Layer 3: Where We Find Privacy
When I was a kid many years ago, I got interested in the stock market and started reading about various trading strategies. I wanted to do experiments and for this I needed historical data of various kinds. I quickly found out that finding quality data was near impossible unless you were prepared to spend lots of money, time and be a big financial institution of some kind.
Later, when I started working for these big financial institutions I learned that even for them it wasn't easy. The quality and integrity of digital infrastructure in financial markets simply isn't great. It's poorly defined, poorly implemented with lots of legacy solutions, and everyone's struggling to get their systems to speak with each other - it's not much better today.
While retail traders and investors might have gained access to easy-to-use stock trading apps, behind the scenes it's still ugly. And if you want to trade anything more exotic, the access and data still isn't up to scratch. It takes professional financial institutions several weeks to trade and settle some of these instruments, with paperwork, faxes, and stamps still being used!
When my friends and I started playing around with DeFi, having come from TradFi, the ease at which we could trade various instruments, and use our assets in complex structures as collateral for lending or leverage was mind-blowing! Instant settlement - 100% clarity on the structure, and compared to anything exotic in TradFi, at a much lower cost. It's clear to all of us with industry experience that blockchains with the technical standards they bring, are lightyears ahead of the old TradFi infrastructure. Sure, some challenges remain around technical scalability, but those are being solved with sharding and rollups.
But here's one big thing missing from the current technical landscape before enterprises and TradFi are ready to jump in: Privacy.
It's unthinkable that a company with sensitive commercial agreements would use in-the-open blockchain systems to conduct any of their business. It doesn't matter how much more efficient these new rails can be compared to the old world if that implies them doing what they do in public. And neither should you, even as a private individual. I don't want my bank account to be on a public blockchain. I don't want the world to know when I pay for a book on Amazon. If we think Web2 with Facebook and the likes, mining your data is bad, it's not going to get any better if we all need to do everything in the open.
Physical money comes with some amazing privacy features, as no one needs to be informed other than the two parties involved in a transaction. But that's about it, because the other features aren't that great, like needing to meet in the same location, needing to transport it, needing to secure it. Can we replicate the benefits without the drawbacks of cash in blockchain?
In my last two blog posts, I talked about layer 1 and layer 2. Layer 1 would take care of the settlement process, acting as a single source of ultimate truth. Layer 2 would enable the scalability needed for global usage. And I alluded to a ‘layer 3,’ acting as a privacy layer.
It's true that many projects are working on privacy on the blockchain today, through complex use of zero-knowledge technology, that allow multiple parties to transact and move tokens between each other on a shared layer 2, without others being able to work out what those transactions imply. But this approach comes with significant limitations when compared to the public DeFi rails we have.
As of yet, no one, to the best of my knowledge has come up with a generic privacy-focused layer 2 where anyone can deploy the tried and tested ERC-20 and ERC-721 contracts, followed by DeFi contracts, and magically gained 100% privacy. And how could they? If I deploy an ERC-20, it comes with public functions that anyone can call to enquire about the current balance of someone's address. It's public by default and needs to be that way for the DeFi legos to be able to operate. We would need to significantly scale back on DeFi ambitions for privacy to work in an encrypted layer 2. It's an over-complicated approach that's bound to disappoint.
Instead, stick to what I've said previously: Don't put private data on a blockchain. Simply DON'T.
So, how could we enable truly private data with all the benefits of modern DeFi rails? Let's first remind ourselves how layer 2s gain layer 1 security through zero-knowledge rollups. They batch up transactions, compress these and upload the data to layer 1, together with a proof. The proof uses zero-knowledge technology, and allows the layer 1 network to be certain that the layer 2 performed its operations correctly. Having the data uploaded together with this proof allows someone else to take over should the current operator of the layer 2 service stop functioning.
In layer 3, we can do something similar, but without the data availability. This is OK because it's your private blockchain. This is more than just having a wallet. In fact, it's as if you were to run some blockchain node software on your computer or phone, without connecting this to any blockchain network. Whatever transactions you perform on your private blockchain remains private because you don't share the data with anyone. But how can others then be sure you don't double spend those USDCs? This is where those zero-knowledge proofs come in. You'd still publish the proof to some layer 2 system of choice, but only the proof. For each batch of blocks you produce on your private blockchain, a proof is published. No one can work out what's in those blocks, but everyone can be sure you operated according to the rules. This type of ZKP setup is already known as validium.
By simply not sharing the data, while using something like validium to enforce the integrity of our actions, we've accomplished two things: We've got the full benefit of smart contracts and DeFi legos, and we've got those benefits without needing to share the data.
We can now use bridges, like we already do today, to bridge assets between my private blockchain and your private blockchain. Both of us publish the required proof that each side of the transaction acted correctly. You send me some USDC in exchange for EUROC or some other service or product. I then have these USDC tokens on my private blockchain, where I can either bridge them on to others or use them how I see fit otherwise. Circle, the operator of USDC, would likely be involved in the bridging process, maybe as the official bridge operator. But we could also imagine more decentralised tokens like DAI or Ether being bridged between our various private blockchains too.
While I might just have one private blockchain on my phone, in combination with the wallet app, all bundled together for ease of use with the appropriate backup routines and handholding by some provider, more advanced setups exist too. A big enterprise could have thousands of these private blockchains managed by their internal IT department (or some external service provider), utilised by the various finance people in the organisation, moving assets and monies between departments and projects. This of course also extends to the private blockchains of their partners, suppliers and customers. Programmable money features enable better control and allocation even after it has left your private sphere and reporting spans across all these private instances, with real-time updates and full transaction history available at your fingertips.
Companies and organisations like Circle, MakerDAO, Uniswap, and so on, provide smart contracts and apps that are installed by them through transactions against the private blockchains. And while they don't have a view of what's happening in there, as the data remain private, they can have certainty that their code is executed correctly because you keep on publishing the required proofs to layer 2.
This is my view of layer 3 and it gives us the full stack with the appropriate separation of concerns, from settlement and trust on layer 1, scalability and execution on layer 2, to privacy on layer 3. It gives global trust in the correct execution of transactions, even if others can't see the private details. It gives us the privacy benefit of cash without the drawbacks. It enables DeFi legos and modern rails without the complexity of trying to do privacy on layer 2 because we've moved it to a private layer 3.
The fundamental technology is already more or less here or just around the corner. We're getting ZKP based rollups and validium proofs, and we're getting layer 1 sharding soon. What we need next is easy to use apps and frameworks, providers of relevant services, and some good production use cases to point to. Once we have that, it's all set to explode and the next crypto summer is upon us. We will gain what I'd label 'connected finance,' and it would usher in a new level of transparency where we want it, privacy where we need it, an ability to execute, and an opportunity to modernise finance in much the same way the internet did for information and data many years ago. Internet 2.0 would finally be up and running.