Studying the mechanism of Privacy Pools, a novel open-source fork of cryptocurrency mixer Tornado Cash, top Ethereum (ETH) researchers demonstrated a concept that can be helpful in finding "practical equilibrium" between being untraceability and regulatory compliance.
ZK proofs can bring regulatory compliance to private Ethereum (ETH) transfers, new thesis says
With zero-knowledge proofs (ZK-proofs, or ZKPs), a "separating equilibrium" between honest and dishonest users can be established on Ethereum-based networks. Using ZK-proofs removes the need to deobfuscate the details of transactions in order to confirm that it is not associated with addresses involved in illicit activities.
Such a concept was revealed by Ethereum (ETH) founder Vitalik Buterin, Privacy Pools' Ameen Soleimani, Chainanalysis' Jacob Illum and Uni Basel researchers Matthias Nadler and Fabian Schär, in their fresh paper Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium.
Per the proposal, Ethereum (ETH) users can simply publish ZK-proofs to verify that their funds did not come from knowingly unlawful sources of cryptocurrency.
To do so, through a cryptography mechanism, the user just needs to proof and encrypt the verified fact of being associated or not with the set of deposits:
It allows for membership proofs (“I prove that my withdrawal comes from one of these deposits”) or exclusion proofs (“I prove that my withdrawal does not come from one of these deposits”).
However, in some implementations, this mechanism can reveal more information about the transactions in question, the authors added.
Prove your honesty without showing transactions history
In collaboration with law enforcers, the implementation of this mechanism can significantly advance the level of regulatory compliance of Ethereum-based dApps, including decentralized exchanges (DEXes) and lending protocols.
Also, this instrument would allow honest users to disassociate themselves from third-party deposits they do not agree with or might otherwise prevent them from using their funds in a regulated environment.
However, the regulators will still be in charge of creating "black lists" of addresses considered illicit in this or that jurisdiction.