with a stack of books to sell, babbling on for four hours. 

Here’s a snippet from that day’s event, now shared publicly for everyone’s enjoyment.


During a week in London, I was twice denied the ability to pay with cash at cafes. One of those times was at Caffè Nero, where the clerk simply pointed to a “cashless” sign and gave me a look that was more than a little disdainful. Running into snooty service is part of everyday life and didn’t ruin my mood, but I was both surprised and disappointed that a country which prides itself on diversity and human rights would fail to protect the right of its people to use cash.

I get the context of the pandemic, where there was a push to reduce physical contact and avoid cash to limit spread; and I’m well aware that with technology, almost everyone has at least one form of electronic payment. However, now that the pandemic is over, failing to accommodate those few who only deal in cash and overlooking the need for citizens to protect their privacy by using cash, calling electronic payment widespread does not alone signify progress. If that were the case, Mainland China would be at least a decade ahead of the UK. Ironically, while dining at Wong Kei in Chinatown, I was reminded that they only accept cash, although their reasoning certainly wasn’t the diner’s privacy.

Cryptocurrency: Not So Private After All

When it comes to privacy, many believe that using cryptocurrencies ensures it; however, this is a misconception. In reality, mainstream cryptocurrencies are among the least private payment mediums available. Using them can easily broadcast transaction details to the entire world.

Many blockchain-related terms can be confusing or even misleading, such as “wallet” and “decentralized”. But due to common usage, I often stick with them — otherwise, no one would understand what I’m talking about, no matter how precise the terminology. However, I insist on translating “cryptocurrency” literally and avoid the mainstream term “encrypted currency” to prevent reinforcing the false notion that cryptocurrency transactions are encrypted or highly private. In fact, cryptocurrency transactions are not encrypted, with few exceptions like Monero and Zcash, which are typically referred to as privacy coins and are heavily targeted by regulatory bodies.

What does “encryption” mean? For instance, if Alice sends a note to her friend Carol through Bob in class, Alice and Carol might agree on a rule, such as writing ‘a’ as ‘b’ and ‘b’ as ‘c’, and so on. Bob, who does not know this rule and intercepts the note, wouldn’t understand the meaning of “jmpwfv.” This is encryption. I often recommend the only instant messaging app I use, Signal, which employs full end-to-end encryption (ee2e), preventing conversations from being intercepted and decrypted. Of course, real encryption algorithms are much more complex than simply writing ‘a’ as ‘b’, a kind of “spy kids” encryption, and the field that studies various encryption and decryption algorithms is called cryptography.

Data transfer can be encrypted, so can asset transfer. It’s all just data after all. While it’s true that both data and asset transfers can be encrypted once digitized, there’s a common misconception about cryptocurrencies — that they are encrypted because they use cryptography. However, cryptocurrency transactions themselves are not encrypted; cryptography is used in the signing process. When transferring cryptocurrency, the principle of signing is similar to signing a check, but it uses a private key instead of handwriting to prove authenticity. Only the holder of the private key can encrypt the corresponding ciphertext, thereby confirming the signature as genuine.

So where does the illusion of privacy in cryptocurrency come from? Firstly, cryptocurrency wallet addresses offer pseudonymity — they appear as a jumble of codes that don’t reveal the owner’s identity, unlike in banking systems where accounts are directly linked to individuals. So, even if you know one address sent 2 ETH to another, you can’t directly see that the parties involved are Alice and Bob. However, if Alice and Bob continuously use the same wallet addresses, it becomes easy to deduce their identities and potentially uncover all related parties. This is why the use of cryptocurrencies for payments offers less privacy than traditional payment methods. The real privacy isn’t found in high-tech cryptocurrencies but in the most traditional form of money — cash. This is the wisdom of Chinatown.

xkcd

Privacy and Security: Two Distinct Concepts

Another reason cryptocurrencies are mistakenly believed to be private is that privacy and security are often conflated, even though they are distinct concepts.

 It’s best to have both privacy and security, while having neither is the worst scenario. However, having only one of the two can be counterintuitive. Let me illustrate with an exaggerated example to help clarify. Publicly, it’s quite easy to know about Li Ka-shing’s wealth and residence, which means his privacy is even lower than that of the average person in Ngau Tau Kok. However, knowing this doesn’t mean you can steal his assets or break into his home; his wealth is very secure. Conversely, high privacy does not guarantee security; for example, if you park your bike randomly on the street, even if the whole world doesn’t know where it’s parked, it’s still likely to be stolen.

In the digital world, whether a product or algorithm is secure typically refers to whether it has vulnerabilities that can be exploited. In the context of cryptocurrency, this means whether a third party can fake a signature to steal assets or whether the ledger itself can be altered. By this measure, mainstream cryptocurrencies are very secure, despite incidents like the 51% attack on Ethereum Classic. Most cryptocurrencies have never been hacked and are generally considered very secure.

As for whether cryptocurrencies are private, this pertains to whether the details of transactions, the identities of the parties involved, and the balances of individual wallets are kept confidential. Unfortunately, despite ongoing efforts by developers to enhance privacy through technologies like zero-knowledge proofs, the privacy protection offered by cryptocurrencies is still very limited at the moment.

I’m delving into the nuances of privacy and security to clarify these often-conflated concepts, which can be tangled and difficult to improve if misunderstood. Although having both security and privacy is ideal, the reality is that often isn’t our choice. For instance, many people freely share details of their lives on social media, thus voluntarily relinquishing privacy. I’m not suggesting that sharing is inherently wrong; humans are social beings with a need to connect, especially activists and advocates who might need to trade some privacy to gain wider acceptance and visibility.

It’s crucial to note, while I emphasize that privacy and security are distinct concepts, the absence of privacy undeniably increases risk. Therefore, we should continue to prioritize privacy and avoid unnecessary disclosure of personal information. The Ledger Stax, with its large e-ink screen that flaunts NFT avatars, serves as a prime example of what not to do. No matter how secure it is, if you parade your NFTs on a hardware wallet, you’re inviting trouble. Even if thieves can’t hack the device, what’s to stop them from coercing you to unlock it?

I’m uncertain if the designers of the Ledger Stax — essentially a “nouveau riche” hardware wallet — are naive, but it’s evident they must think their users are.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *