This interoperability stems from the fact that Ethereum is open source, plugs into other IT like AWS or Azure, and that it can can effectively interact with private and consortium chains due to its consistent technical infrastructure for all types of blockchain development. Enterprises can achieve more granularity of privacy with Ethereum, typically with much less complexity and maintenance overhead compared to other platforms. With the appropriate privacy and confidentiality layers, Ethereum has a number of benefits that make it the obvious choice for enterprise’s unique use cases.
Layers of Privacy with Enterprise Blockchains
Privacy and confidentiality are essential for enterprise solutions. Enterprises have a number of concerns when considering blockchain implementations:
- Access: who has permissions to read and/or write?
- Visibility: to whom are transactions broadcasted?
- Storage: how is data stored?
- Execution: who has the right to start, stop, or restart a process?
Though a “private” blockchain can provide tight access control to a consortium network, it doesn’t guarantee privacy of transactions. If a transportation company charges $100 to transport a box for Company A but $90 for Company B, they don’t want that competitive information disclosed. Moreover, a private blockchain is only as secure as the permissioning and security controls around the network. As these “private” networks gain more participants, enforcing controls around access and visibility becomes more difficult. For example, the way that Fabric ensures transaction privacy between different parties within a consortium is through the concept of channels. A channels is essentially a single protected route between two parties. This means you need a channel for each party pair and must maintain all of this infrastructure as the system evolves, making it more complicated to manage. This begs the question, are these “private” blockchains “future-proofed”––can they scale and still meet the original charter of the consortium?
Privacy should not be thought of in binary terms, but rather, as layers. There is the permissioning or credentials layer of tooling which involves who has access to information and how that is controlled and authenticated. The privacy layer on the other hand involves maintaining the confidentiality of the participants, data, and terms. Even within a single layer, there’s multiple sublayers where privacy can be kept on-chain, off-chain, and through private transactions. There are three key layers of privacy when it comes to enterprise-grade solutions:
- Privacy of participants: ensure participants remain anonymous to one another as well as to those outside of the network with on-chain cryptographic mechanisms like ring signatures, stealth addresses, mixing, or storage of private data off-chain.
- Privacy of data: keep transactions, balances, smart contracts, and other data encrypted on or off chain, with cryptographic tools like zero-knowledge proofs and zk-SNARKS, Pedersen commitments, or off-chain privacy layers like TEEs.
- Privacy of terms: keep terms of contracts between two parties private with range proofs or Pedersen commitments.
The fact is, private blockchains do not give you privacy by default. There is a distinction between permissioned networks and private transaction managers. Really, the only privacy that private blockchains do provide by default are that the participants and contracts cannot be viewed by non-participants. Rather, privacy layers must be built on any blockchain and can be built into both public and private chains, or, with a combination of the two (such as Ethereum and Quorum).
Layer 2 of the EEA client specification V2
Private Transactions on the Ethereum Blockchain
There are many options in the Ethereum ecosystem that are available today or are actively being developed to provide various layers of privacy. On ConsenSys Quorum, private information is never broadcast to network participants. Private data is encrypted and only shared directly with relevant parties. Privacy layers are also being actively developed for public and permissioned Ethereum such as zk-SNARKS and zero-knowledge proofs that hide transaction attributes like balances, as well as ring signatures and hashes that provide layers of privacy for participants, data, and/or terms. Finally, off-chain solutions in conjunction with Ethereum present an opportunity to store private data and perform high-throughput transactions.
Project Ubin: Shielded Public Transactions vs. Private Channels
Let’s take a look at the difference between shielded public transactions and private channels for private data. Shielded public transactions are transactions that are validated by the whole network but typically the amount and potentially the asset type are shielded. A great example of this is Project Ubin, a collaborative Ethereum project that ConsenSys participated in with the Monetary Authority of Singapore to create an interbank payment network. In Project Ubin, a consortium of financial institutions used zero-knowledge proofs to enable the transfer of digital assets on a distributed ledger without revealing information about the balances or transaction amounts.
Another recent example is Project Khokha, which ConsenSys and Adhara, a ConsenSys venture, ran with the South African Reserve Bank. In Project Khokha, ConsenSys and the Adhara team used Pedersen commitments and Folklore range proofs to process the typical daily volume of payments for the SARB with full confidentiality and finality in less than two hours. These commitment schemes proved to be much quicker to validate than the zero-knowledge proofs.