The Blockchain Can Get So Private It Can’t Be Audited – Until Now

Mystiko.Network just invented the trustless-but-verified privacy protocol.

Privacy isn’t just a good business practice. Nor is it only a nice-to-have design feature for a scalable technology platform.

Privacy is, ultimately, a basic human right. That’s one of the reasons why blockchain, which is inherently defensive of privacy, is so appealing. Even so, no right is absolute because any right, however prized, will eventually come into conflict with a right possessed by someone else.

But how do you determine what someone else’s rights are – and thus, where your own rights end – if you don’t know anything about your counterparty? Put another way: How do you balance privacy with compliance?

That’s where, once again, Mystiko.Network is proving to be an innovator.

No matter how laissez-faire you might be in your policy prescriptions, at some point you have to concede that an act is or ought to be a crime.

Even freedom of speech – often regarded as a cornerstone of human rights and a pillar of free and democratic societies – is not absolute and can potentially be restricted. Though still the subject of much debate, when forms of expression deemed offensive to society, such as libel, slander and hate speech, they can be duly limited under the ideas of the harm principle and the offense principle, since these forms of speech can potentially escalate into discrimination, hostility and violence.

Likewise, no responsible blockchain platform, dedicated though it might be to user privacy, can allow itself to be used for malicious or illegal activities that bring harm to society. The same is true for Mystiko.Network, whose central mission includes protecting privacy for the good, not for the bad.

To protect privacy rights for users with legitimate reasons from the bad actors exploiting on-chain privacy, Mystiko designed the first decentralized auditing system for on-chain private transactions.

The new decentralized private transaction audit

At the heart of this system is a decentralized auditing committee, consisting of reputable institutions and entities chosen by the community. Once established, the committee will support auditing the transaction flow of suspicious deposits from bad actors while protecting the privacy of regular users.

Mystiko’s auditors would represent reputable, reliable auditing firms, regulators and non-governmental or intergovernmental organizations. The specific members would need background and expertise in technology and finance as well as compliance. As to who specifically would take on these roles, that becomes a matter of nomination and vote by existing Mystiko nodes.

In Mystiko’s design, when compliance responses are expected by a regulator, the transactions of suspicious assets would be revealed and audited in a decentralized manner by trusted auditors based on the majority votes of the committee.

This is not Mystiko’s first privacy innovation – not even its first this year. Earlier in 2022, Mystiko became the first blockchain privacy solution to be offered as a multi-chain privacy software development kit. This privacy-as-a-service model upended the assumption that privacy had to be either baked into a Layer 1 solution or bolted on as a Layer 2 overlay. Mystiko still supports L1 and L2 privacy tool development in addition to the SDK.

Key advantages

There are several functional benefits of Mystiko’s new privacy auditing feature:

• Security. Holders’ assets will always be secured by Mystiko. No one, not even Mystiko auditors, can intercept or tamper with private transactions in Mystiko.Network.
  
• Decentralization. Mystiko ensures that no single entity will have access to all private information, even while making private transaction auditing possible. Mystiko auditors will only be able to view and audit the transaction flow of suspicious deposits from bad actors upon the request of regulators and the majority approval of the auditing committee.
  
• Precision. Only suspicious transactions, such as sanctioned assets, will be audited. Auditing processes will only be kicked off when sanctioned assets or addresses are identified in the Mystiko user pool.
  

As with any innovation, though, it’s fair to ask: What problem does this solve? It usually involves improving efficiency, scalability, profitability or some other business metric or technological bottleneck. In the case of an on-chain privacy innovation, it almost always has to do with a new compliance issue. Such is the current case. Specifically, regulators are looking to ensure that on-chain privacy does not prevent the kind of disclosures that institutional and retail investors have come to rely on.

On August 8, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Tornado Cash and called it “a significant threat to national security.” The underlying concerns of regulators might come from the fact that there is no visibility of suspicious transaction flow. It seemed like an invitation to launder money.

Still, there are many legitimate reasons why someone would want to use privacy features. For example, an employee getting paid by their company in crypto might not want their employer to know all of their financial details. An NFT investor might not want to become the target of potential harassment or robbery. Donors might want to keep their identities hidden as they donate funds.

To balance the right to preserve privacy for users without illicit purposes and the compliance request of global regulators, Mystiko designed the first decentralized auditing system for on-chain private transactions. Mystiko.Network only protects privacy for the good, not for the bad.

Three-legged stool

It’s important to note that the auditing committee is just one of three elements of Mystiko’s auditable zero-knowledge (zk) privacy solution.

Encryption is also a major component: When a private deposit is withdrawn or transferred, while zero-knowledge proof is generated, the linkage between deposit and withdrawal or transfer will be split into multiple shares and encrypted with the public keys of auditors. Each auditor would then have an encrypted secret share of the linkage data, but not the complete set. Mystiko makes sure that no single entity will have access to all the private transaction information of users, while making decentralized auditing possible.

If this sounds familiar, it’s because it’s a cryptographic principle known as “Shamir’s Secret Sharing,” and it’s been around since 1979. In effect, SSS is a way for distributing a secret so that no individual holds intelligible information about it. Although the secret can be reassembled when a sufficient number of shares are combined, nobody without enough shares can reconstruct the secret even with infinite time and computing capacity.

Then there is the audit function itself. In order to view the complete information of a private transaction, the auditing committee would have to reach an agreement by passing a majority vote to decrypt the encrypted transaction history, with their privately stored secret keys.

Current state

Mystiko V3 testnet protocol (“AuditableZK”) is now live and will soon debut on Ethereum mainnet. In the latest version, Mystiko.Network improves security by incorporating ZK rollup while lowering gas fees. Private transactions on Mystiko.Network cost anywhere from one-half to one-tenth those of other major privacy solutions. Mystiko’s proprietary JoinSplit technology also offers maximum flexibility and arbitrary amount withdrawal with full privacy.

More features, including multi-chain and cross-chain private transactions are also available in Mystiko V3 testnet protocol. Sofar, Mystiko.Network testnet protocol has supported various chains including Ethereum, BNB Chain, Polygon, Fantom, Avalanche and Moonbeam. Supported bridges include Celer IM, Mystiko Test Bridge, LayerZero and Axelar Network.

About Mystiko.Network

Mystiko.Network is the base layer of Web3 with both connectivity and confidentiality. Leveraging zero knowledge proof with industry leading “zk of zk” technology, Mystiko.Network guarantees interoperability, scalability and privacy all at once. Mystiko.Network is dedicated to protecting on-chain privacy for all and building a healthy financial privacy environment in Web3.

Learn more about Mystiko. Network and follow us:

Website| Testnet| Twitter | Telegram | Discord | Medium | Whitepaper| Docs