Balancing trust and privacy with advanced cryptography

Why this is exciting

In our daily lives, trust often comes at the expense of privacy, and we share a lot of information to prove small details. We share government documents to prove our age and bank account details to prove our address, while advertising networks share our detailed browsing history to prove that we’re part of a advertising cohort. Once this data is shared, it’s out of a user’s hands, such that there are privacy, security, and compliance concerns.

We also use many peer-to-peer marketplaces and exchanges, which are run by trusted institutions who charge a hefty fee for matching and settling transactions. What if code could trust-lessly verify a digital transaction was completed correctly?

Imagine a world where users and businesses can completely trust one another without sharing personal data or relying on a trusted third party

What I’m exploring

  • Industries that deal with digital data and have compliance guidelines or regulation, to see if we replace the data transfer with the insights derived from that data.
  • Peer-to-peer marketplaces and exchanges that rely on a trusted third-party for settlement, to see if we can replace the third party with a trust-less code verifier
  • Privacy-preserving technology to meet critical digital advertising use cases like interest or cohort segmentation, retargeting, and attribution, without needing detailed user data.

How this works

Zero-knowledge proofs are like magic tricks. The magician (prover) pulls out a card and announces it without seeing it, convincing the audience (verifier) that they know where the card is in the deck, without revealing how the trick is done. Similarly, if we’re applying this to advertising, users can generate a summary “proof” of their data with a guarantee that it was generated correctly, convincing brands that they are part of a specific cohort, without revealing their browsing data.

For peer-to-peer use cases, we could build something similar to UniswapX, which lets users specify a trade and allow anyone to fill it by providing an onchain “receipt”. This could be extended to be any ask that you’d want done, where you can rely on any trusted institution to provide a “receipt”. An example is zephyr.exchange using Venmo email receipts to allow someone to claim money on chain.

Why now

Data privacy concerns are mounting and technological advancements have recently landed:

  • Data privacy is increasingly pertinent to consumers. Users are flocking to end-to-end encrypted chat apps, and opting out of tracking when possible.
  • Zero-knowledge proofs have seen rapid advancements due to blockchain scalability needs. Previously, they were too computationally intensive and complex to set up. Now, proof generation time has improved by orders of magnitude, STARKs have eliminated complex trusted setups, and open-source implementations like Meta’s Winterfell or zk-email make it easier to work with.

For digital advertising,

  • In 2024, third-party cookies - which are key for Google and Meta’s ad duopoly - are being deprecated due to privacy, security, and regulatory concerns. Similarly, there is a new compliance standard or data protection regulation for every industry, every year.

How to get this product in front of users

For digital advertising
  • Any B2B implementation should provide the same output so it can be a drop-in replacement for existing systems or industry standards. If there is a user opt-in component, we will consider financial incentives such as tokenization to reach scale.
  • For example, a replacement for the digital advertising industry’s third party cookie should not need publishers and brands to make any changes. The solution would work with Google’s Privacy Sandbox APIs and user profiles should match how those created by Data Management Platforms for advertising bid requests. Users would opt in and use the product to earn token incentives.

Relevant Reading