[hideyour.cash] Private Transactions Protocol on NEAR

“Everyone has a right to privacy because it is a critical aspect of ownership and autonomy. […] Web3 will never deliver on its potential if systems that allow participants to launder money, fund terrorism, or commit crimes are allowed to propagate. Blockchains are not starting entirely new systems from zero, in a vacuum. They are interwoven with existing systems of rule and law and must operate within and alongside them.” - Near Foundation

Relevant links

Whitepaper

PitchDeck

Hack-a-Chain Github

Hack-a-Chain Website

It’s been some months that we, the Hack-a-Chain team, have been studying the creation of a private transactions protocol for NEAR. We were almost done writing our whitepaper when we heard that Tornado.cash was sanctioned by the United States.

Even though it could seem like a bad idea to keep the project, we realized that it was actually a great opportunity to fill a big market gap: the need for a private transactions protocol that could prevent the use by bad actors.

Completely in line with Near Foundation’s vision for Ownership, Privacy and Regulation, we’ve been working on a project called hideyour.cash, a KYC/AML Compliant Private Transactions Protocol being built on top of NEAR.

In this post we’ll formally introduce the project to the community and would love to hear back your thoughts and insights about it.

Background

This project aims to solve the problem of lack of privacy within blockchain, most specifically, in the NEAR protocol. Banking secrecy is assured by law in most democratic countries, and transactions made with fiat on the traditional banking system are private. Only the two parts involved in the transaction know about it.

In Order for crypto to be broadly adopted as an improved financial system it must not only offer all the new features it proposes, but also meet the assurances that the existing financial system gives to its users.

In order to have a user-owned internet, we must be transparent and fair. But, that does not mean that everyone must be able to know what everyone is doing. Users must be free to disclose what they are doing, but that should not be forced.

Users might seek for privacy for different reasons. There a few use cases that are valid to be mentioned:

1. User is paid in crypto by employer and doesn’t want the employer to know all their financial details.
2. User pays for a service using crypto, and does not want the service provider to be able to see all they have done on chain.
3. User was doxxed and is being harassed online, now want’s to move funds to a different wallet without being traced.
4. User is a large crypto investor avoiding front running and other financial monitoring exploration.
5. User want’s to donate to a polarizing cause.
6. User does not want the other users that know he’s address to know its wealth.
7. User thinks crypto will have a mainstream adoption, and everyone will have access to all information (retailers, banks, potential employers), and is afraid that they might not use that information ethically.
8. User want’s to pay for medical services with crypto without disclosing that information to the public.
9. User wants to send tokens from their wallet to a CEX without sharing their wallet.

There are already solutions available on other networks that allow for users to perform private transactions. There is not a solution like that on NEAR protocol. Given the fact that NEAR has a gas fee that is fairly small when compared to other chains, the adoption of this service might be broader on NEAR.

Therefore, in order to create a better internet, a tool for privacy on a blockchain that is relatively cheap to use is a must-have.

Project Overview

We’re building a private transactions protocol. It gives anyone privacy to transfer funds without revealing to whom they’ve transferred. The protocol serves anyone that wants to use blockchain for their personal/business payments without giving up on their privacy.

The protocol works through a technology called zkSNARKS which is a type of zero-knowledge cryptographic proof. Any user can deposit to the smart contract by sending over a commitment (think of it as the hash of a private key), later any other account can withdraw the amount deposited by submitting a zero-knowledge proof that they know the secret key that generated one of the deposits.

What happens is, since multiple people are depositing and withdrawing from the protocol at the same time, there is no way to tell which withdrawing account belongs to each initial depositor, thus your withdrawing account becomes private, no one can tell who originally deposited to it.

It is widely known that private transactions protocols on other blockchain networks have been used by criminals to launder stolen funds or to provide financing to crime and terror organizations. This use cases have made transaction mixers one of the main targets for regulatory assault.

With that in mind, we are developing a decentralized application for well intended users to achieve privacy, but that does not allow money laundering or terrorism financing. To achieve that, the protocol is going to have a decentralized committee, elected from community members by staking their project tokens called the blacklist committee.

The protocol will publish its terms of use after a DAO vote and choose which use cases are unacceptable, such as money laundering or terrorism financing. Every account that wants to interact with the protocol must undergo an anonymous KYC procedure to be included in the application’s whitelist, the higher the financial volume being transacted by the user, the more comprehensive the KYC analysis will be.

At the same time, the DAO will form a blacklist committee, which will be responsible for blocking accounts that are associated with wrongdoing. The committee will authorize third party security applications to automatically flag and include suspicious accounts in the blacklist.

Once an account has been blacklisted (1) it cannot deposit to the protocol and (2) no deposit originally made by that account can be withdrawn. That sums up to criminals risking having their assets seized inside the smart contract if they use the platform. If they do still use the platform and withdraw the funds quickly to avoid the seizure of assets, they’ll be easily tracked by forensics since anonymity requires waiting a random amount of time to withdraw funds.

The committee will also receive and evaluate evidence of false positives in whitelist insertion to unblock accounts.

Scope

What will the final deliverable look like?

The final deliverable of the project is a private transactions protocol. From a user’s point of view, the software will allow them to:

1. Generate a key and make a deposit associated with this key;
2. Generate a withdrawal proof → this proof contains who can withdraw the money;
3. Using the withdraw proof, the user will send a command to a random relayer, that will send the proof to the smart contract for validation, paying for the transaction gas. The contract will then validate the proof and transfer the tokens to the designated account;
4. Acquire application tokens and stake them to become a relayer.

The application uses a zkSNARK algorithm to validate the withdrawal proof. The use of this algorithm allows the user to prove it has a key, without disclosing any information regarding the key or who’s the owner of the key, therefore, it allows for privacy.

Relayers are the second key component of the application. Without them, it would not be possible to withdraw the funds anonymously, because some account has to pay for gas and if you create a new account and send tokens to it, you’re going to create a link between your identity and the new account. The relayers send the transaction to the smart contract and pay for the gas, allowing for anyone with the proof to withdraw the tokens. Relayers receive a small percentage of transferred funds as a fee.

The proof is built in a way that, even if it is intercepted, the funds are still safe, because with the proof a person can only withdraw funds to the account given when the proof was built.

There will be a list of decentralised relayers. In order to become a relayer, users must own and stake the application token. Relayers charge a fee to withdraw the funds. The more staked tokens a relayer has, the larger the chance that they’ll be select on the relayers list.

The final application will also contain a DAO. There will be a blacklist committee, that is responsible for the blacklist functionality. That functionality will allow the DAO to block accounts from using the protocol, and also suspend withdraw of funds deposited by accounts associated with suspected ilegal activities.

Technical Specs

diagram958×709 47.7 KB

Components

• zkSNARK algorithm
  • Implement zkSNARK algorithm using snarkjs and circomlib
• Core Smart Contract
  • Core smart contract functionality for anonymous transactions. Must implement on-chain merkle tree and verifier
• Relayer server
  • A web server application to act as a relayer for the protocol. Must allow users to send HTTPS requests with proofs and dispatch them to the blockchain.
• Relayer Smart Contract
  • Functionality to stake native token to become a relayer. Must select relayers for each transaction based on a formula involving fees and staked tokens.
• Middleware
  • Indexer to log transactions and events.
  • DB to store indexer data.
  • API to serve DB data to frontend.
• Frontend for users to deposit and withdraw funds (AnonCore front end)
  • Generate private key and save it to user machine
  • Generate proof based on private key and receiver id
  • Fetch deposit information based on private key when withdrawing
  • Send proof to relayer and receive transaction hash to track
• Relayer Frontend
  • Instructions to become a relayer
  • Platform to stake/unstake tokens
• Landing page
• Seed ceremony
  • Ceremony software to generate lambda parameter for zkSNARK generator.

To better understand how the technology works, read the project’s whitepaper.

Planned Roadmap

Team

The project will be developed by Hack-a-chain. Our team will initially be composed of the members listed bellow:

• 2 blockchain (rust/near) developers ;
• 1 fullstack developer, with vast FE experience;
• 1 PM;
• 1 Marketing and sales specialist;

It is likely that, after the MVP stage, it will be necessary to increase the team size.

Risks

We anticipate the following dependencies and obstacles:

1. Regulatory crackdown as happened with tornado cash;
2. Illicit activities within the protocol, even with the blacklist mechanism;
3. Small amount of transactions on the beginning, making anonymity difficult;
4. Slow adoption, due to smaller total addressable market on Near.

Regarding the risks stated above, there are some contingency plans:

1. Seek for legal counseling and work with authorities to build a solution that fits all needs;
2. Implement a kill switch mechanism on the contract;
3. Implement an anonymity generator to perform transactions in order to increase the volume;
4. Two solutions:
   1. Onboarding of users from different chains;
   2. Creation of an SDK, so that web sites can receive crypto payments utilizing the protocol.

Market & Community

Initial Challenge

The first challenge regarding marketing ****to run hideyour.cash is to actually have enough transactions happening at the platform so that they remain anonymous. In case the number of transactions is too small, it will be easier to track it and discover its origin and destiny. If that happens, the protocol will fail to provide privacy to its users.

Therefore, our first goal is to create a community of early adopters that will help us achieve a minimum amount of transaction that will make the protocol anonymous.

Target Audience

The target audience for this community includes two main categories of people:

1. Near Protocol enthusiasts interested in the growth of the blockchain;
2. Privacy enthusiasts interested in the creation of more blockchain privacy tools.

The first one includes Near Foundation team members, DAOs and guilds, DeFi and NFT users, projects building on Near, influencers, VCs and anyone else that sees value on the growth of Near ecosystem.

The second one includes people from all over the crypto environment that participates in privacy and anonymity communities and discussions, for instance, the ones into Tornado Cash community and Cypherpunks.

Approach to the target audience

Hideyour.cash marketing’s team will use 2 main strategies to approach the target audience:

1. Business Development: from the start of the project on, our team will be focused in creating partnerships with privacy communities, project builders on Near, VCs and influencers. This way, we’ll create a network to help us evangelize the protocol and find its early adopters.
2. Content Creation: we’ll create quality content explaining what is hideyour.cash, how to use it, why it is important to have privacy protocols on blockchain, why our protocol is in compliance with the law, what are the differentials from other anonymity protocols, how to get involved with the community, and much more. We’ll market this content throw:
   1. Partners
   2. PR
   3. Influencers
   4. Social Media

Incentives to the target audience

We’ll encourage our community to become early adopters by 2 means:

1. Governance Token airdrop to early adopters: part of the tokenomics will be reserved with this goal.
2. Anonymity Mining: after the airdrop phase finishes, we’ll keep encouraging the use of the protocol by continuously distributing governance tokens in a shielded liquidity mining system to preserve the privacy of the liquidity provider .

Besides that, we do know that there are plenty of people interested in more privacy tools on blockchain. This people will be interested in helping the protocol achieve success despite token rewards.

Expectations with the target audience

By conducting this actions, we have the goal of getting enough people into our community to launch the protocol at the end of October.

Mass adoption

Besides marketing the protocol and bringing users to our own platform, we believe that we need to be proactive in finding new use cases and integrating hideyour.cash to other protocols.

Our vision is to be more than an anonymous transaction platform, but indeed a privacy layer on top of blockchain. Let us explain.

Even though blockchain was created to be a freedom tool to its users, privacy is still something that has to be deeply addressed. If transparency is a great implement for what, indeed, has to public verifiable, there are still plethora of use cases that would be favored by anonymity, as described above.

However, privacy on internet is still something that the average consumer doesn’t care about. Most people don’t understand how valuable is the data they share with centralized protocols, like Google and Facebook. Inside the crypto community, the majority of users don’t realize that their on-chain activities can be tracked by anyone - since it’s transparent. Unfortunately, this data can be used for undesired activities.

If we want a world where privacy is guarded, we actually need to evangelize the average person about the importance of privacy. More than that, we have to provide them tools to do that in a simple and friendly way.

For instance, this is what Apple has been doing to its users. “Ask this app not to track” is a privacy tool that Apple has implemented, evangelizing their clients about the importance of privacy and giving them an easy option to protect their data. It’s a top down revolution, that has to be conducted by the service providers.

This is our vision for hideyour.cash. We want to create a plug-and-play privacy feature that any company can integrate to their code, giving their users the option to make any transaction private.

For example, we could integrate hideyour.cash to centralized exchanges, such as Binance and FTX, so that their users could deposit and withdraw their tokens from/to an anonymous wallet. Indeed, we believe on/off ramps will be one of the first use cases we can integrate our protocol.

Therefore, our job is to evangelize and onboard new projects to hideyour.cash, so that they can provide a private way for their users to make transactions and, that way, we’ll achieve the final consumers throw a top down strategy, just like Apple has been doing. This is how we see the protocol getting mass adoption in the future.

To achieve this vision, we’ll keep our business development and marketing efforts to create partnerships, find new use cases and evangelize people about the importance of privacy.

Licensing

The project will be open source, we plan on using a standard MIT License.

Conclusion

At the data era, privacy is a human right that’s getting harder to protect. However, we do have tools that can craft a world where privacy is protected without sacrificing security.

We’re responsible for developing this tools and increasing the possibilities within the crypto world. NEAR has the technical potential to welcome this tools, and we, the community, have the obligation to use this potential to build them. By doing that, we’ll for sure serve as models for other ecosystems.

We, Hack-a-Chain, are excited to build hideyour.cash and hopefully this will light the spark of a greater movement towards privacy inside NEAR!

You guys have my support, really dig the idea and how you learned from Tornado’s “mistakes”. Curious to see your implementation of zkSNARKS, happy building boys.

Thank you for sharing this well thought out proposal. I agree that NEAR is well suited for a tool like this and I especially like the long term vision of becoming an on and off ramp to CEX etc.

Can you share more insight on where you think regulatory crackdowns can come from or better yet be avoided? It sounds like you’re preparing to better mitigate bad actors but can you explain more about the anonymous kyc. At some point, someone must know who is the end user for it to be KYC so I’m curious how the anonymity stays (if it actually does).

Looking forward to seeing the MVP.

Good luck!

Hey, Joe! Thanks for sharing your insights and questions.

You’re correct in stating that regulatory crackdowns can come from everywhere, as we have recently seen with Tornado.cash.

Our biggest challenge, indeed, is to create a protocol that stops bad actors from interacting to it. This is the best (and only) way to avoid a regulatory crackdown. The challenge gets harder since we cannot disclose user’s information and no one can have a backdoor for the system.

We’re studying some solutions for that, for instance:

1. KYT and AML: implementing Know Your Transaction and Anti-money Laundry tools from specialized players, such as Chainalysis and Elliptic, to block high risk wallets to interact with the app.

2. Anonymous KYC: using a ZK cryptographic proof to prove that you have done a KYC, without disclosing who you are.

3. Volume limitation: the more you want to transact in the protocol, the harder the KYC, just like exchanges. Also, you’ll only be able to transact according to your “score”, provided by the players mentioned above. In the beginning, while we’re still studying more compliance solutions, we’ll only accept low volume transactions.

4. Reveal Transaction: a tool actioned by a DAO voting that will reveal a transaction that has ocurred on the protocol. For example, when a bad wallet is discovered to have transacted on the protocol and there are investigations going on.

The more we understand the use cases for private transactions, we’ll also be able to personalize this solutions. For example, if we work in an on/off ramp solution for CEXs, we don’t really need to have a KYC, since they already have their own solutions to prevent the use from bad actors.

What is important to note is that the protocol is adaptable and can be integrated to different compliance solutions.

We’ll keep studying them, hopefully, we’ll come up with some good ones!

In case it could be helpful, let me share a previous design for private transactions: Deep dive into Private Transactions on NEAR. I don’t think it is being actively developed at the moment, or that it tries to address some of the issues why Tornado Cash was banned.

Thanks for the info, Marcelo! We’ll look at it.

Is the relayer permissionless? From what I understand, this will add a centralization bottleneck.
Can the protocol work without it and make the proof verification part inside the smart contract?

Hey @ciocan! Thanks for your question.

Yes, it is permissionless. Anyone will be able to become a relayer.

It would be possible for the protocol work without it, however the relayer has the important role of withdrawing the tokens on behalf of a wallet that has no tokens for paying the gas and sending it to the selected wallet. It wouldn’t be completely anonymized if you had to fund a wallet to be able to withdraw with it, since this wallet would have received a non-anonymous transaction.

Hope it’s clear! Feel free to ask any question.

Is the relayer in any conflict with the money transmitter regulation?

Any ETA for when the code will be open sourced?

We’ll be discussing every legal aspects with lawyers as soon as possible.

By the end of the year we intend to have the protocol working, all open sourced.

Thanks for your interest! We’ll also be starting a community on Discord soon and I hope to see you there!

Glad to see teams trying to build OS privacy tech on NEAR. Looking forward to checking out some of the code when it’s available .

Thanks for your interest, Chloe! We’ll be releasing part of the code soon