Busting the Myth of Private Blockchains

Enterprises looking to harness the power of blockchain technology often think in binary terms of private and public chains. Some believe that “public” blockchains lack the privacy and confidentiality capabilities of “private” blockchains. Private blockchains today, however, don’t guarantee privacy in all the ways enterprises actually understand privacy. The big myth is that “private” blockchains maintain privacy while “public” blockchains cannot. Importantly, enterprises often confuse “private” blockchains with “permissioned” blockchains with private transaction managers. Permissioning includes who has access and control, while privacy denotes shielded transaction data.

It’s important to understand that there are three types of blockchains: Public, Private, and Consortium.

Public blockchains

Designed to securely cut out the middleman in any exchange of asset scenario.

• Pros: built-in economic incentives, flexibility, interoperability, and completely removes the need for a middleman.
• Cons: throughput can be a challenge.

Private blockchains

Lets the middleman back in, to a certain extent.

• Pros: allows for greater efficiency and transactions are completed faster.
• Cons: does not offer the same decentralized security as its public counterpart. Missing the incentive layers inherent to blockchain technology with inflexible architecture.

Consortium blockchains

Permissioned, partly private and semi-decentralized.

• Pros: provides efficiency and transaction privacy without consolidating power with one company.
• Cons: traditional centralized system with a degree of cryptographic auditability attached.

In reality, privacy is not a property of any blockchain. Rather, there are layers of privacy that can be applied to any blockchain, even public chains, allowing for private or “shielded” transactions on a public blockchain. This allows companies to benefit from the decentralized security of a public blockchainwhile concealing private information.

Toward a Public-First Approach

Ethereum’s interoperable design provides a lot of flexibility as the most advanced, flexible, and production-ready blockchain platform. Ethereum enables interoperability — first, with its public mainnet, gearing each Enterprise Ethereum solution with global reach, extreme resilience, and high integrity, and second, interoperability with other open-source blockchain projects, allowing for future adaptation and expansion of existing solutions.

This interoperability stems from the fact that Ethereum is open source, plugs into other IT like AWS or Azure, and that it can can effectively interact with private and consortium chains due to its consistent technical infrastructure for all types of blockchain development. Enterprises can achieve more granularity of privacy with Ethereum, typically with much less complexity and maintenance overhead compared to other platforms. With the appropriate privacy and confidentiality layers, Ethereum has a number of benefits that make it the obvious choice for enterprise’s unique use cases.

Layers of Privacy with Enterprise Blockchains

Privacy and confidentiality are essential for enterprise solutions. Enterprises have a number of concerns when considering blockchain implementations:

• Access: who has permissions to read and/or write?
• Visibility: to whom are transactions broadcasted?
• Storage: how is data stored?
• Execution: who has the right to start, stop, or restart a process?

Though a “private” blockchain can provide tight access control to a consortium network, it doesn’t guarantee privacy of transactions. If a transportation company charges $100 to transport a box for Company A but $90 for Company B, they don’t want that competitive information disclosed. Moreover, a private blockchain is only as secure as the permissioning and security controls around the network. As these “private” networks gain more participants, enforcing controls around access and visibility becomes more difficult. For example, the way that Fabric ensures transaction privacy between different parties within a consortium is through the concept of channels. A channels is essentially a single protected route between two parties. This means you need a channel for each party pair and must maintain all of this infrastructure as the system evolves, making it more complicated to manage. This begs the question, are these “private” blockchains “future-proofed”––can they scale and still meet the original charter of the consortium?

Privacy should not be thought of in binary terms, but rather, as layers. There is the permissioning or credentials layer of tooling which involves who has access to information and how that is controlled and authenticated. The privacy layer on the other hand involves maintaining the confidentiality of the participants, data, and terms. Even within a single layer, there’s multiple sublayers where privacy can be kept on-chain, off-chain, and through private transactions. There are three key layers of privacy when it comes to enterprise-grade solutions:

• Privacy of participants: ensure participants remain anonymous to one another as well as to those outside of the network with on-chain cryptographic mechanisms like ring signatures, stealth addresses, mixing, or storage of private data off-chain.
• Privacy of data: keep transactions, balances, smart contracts, and other data encrypted on or off chain, with cryptographic tools like zero-knowledge proofs and zk-SNARKS, Pedersen commitments, or off-chain privacy layers like TEEs.
• Privacy of terms: keep terms of contracts between two parties private with range proofs or Pedersen commitments.

The fact is, private blockchains do not give you privacy by default. There is a distinction between permissioned networks and private transaction managers. Really, the only privacy that private blockchains do provide by default are that the participants and contracts cannot be viewed by non-participants. Rather, privacy layers must be built on any blockchain and can be built into both public and private chains, or, with a combination of the two (such as Ethereum and Quorum).

Layer 2 of the EEA client specification V2

Private Transactions on the Ethereum Blockchain

There are many options in the Ethereum ecosystem that are available today or are actively being developed to provide various layers of privacy. On ConsenSys Quorum, private information is never broadcast to network participants. Private data is encrypted and only shared directly with relevant parties. Privacy layers are also being actively developed for public and permissioned Ethereum such as zk-SNARKS and zero-knowledge proofs that hide transaction attributes like balances, as well as ring signatures and hashes that provide layers of privacy for participants, data, and/or terms. Finally, off-chain solutions in conjunction with Ethereum present an opportunity to store private data and perform high-throughput transactions.

Project Ubin: Shielded Public Transactions vs. Private Channels

Let’s take a look at the difference between shielded public transactions and private channels for private data. Shielded public transactions are transactions that are validated by the whole network but typically the amount and potentially the asset type are shielded. A great example of this is Project Ubin, a collaborative Ethereum project that ConsenSys participated in with the Monetary Authority of Singapore to create an interbank payment network. In Project Ubin, a consortium of financial institutions used zero-knowledge proofs to enable the transfer of digital assets on a distributed ledger without revealing information about the balances or transaction amounts.

Project Khokha: Pedersen Commitments

Another recent example is Project Khokha, which ConsenSys and Adhara, a ConsenSys venture, ran with the South African Reserve Bank. In Project Khokha, ConsenSys and the Adhara team used Pedersen commitments and Folklore range proofs to process the typical daily volume of payments for the SARB with full confidentiality and finality in less than two hours. These commitment schemes proved to be much quicker to validate than the zero-knowledge proofs.

With Project Khokha, Adhara has been exploring substituting range proofs with bullet proofs, which are much smaller and quicker to validate. Very simply, instead of writing the balances and the transaction amounts in the clear as in a normal ERC20 contract, nodes write a proof or a Pedersen commitment of the balance. Pedersen commitments are also additively homomorphic, which means that for a balance update, network participants can validate that the correct update has happened without knowing the opening balance, the closing balance, or the transfer amount.

Public-First + Privacy Layers = Future-Proof

Business networks need resilience, interoperability, permissioning, and privacy to succeed. These requirements, however, are out of scope for proprietary distributed ledgers, let alone traditional database technologies. The Ethereum blockchain’s granular privacy layers and public-first approach make it a powerful enterprise solution for organizations that need the flexibility of an in-house platform and that want the global reach to participate in economies of scale.