Dangers of Ethereum Privacy (90 % slash)

2 years ago, I explained that Ethereum should not increase privacy due to risks of prosecution by governments, resulting in a huge loss of value of Ethers.

This year, there is a new push by some members for anonymous transactions, stealth addresses, ….

If such changes are implemented, it would be only a matter of time until Ethereum developers and executives are prosecuted :

  1. By the European Union, who prohibits anonymity in the crypto asset industry. The Regulation (EU) 2024/1624 implemented on 31 May 2024 by the European Parliament and Concil states :

(160) The anonymity of crypto-assets exposes them to risks of misuse for criminal purposes. Anonymous crypto-asset accounts, as well as other anonymising instruments, do not allow the traceability of crypto-asset transfers, and make it difficult to identify linked transactions that might raise suspicion or to apply an adequate level of customer due diligence. In order to ensure effective application of AML/CFT requirements to crypto-assets, it is necessary to prohibit the provision and the custody of anonymous crypto-asset accounts or accounts allowing for the anonymisation or the increased obfuscation of transactions by crypto-asset service providers, including through anonymity-enhancing coins.

Many articles have been published about this matter, for example : EU to ban anonymous crypto accounts and privacy coins by 2027

  1. By various governments, following the recommendations of the FATF / GAFI :

Virtual assets use innovative technology to swiftly transfer value around the world and have many potential benefits, including making payments faster and cheaper. But the anonymity associated with them also attracts criminals, who have used virtual assets to launder proceeds from a range of offences such as the drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking.
In response, the FATF report will help national authorities detect whether virtual assets are being used for criminal activity. Based on more than 100 case studies collected by members of the FATF Global Network, it highlights the most important red flag indicators that could suggest criminal behaviour. Key indicators in this report focus on:
Technological features that increase anonymity - such as the use of peer-to-peer exchanges websites, mixing or tumbling services or anonymity-enhanced cryptocurrencies

Most developed countries are members of FATF / GAFI and follow its recommendations, including :

Argentina, Australia, Austria, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany
Greece, Hong Kong, China, Iceland, India, Indonesia, Ireland, Israel, Italy, Japan, Korea, Luxembourg, Malaysia, Mexico, Netherlands, New Zealand, Norway, Portugal, Russian Federation, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, Türkiye, United Kingdom, United States

  1. By The United States :

the U.S. has previously cracked down on privacy coins in other ways, with the Internal Revenue Service handing out contracts worth more than $1 million to fund attempts to break the anonymity of the leading privacy coin, monero.
And in June 2018, the Secret Service asked Congress for legislation targeting privacy coins, Forbes reported.

In case of a large scale prosecution by several governments against Ethereum developers and executives on this basis, the result on the value of Ethers would be disastrous : 90 % slash or more.

Every person holding some Ethers should understand this situation and behave accordingly.

As I explained 2 years ago :

It’s better for L1 Ethereum to stay public the way it is, like an accounting book recording carefully every transaction.

No anonymous transactions and stealth addresses should be implemented on L1 Ethereum.

As a conclusion, here are a few things to bear in mind :

  • more and more governments face huge deficits, and are desperate to prevent capital flight, especially in crypto
  • what would be the public image of Ethereum if “stealth addresses” were used for illegal arms smuggling (including nuclear and biological), fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking ?
  • the financial situation of most people around the world is becoming more and more difficult due to inflation, trade wars, job losses due to AI and robotization …
  • governments and big medias are looking for people and organizations to blame
  • the current pro-crypto US administration won’t last forever
  • the share of public employees compared to the total workforce have been increasing during the past years and decades : more regulators means more prosecutions
  • there are currently more than 1.3 million lawyers in the United States
  • Changpeng Zhao has been jailed, Pavel Durov has been arrested
  • there won’t be any magical immunity in case governments prosecute Ethereum developers and executives for implementing anonymising instruments enabling drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking
  • there is currently no need to increase privacy in Ethereum L1, no need to choose such a risky path.
2 Likes

My friend, If you try to understand regulators, you’re going to waste a wonderful time. It is true that you have to understand and try to reach a fair and reasonable agreement with these people, but I assure you (as a European) that they are very lost.

You’re mentioning EU (2024/1624), I could mention TFR (2023/1113) and AMLR (2024/1624) and others stupid laws that don’t understand nothing. This April the EDPB has released new directives prohibiting the NON-ANONYMIZATION of data (CEPD 02/2025). After a winning in the Tornado Cash case, I choose to believe.

Other posts appeared trying to stop the EIP-7702 for something similar. Ethereum SHOULD promise privacy because crypto is just THAT. Another debate is whether to default or not…

2 Likes

There is no win in the Tornado Cash case.

The judgment of the Court of appeal can be seen here.

This judgment clearly criticizes mixers like Tornado Cash :

mixers are also “go-to tool[s] for cybercriminals” seeking to launder stolen cryptocurrency. Nearly a quarter of funds sent to mixers in 2022 were tied to money laundering efforts. Most relevant to this case, North Korea, through one of its cybercriminal organizations known as the Lazarus Group, has hacked and stolen just shy of one billion dollars’ worth of cryptocurrency. And all of that dirty money needed to be laundered before it could be cashed out for traditional (and far more liquid) fiat currencies. So North Korean hackers turned to mixers. More than 65 percent of North Korea’s dirty crypto went through mixers in 2021, “up from 42 percent in 2020 and 21 percent in 2019.” And how does North Korea use this laundered money? To fund its weapons of mass destruction and ballistic missile programs.

OFAC blacklisted Tornado Cash for its role in laundering virtual currency for malicious cyber actors—for example, a North Korea-linked hacking group that used Tornado Cash to launder the proceeds of cybercrimes.

The judgment just said that given the current regulatory framework, OFAC had no authority to blacklist Tornado Cash :

when we consider OFAC’s regulatory definitions, the immutable smart contracts are not property because they are not ownable, not contracts, and not services

This temporary relief is only due to the fact that the current regulatory framework is not yet adapted to the crypto and DEFI environment. It’s a matter of a few years until the regulatory framework is adapted.

The long term trend, followed by most countries for decades, is to reduce the scope of anonymous transactions to fight offences such as the drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking.

You mention the Guidelines CEPD 02/2025 :

where the storing of personal data is justified on the basis of consent, the personal data must be deleted or rendered anonymous if that consent is withdrawn. Restrictions on data subjects’ rights are possible only to the extent described in Article 23 GDPR. Examples may include cases where blockchain solutions are implemented for anti-money-laundering requirements

This text is clear and non-contradictory : anti-money-laundering rules are prevailing.

You suggest that trying to understand regulators is a waste of time. The truth is that ignoring regulations is an even bigger waste of time. Don’t you think Changpeng Zhao, Pavel Durov, John McAfee and many others have lost a lot of time in legal battles just because they ignored regulations ?

What I’m saying is that trying to understand people that determines nonsenses like CEPD 02/2025, §4.3, 63:

When deletion has not been taken into account by design, this may require deleting the whole blockchain.

is a waste of time, yes. Or do you think we could just delete Ethereum or Bitcoin whenever we want?

Institutions are just trying to scare the sheeps without thinking that they themselves launder assets without the need for blockchain networks.

I think Ethereum should be neutral, remember that from a legal point of view, many countries have recognized privacy as a fundamental right.

In addition, one of the problems why Ethereum’s social layer is being destroyed is how little innovation on a technology made by and for privacy (cryptography) is allowed to developers in some parts of the world.

European Union CEPD 02/2025, 63 is part of §4.3 Processing of personal data.

The guidance of the EU regarding personal data is that it should only be kept to a certain extent (principle of purpose limitation), except in specific cases, for example anti-money laundering requirements.

These rules have been implemented progressively over the years, with a big step in 2016 : GDPR : General Data Protection Regulation (Regulation (EU) 2016/679).

These rules apply to all economic sectors, and were not designed with the blockchain industry in mind.

Since immutability is an important principle in blockchains, it is very likely that blockchains does not strictly comply with GDPR.

But :

  • this is a minor breach of regulation, compared to anti-money laundering rules. It’s a matter of not erasing past data, it’s not a major offense such as implementing anonymising instruments enabling drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking

  • blockchains could argue that they keep only a limited amount of information, and that this information is useful to comply with anti-money-laundering requirements

  • blockchains could also argue that they are doing some sort of notarization, or traceability, and that keeping the information unaltered is legitimate

At the end of the day, regulators cannot erase blockchains, because these blockchains are spread all over the world on computers and internet.

But they can do a lot of damages by prosecuting developers and executives, especially if anti-money laundering rules are breached.

Most developed countries are members of FATF / GAFI and follow its recommendations. They all agree to fight anonymising instruments enabling drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, …

That’s why it would be a very risky path for Ethereum to implement anonymous transactions and stealth addresses.

That’s why it would be a very risky path for Ethereum to implement anonymous transactions and stealth addresses.

You are showing that you don’t know how it works this. I’m stepping out.

I think it’s a valid concern. In the case of Monero, the developers were not prosecuted (at least to my knowledge), but Monero was delisted from all major exchanges, making it extremely difficult to buy.

It’s harder to prosecute a network as opposed to a dApp, since the latter typically has a website. (I believe Tornado Cash was an easy target because it had a website.)

It might make sense to find a reasonable compromise, where the information remains private, but the network can respond to court requests for decryption from reasonably democratic governments. There could be a vote on whether to comply with such requests.

Personally, I think that in cases where there is clear evidence of a crime, decryption would be warranted, and people would vote yes.

In theory, you are right, it would be possible to find a reasonable compromise, where the information remains private, but the network can respond to court requests for decryption.

But in fact, it’s much better for Ethereum to stay public the way it is, like an accounting book recording carefully every transaction.

Here are a few reasons :

  • in case this solution is implemented, Ethereum Foundation would have to hire administrative staff to receive and process orders form courts, regulators, … And it won’t be small. A large part of the employees of crypto exchanges companies are dedicated to compliance. And they have to produce many reports, statistics, …

  • how would Ethereum Foundation finance a compliance service of 50 to 100+ high paid employees ? Most likely by creating Ethers through inflation, or by collecting fees. It would be a tax on every Ethereum transaction

  • who would be hired in this large compliance service ? Most likely people knowing the regulations. In big companies, compliance employees are discussing with regulators, and are often former regulators. They often have incentives to implement more and more regulations.

  • at the end of the day, in many companies, banks, … compliance services become more and more powerful, and sometimes take control of the organizations. This is the end of innovation, and employees just follow regulations all day long until the company collapses after a few years or decades

  • what would happen if some vote of users were against the will of the compliance service ? It would just be a call for more government regulations

  • the current situation, were all transactions are public, is a great chance for Ethereum, because it gives the opportunity to limit the numbers of employees dedicated to compliance. If some regulators want information, they just have to look at the blockchain

  • the stealth addresses would have to be linked to people, in order to be able to comply with orders. This is not a small change. Ethereum currently uses addresses, but with such a change, Ethereum would use people accounts.

  • in my opinion, as soon as an organization uses people accounts where value is stored, it’s not possible to avoid all the regulation about banking, financial transactions, electronic money …

  • so there is a risk that Ethereum just becomes a financial institution, over-regulated, with little innovation

  • it would be smarter to let L2 layers do this job : if some L2 layers want to implement privacy, they would just have to hire their compliance service and make users pay a premium

  • in my opinion, implementing anonymous and stealth addresses would degrade the quality of Ethereum L1 ledger, who is today public and comprehensive from the first day, making it a reference ledger

Hey Michael,

I understand your points.

The problem is that a public blockchain without privacy has very limited use beyond what already exists. 99% of Web2 cannot be moved to Web3 without privacy.

Ethereum has been somewhat stuck over the last couple of years, while Solana picked up most of the junk coins. You have Uniswap, USDC, and a small number of NFTs that survived the crash. There are also junk games like click-to-earn that do more harm than good.

Essentially, you either avoid the government, fight the government, or find an imperfect compromise. The third option is pretty much the only realistic path to get people to use Web3 without risking jail. Introduce imperfect privacy—but good enough for most people. This would match Web2, Web2 also has imperfect privacy.

1 Like

In case there is no other choice to have an identity check to make certain operations, it would be smart to externalize the process as much as possible :

  • there are already many companies providing digital passports in web3 environment

  • these companies would have to be registered in UE, US, …

  • these companies would provide their clients one or more keys (for signing certain operations on blockchains like Ethereum, for encrypting some datas, …), and an identifier (for example DigitalCompanyABC_Client01920). This identifier would be disclosed publicly on the blockchain for each confidential transaction.

  • when the client requests to make a confidential transaction on the blockchain, the software would call an API of the digital passport company, to verify that the keys used and the identifier match

  • if a regulator makes an inquiry about a transaction, he would note the identifier disclosed on the blockchain transaction, and he would contact the company which provided the digital passport, in order to get the real identity of the client

  • additionally, companies providing digital passports would provide keys to regulators, enabling them to check the signature of transactions made by the client, and to decrypt data in case some transactions are more or less obfuscated on the blockchain

  • with this way to proceed, companies providing digital passports would have all the information a regulator may ask

  • by externalizing this way, Ethereum would not be bothered by over compliance demands, since all the required information would be detained by companies providing digital passports

  • Ethereum would stay mostly permissionless, but not for some particular transactions associated with high legal risks. For confidential transactions, a digital passport provided by a regulated company would be required to limit risks associated with money-laundering.

This mater is difficult, Ethereum would have to check with EU and US lawyers the feasibility of such an evolution, regarding compliance, especially anti-money laundering requirements.

I don’t know what you’re doing here Michael. This is about research, not some compliance bullshit. No one cares. Go back to your banking buddies.

1 Like

Why Constraints Are Good for Innovation : Harvard Business Review explains that compliance restrictions can stimulate research and innovation.

There’s nothing bad discussing regulatory constraints in a context of research.

What’s the proposal?
In my mind:

  • Build opt-in privacy at the app layer (transfers + app actions)
  • Build default privacy for things like networking for p2p network, etc

Yes, there are different options. Here are a few :

1. Implementing privacy tools without compliance

It is very risky, as explained in the first post. It shouldn’t be implemented, since, according to the FATF / GAFI , such anonymity “attracts criminals, who have used virtual assets to launder proceeds from a range of offences such as the drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking.”

The risks of prosecutions, of being delisted from major exchanges, and of loss of value would be too high.

2. Implementing privacy tools with weak compliance

There have been many proposals to implement week compliance, for example :

  • implementing keys, where users can selectively reveal their transactions to an authority if desired : this won’t be enough for authorities. It could be argued that users are hiding many transactions, revealing only a few legit transactions.

  • Privacy Pools, a financial privacy solution that is intended to exclude bad actors. When spending, users can prove that their coins come from a source that is not part of a publicly known list of hacks and thefts. Once again, this won’t be enough : the publicly known list of hacks and thefts are not exhaustive. An address can be “clean” until it is linked to a bad actor, which can occur months or years later. And different regulators have different lists. The US list of bad actors is not the same as the Russian, Chinese, European or Indian list. What is considered a hack in one country can be considered an act of patriotism in another country, … there is no unanimity about of bad actors, there is a variability depending on time, location, circumstances …

3. Implementing default privacy for all transactions with strong compliance

If all transactions became private by default, strong compliance should be introduced to protect Ethereum from the risks of prosecutions or of being delisted from major exchanges like monero was.

Crypto exchanges already face strong regulatory pressure : “A large part of crypto-related compliance focuses on securing the platform operations of crypto exchanges. This includes implementing local and international anti-money laundering and countering the financing of terrorism (AML/CFT) measures to prevent abuse of their products and services.”

Strong compliance includes KYC (digital passport) and transactions monitoring.

As explained previously, if this option is chosen, it would be smart for Ethereum to externalize the process as much as possible. Several companies are already providing digital passports in web3 environment, and they could provide transaction monitoring as well. As explained before, if Ethereum chooses to handle the compliance by itself, it would result in a huge and costly compliance service, that could finally control Ethereum and turn it into a financial institution, overregulated with little innovation.

A major drawback is that Ethereum would not be permissionless any more, because users would have to pass KYC before interacting the blockchain.

4. Implementing privacy with strong compliance for some risky operations

With this option, L1 Ethereum would introduce the possibility of private transactions, but would require strong compliance for such operations (a digital passport and transaction monitoring provided by a regulated company, to limit risks associated with money-laundering).

As explained in my previous post, it may be possible, despite this is not the option I would recommend.

Ethereum would stay mostly permissionless, but not for some particular transactions associated with high legal risks.

5. Implementing opt-in privacy with strong compliance

Implementing such privacy at L1 level would just make Ethereum more complex, with the same risks and obligations than the previous option.

6. Not directly implementing privacy tool on L1 Ethereum ledger, but making things easier for developing privacy on L2 layers

Privacy can already be handled at L2 level, with several options available. A user willing to have more privacy can just use a privacy L2 layer

There may be some discussions with L2 privacy layers to make things easier, but without directly implementing privacy tools on L1. Changes should be assessed carefully to prevent legal risks.

7. Not implementing any privacy tool on L1 Ethereum ledger

This is the option I prefer, for many reasons :

  • it is simple, nothing would change regarding the privacy of L1. As I explained 2 years agoIt’s better for L1 Ethereum to stay public the way it is, like an accounting book recording carefully every transaction.

  • the level of pseudonymity is already good

  • if some users want more privacy, they can turn to L2 or other solutions

  • the current situation enables Ethereum to stay public and permissionless. In my opinion, a huge part of the value of Ethereum lies in the fact that it is public, universal, and permissionless. Once privacy tools are implemented on L1, Ethereum can no more stay 100% permissionless, because strong compliance would be needed to avoid the risks of prosecutions and delisting. The problem is that strong compliance requires KYC, which means preventing users without KYC to access the blockchain, and turning it into a permissioned blockchain.

  • strong compliance would also require to link some addresses to people. This is not a small change. In my opinion, as soon as an organization uses people accounts where value is stored, it’s not possible to avoid all the regulation about banking, financial transactions, electronic money …

  • thousands of blockchains are public and permissionless, including Bitcoin. It would be extremely difficult for regulators to force public blockchains to implement KYC and to become permissioned, because it would require to change the code of thousands of blockchains. But it would be much easier for regulators to impose new regulations on the few privacy blockchains that are significant. As a result, implementing any privacy tool on Ethereum at L1 level would just be a call to regulators to impose more regulations, and to turn Ethereum into an over-regulated financial institution.

  • the current situation, were all transactions are public, is a great chance for Ethereum, because it gives the opportunity to limit the numbers of employees dedicated to compliance

  • currently, Ethereum can argue it just maintains a public and universal ledger, and that Ethereum is not responsible for the value Ether may have or not. Currently, Ethereum is a software project, but with privacy tools implemented on L1, there is a risk it would turn into an over-regulated financial institution.

Becoming an over-regulated financial institution has very concrete implications : it means regulators can freeze accounts and size assets. At the beginning for good reasons (hack, steal, …), then because the user has a wrong nationality.

Going further, funds could be frozen by regulators just because the Ethereum address is not linked to an approved KYC account. And at the end of the day, funds could be seized because a local regulator estimates that your car or your house is too expensive and that you don’t deserve it.

Accounts freezing is something a few blockchains like EOS implemented from the very beginning, and the price is just going downward.

Implementing any privacy mechanism into L1 Ethereum layer would be chosing a path that may result in the arbitrary seizing of Ethers for any user. It would be a self-harm, a call for regulators to take control of the heart of the Ethereum blockchain.

It also means the smart money will probably switch to other blockchains who have been wise enough to stay public, universal and permissionless.