Yes, there are different options. Here are a few :
1. Implementing privacy tools without compliance
It is very risky, as explained in the first post. It shouldn’t be implemented, since, according to the FATF / GAFI , such anonymity “attracts criminals, who have used virtual assets to launder proceeds from a range of offences such as the drugs trade, illegal arms smuggling, fraud, tax evasion, cyber attacks, sanctions evasion, child exploitation and human trafficking.”
The risks of prosecutions, of being delisted from major exchanges, and of loss of value would be too high.
2. Implementing privacy tools with weak compliance
There have been many proposals to implement week compliance, for example :
-
implementing keys, where users can selectively reveal their transactions to an authority if desired : this won’t be enough for authorities. It could be argued that users are hiding many transactions, revealing only a few legit transactions.
-
Privacy Pools, a financial privacy solution that is intended to exclude bad actors. When spending, users can prove that their coins come from a source that is not part of a publicly known list of hacks and thefts. Once again, this won’t be enough : the publicly known list of hacks and thefts are not exhaustive. An address can be “clean” until it is linked to a bad actor, which can occur months or years later. And different regulators have different lists. The US list of bad actors is not the same as the Russian, Chinese, European or Indian list. What is considered a hack in one country can be considered an act of patriotism in another country, … there is no unanimity about of bad actors, there is a variability depending on time, location, circumstances …
3. Implementing default privacy for all transactions with strong compliance
If all transactions became private by default, strong compliance should be introduced to protect Ethereum from the risks of prosecutions or of being delisted from major exchanges like monero was.
Crypto exchanges already face strong regulatory pressure : “A large part of crypto-related compliance focuses on securing the platform operations of crypto exchanges. This includes implementing local and international anti-money laundering and countering the financing of terrorism (AML/CFT) measures to prevent abuse of their products and services.”
Strong compliance includes KYC (digital passport) and transactions monitoring.
As explained previously, if this option is chosen, it would be smart for Ethereum to externalize the process as much as possible. Several companies are already providing digital passports in web3 environment, and they could provide transaction monitoring as well. As explained before, if Ethereum chooses to handle the compliance by itself, it would result in a huge and costly compliance service, that could finally control Ethereum and turn it into a financial institution, overregulated with little innovation.
A major drawback is that Ethereum would not be permissionless any more, because users would have to pass KYC before interacting the blockchain.
4. Implementing privacy with strong compliance for some risky operations
With this option, L1 Ethereum would introduce the possibility of private transactions, but would require strong compliance for such operations (a digital passport and transaction monitoring provided by a regulated company, to limit risks associated with money-laundering).
As explained in my previous post, it may be possible, despite this is not the option I would recommend.
Ethereum would stay mostly permissionless, but not for some particular transactions associated with high legal risks.
5. Implementing opt-in privacy with strong compliance
Implementing such privacy at L1 level would just make Ethereum more complex, with the same risks and obligations than the previous option.
6. Not directly implementing privacy tool on L1 Ethereum ledger, but making things easier for developing privacy on L2 layers
Privacy can already be handled at L2 level, with several options available. A user willing to have more privacy can just use a privacy L2 layer
There may be some discussions with L2 privacy layers to make things easier, but without directly implementing privacy tools on L1. Changes should be assessed carefully to prevent legal risks.
7. Not implementing any privacy tool on L1 Ethereum ledger
This is the option I prefer, for many reasons :
-
it is simple, nothing would change regarding the privacy of L1. As I explained 2 years ago “It’s better for L1 Ethereum to stay public the way it is, like an accounting book recording carefully every transaction.”
-
the level of pseudonymity is already good
-
if some users want more privacy, they can turn to L2 or other solutions
-
the current situation enables Ethereum to stay public and permissionless. In my opinion, a huge part of the value of Ethereum lies in the fact that it is public, universal, and permissionless. Once privacy tools are implemented on L1, Ethereum can no more stay 100% permissionless, because strong compliance would be needed to avoid the risks of prosecutions and delisting. The problem is that strong compliance requires KYC, which means preventing users without KYC to access the blockchain, and turning it into a permissioned blockchain.
-
strong compliance would also require to link some addresses to people. This is not a small change. In my opinion, as soon as an organization uses people accounts where value is stored, it’s not possible to avoid all the regulation about banking, financial transactions, electronic money …
-
thousands of blockchains are public and permissionless, including Bitcoin. It would be extremely difficult for regulators to force public blockchains to implement KYC and to become permissioned, because it would require to change the code of thousands of blockchains. But it would be much easier for regulators to impose new regulations on the few privacy blockchains that are significant. As a result, implementing any privacy tool on Ethereum at L1 level would just be a call to regulators to impose more regulations, and to turn Ethereum into an over-regulated financial institution.
-
the current situation, were all transactions are public, is a great chance for Ethereum, because it gives the opportunity to limit the numbers of employees dedicated to compliance
-
currently, Ethereum can argue it just maintains a public and universal ledger, and that Ethereum is not responsible for the value Ether may have or not. Currently, Ethereum is a software project, but with privacy tools implemented on L1, there is a risk it would turn into an over-regulated financial institution.