If there must be KYC then privacy must be vastly improved

in #crypto6 years ago

In my previous post I blogged about the Tezos controversy. Specifically: "In what could be a new trend, Tezos Foundation demands KYC to redeem ICO tokens". What we learn here is there is a trend toward KYC on ICOs (along with exchanges) which has the strategic implication of creating a two caste crypto community. There is discussion in the Tezos community to create Chain A and Chain B remaining the official chain causing a fork and letting the community have the first election in the sense of which chain they choose. My own thoughts on what need to be done for the security of KYC backed tokens are going to be the topic of this post.

KYC introduces the worst kind of centralization if done wrong

The worst kind of centralization in my opinion is the kind which can put people at risk. Attaching real world identity to the genesis block of any chain along with the allocations attributed to those identities is extremely dangerous. In some parts of the world it could put lives at risk if whales are known to criminals. In addition the criminals will now gain an information asymmetry advantage where they'll have the means to hack or through espionage discover the list of names of "crypto rich" while the crypto rich who follow the rules will have no protection at all. The SEC isn't capable of protecting large holders of Tezos, EOS or any other token.

This lack of ability to protect people is the reason why financial privacy exists in the first place. The threat of extortion is one of the main reasons why privacy must exist on chain. The threat of coercion can influence any possible voting which could take place on the Tezos chain rendering all votes immediately under coercion if the identities of the token holders combined with the amount of tokens they hold is known.

Privacy must be implemented

KYC makes sense if the goal is narrow (to protect people from extortion, from money laundering the gains from extortion, etc). The problem is that KYC isn't actually likely to be effective on protecting people from extortion or coercion. There will be the "black blockchains" regardless of if KYC exists on the white blockchains or not. The black blockchains will still have the advantage as long as some people somewhere in the world accept the black tokens. This essentially means (in my opinion) without privacy for the white blockchains then the identities will be shared among the criminal societies of all who are big holders. These big holders will be systematically targeted potentially over a long period of time unless KYC is combined with confidential transactions.

In other words they should do thE KYC in such a way that no human being can see exactly how many tokens each ICO contributor holds. The encryption to do this can be built (homomorphic encryption of the kind Enigma is working on, or some other forms of secure multiparty computation). The idea being that Jack only wants to verify that he is the legitimate owner of Tezos tokens without revealing which tokens or how many tokens he owns.

In essence, the smart contract could be a zero knowledge proof enabled verification scheme. The technical details of course can be worked out later but I do think the very centralized approach taken by the Tezos Foundation goes against the beneficial breakthroughs decentralization has to offer. If KYC can be done in a decentralized and completely private way where maximum safety precautions are taken then it might work.

For example:

  • Artificial intelligence can verify that a selfie and face in a passport match.
  • The stored encrypted data can be managed in a way where humans cannot through simply inside jobs get access and leak it.
  • Perhaps there should be privacy from the very start so no one can know exactly how many tokens but only who holds tokens at all.

These are just ideas and they probably have to be refined but I can say that the current level of privacy involved in KYC isn't good enough. If there is a leak, espionage, an inside job hack, who is going to protect the people listed as ICO participants if the price of the token is $100+? This highlights the importance of projects like Enigma which would allow for better KYC, or projects to do KYC in a more decentralized and private manner.

Secret ICOs

Enigma is working on a technology which allows for secret ICOs. The idea being that the KYC process can take place prior to the participation. The amount of money contributed, where the money ends up, will remain private.

References

  1. https://blog.enigma.co/secret-icos-and-privacy-tokens-d77ed505514d
#crypto-news #tezos #blockchain
6 years ago in #crypto by
$19.97
  • Past Payouts $19.97, 0.00 TRX
  • - Author $16.06, 0.00 TRX
  • - Curators $3.91, 0.00 TRX
Reply 7
Sort:  
  • Trending
    • [-]
     6 years ago 

    With my loss with bitconnect I can no longer invest in another ico token or buy that I prefer to invest in treding.
    What you mentions KYC is vulnerable to cyber attacks since he does not have much privacy and security. This concludes that investing in KYC puts our investment at risk.

    $0.06
    • Past Payouts $0.06, 0.00 TRX
    • - Author $0.04, 0.00 TRX
    • - Curators $0.01, 0.00 TRX
    Reply
    [-]
     6 years ago (edited)

    Craig Grant and others were targeted or so they say. When Bitconnect was paying out massive amounts of money a day to certain individuals don't you think hackers wanted those accounts BADLY?

    The problem with KYC/AML is the Tezos Foundation isn't offering account recovery if hacked. They aren't offering any security or protection but are demanding the wrong kind of information which if it got into the wrong hands would jeopardize security.

    Steem offers account recovery for example which is in my opinion the very minimum to offer in exchange for identity. If you know who owns an account due to KYC then if that account gets hacked or they lose their private key you can recover it.

    $0.04
    • Past Payouts $0.04, 0.00 TRX
    • - Author $0.03, 0.00 TRX
    • - Curators $0.01, 0.00 TRX
    Reply
    [-]
     6 years ago 

    thanks for the clarification

    $0.00
      Reply
      [-]
       6 years ago 

      Good post! UpVote!

      $0.00
        Reply
        [-]
         6 years ago 

        "There is discussion in the Tezos community to create Chain A and Chain B remaining the official chain causing a fork and letting the community have the first election in the sense of which chain they choose."

        So, you're saying that we may have an option to choose an alt chain where we do not have to do KYC/AML? I also wonder, if we do not want to claim and complete KYC/AML if they will just refund us. I'm not giving them my info, they cannot protect it.

        $0.00
          Reply
          [-]
           6 years ago (edited)

          The problem with KYC/AML is security and lack of privacy. Imagine Bitcoin emerged in this way where all the earliest participants had their names (and faces) in a database somewhere? How much would that database be worth now to hackers?

          I'm mostly concerned about the security aspects. KYC I have no real problem with philosophically if it could be done in a completely secure and private way but if it's going to save all of this into a centralized database then the security is now centralized when we are talking DPOS.

          Tezos is a DPOS style chain. So once the identities of the stakeholders are known it turns Tezos into nothing more than a decentralized corporation of a sort only without the protection of banks. So you're submitting for the KYC/AML banks require but you don't get the same level of protection you get from stocks.

          If you lose your private keys, if you get hacked, if you get extorted, where you gonna go? What is the Tezos Foundation going to do about it?

          $0.00
            Reply

            Coin Marketplace

            STEEM 0.30
            TRX 0.12
            JST 0.034
            BTC 63799.64
            ETH 3130.40
            USDT 1.00
            SBD 3.97