Everything you need to know about the most important three letter acronyms in crypto
Or, how you win friends and TEE-fluence people 🧵
This thread is based on the talk I gave at @modular_summit:
h/t @socrates1024 and @sufialhussaini from @cyclesmoney for help preparing the talk and associated demos.
We all want private compute. Privacy is a fundamental human right. And yet our blockchains are woefully transparent. Clearly we need to do something about this. The core cryptography has come an enormous way, but there will always be limits & things cryptography alone cannot do.
ZK proofs have been at the epicenter of privacy in crypto since @zcash. ZKPs are great. They’re fast, efficient and working in production. But the problem with ZKPs is the prover needs all the data to produce a proof.
There’s no privacy from the prover!
This is fine if the prover is the end-user - their data is theirs - like in the shielded pools of @zcash & @penumbrazone. But in many cases (eg. ZK rollups), the prover is a specialized entity that collects cleartext from many users in order to perform some more global compute
ZKPs maintain privacy from the verifiers but not from the provers. This matters if you don’t want to trust a single entity with all the user data - which we don’t. So ZKPs are not enough for many kinds of privacy we want. For instance the global graph algo we run in @cyclesmoney
In @cyclesmoney, we build up a graph of obligations, payment intents, & credit lines, so solvers can optimize flows to clear the most debt for the most people w/ the least money. ZKPs allow the chain to verify correctness, but they don't help keep the graph private from solvers!
In many scenarios, ZKPs are really more about guaranteeing correctness than privacy. Interestingly, the original constructions (SNARKs) were all about proving a computation correct. Privacy came practically for free after the fact (zk-SNARK).
So ZKPs are not enough. What about Multi-Party Computation (MPC)? MPC actually does give us the full private compute we want. In MPC, we encrypt values to polynomials and distribute them across N agents for compute. So long as K-of-N nodes don’t collude, privacy is preserved.
MPC works great for smaller compute, and is increasingly used to provide secure signing services, for instance in @web3auth and @usecapsule. Key material is split between a user and other service providers (some are themselves federations) and any 2 of 3 can produce a signature
There’s also some cool use cases of MPC in peer-to-peer trading, for instance @renegade_fi’s dark pool does order-matching via MPC between the actually interested parties, which removes collusion concerns (since the compute isn’t being outsourced). This is great protocol design.
But in general MPC is expensive (quadratic in N) due to high network overhead. And we have to trust that K nodes (eg. ⅓ of N) are honest. More nodes means much more overhead. And then, if nodes do collude to break privacy, they don’t leave a trace - there’s no way to detect it!
What about Fully Homomorphic Encryption (FHE) then? FHE is actually not an independent solution - you still need MPC to manage decryption. Otherwise a single agent can decrypt everything. So FHE on its own is basically useless for blockchains.
What is FHE good for? Outsourcing compute, privately. The base case is a user outsourcing some compute they want done while preserving privacy. They know the input and decrypt the output, so no problem. Some other server does the compute with FHE.
In blockchains we can think of FHE as trading off the network/IO overhead of MPC for the compute overhead of FHE. In theory, fast enough FHE can speed up MPC with many nodes - ie. use MPC only for decryption, FHE for the rest. Without MPC, FHE is basically useless for blockchains
This brings us to the obligatory meme section of the thread. @badcryptobitch has been here before us
So. ZK doesn’t give private compute. MPC is expensive and doesn’t give collusion resistance. FHE is expensive but can (in principle) make MPC cheaper.
What’s a practical solution we can use today with sufficient guarantees that can be combined with other techniques as necessary?
This doesn’t mean the cryptography isn’t important or we shouldn’t keep pushing it - it’s critical and it needs development more than ever. But it can be complemented in many useful ways by TEEs, and there’s lots we can do to reduce TEE risk.
But this thread is already too long, so you’ll unfortunately have to wait til tmrw for groundbreaking insights on how to use TEE’s securely so they’re strictly better than not using them. Make sure to follow me to avoid missing some of the most TEE-fluencing content in the space!
• • •
Missing some Tweet in this thread? You can try to
force a refresh
None of your coins are money and you all have brain damage.
Also, ATOM is Interchain Capital
The long version 🧵
"Money" is a sloppy word, but generally it’s used to refer to things that are a general Unit of Account (like the USD) and/or a generally accepted Medium of Exchange (like a bank deposit).
It almost *never* means something that's just a strong store of value, or that is expected to go up in value generally over time.
Of course, Store of Value is an important function of money, but its the only of the 3 functions that is more widely shared with other things.
We’ve been popularizing the CoFi meme as a vision for DeFi protocols that emphasize the inherent graph structure of payment & credit systems.
It’s time to start sharing our work on the actual product and protocols that will bring this vision to life.
Introducing @cyclesmoney:
Surfacing the payment and credit graph and executing across it is an act of collaboration that takes unique advantage of the properties of blockchains (atomic multi-lateral fault tolerant execution).
A core insight is that cryptocurrencies are needlessly inhibiting themselves by failing to bring obligations on-chain. When you make a payment with a cryptocurrency (or any other money), you are very often discharging a pre-existing obligation - a liability to pay.
1/ It’s perhaps not well understood that for most of its life the Cosmos Hub didn’t really have anything you could call an organized Hub team. With the fallout from AiB in 2020, what might have become a Hub team split apart, staying focused on all the other parts of the stack.
2/ From time-to-time various people worked on some notionally Hub-specific things, sometimes funded by the ICF, sometimes funded by other sources, but never really considering themselves the Hub team (Stargate, Gravity Bridge, Gravity DeX, etc).
3/ Lots of different teams worked together on shipping IBC in Stargate in 2021, but even that didn’t really have a Hub team, just a loose coordination of organizations working on different pieces that would be part of a single upgrade. blog.cosmos.network/how-seven-team…
1/ Our modern monetary woes are the 5000 year consequence of the shekel. Its origin in the temple palaces of Mesopotamia is bound up in the origin of accounting, writing, and states. Money existed for over 2000 years before coinage. So, who cares? Time for a 🧵
2/ Our story begins with farming, which takes root in the Near East around 8000BC, giving rise to accumulated surpluses. Around the same time, a new kind of material culture develops: the making of small clay tokens of various simple shapes
3/ Since as long as we've had surpluses, we've had to manage them, a dynamic process of accumulation and redistribution. Turns out, the clay tokens represent accounts - different shapes for different goods.
1/ I want to talk about something that’s been troubling me. We’ve seen a stark increase in hateful, discriminatory rhetoric circulating in our community and it’s time to confront the grave risks it poses to our collective well-being.
2/ When @cosmos was founded, we grounded it in the values of sovereignty and interoperability, a promise to every community the freedom to express themselves in the way they see fit
3/ But we also founded a meta-community, grounded in inclusivity and collaboration. Sovereign communities with their differences, sure, but interoperating peacefully. We hold each other up. We support each other. We’re mindful of our socio-cultural surroundings.
I've been working on a series on the properties of money and the tensions between them. Here is the intro: ebuchman.github.io/posts/properti…
And a short thread on whats at stake 👇
It is practically an open secret that the monetary order is fundamentally broken and that mainstream economics operates as a kind of divination cult. We don't need to rehearse this.
What we do need is a serious investigation into the nature, history, and theory of money so we can figure out where we go from here.