Of the three legs of the blockchain trilemma—decentralization, scalability, and security—security is the most foundational. It is an absolute necessity that users feel assured that the system they are using will not leave them exposed.
Achieving blockchain security is motivated by what has been labeled the cypherpunk mentality—the idea that by leveraging cryptographic methods, we can develop online defenses that protect our personal information. But as crucial as security is to the adoption of decentralized financial applications, there remains a fundamental lack of privacy protection on Ethereum.
Users may think that hiding behind an Ethereum address is sufficient to keep them anonymous, but the network uses a public, auditable ledger with account-based tracking. This means that everyone can easily discover the wallet balance of every user on the network. This isn’t dissimilar to any payment you make in your daily life-giving the recipient the means to check how much money is in your bank account. Suppose you wanted to make a contribution to a liquidity pool such as Aave—with base Ethereum, the entire network knows your investment and can see when you withdraw. Or what if you wanted to interact with a DEX? Uniswap executes billions of dollars worth of trades daily, with each transaction trackable simply by looking up the Uniswap smart contract on Etherscan. Click on any one of the addresses involved in the transactions and you can view the entire trading history of the wallet. For anyone trying to develop proprietary farming strategies, they could easily be copied. Or for a credited trader with a number of users following their wallet, every investment they make notifies those users.
Beyond wallet transparency, consider how most users interact with the Ethereum network—even services that let you manage your own wallet like MetaMask are able to read your IP address. Assuredly, there are methods to enhance security, like using a VPN, using multiple addresses for different dApps, or even running a node yourself. But privacy shouldn’t require users to be developers or experts—mass adoption and true usability require layer-one, passive privacy.
In recent years, privacy-focused protocols have been developed and successfully implemented, proving the effectiveness and versatility of zero-knowledge cryptography. In 2015, Zcash launched a fork of Bitcoin that enabled users to send transactions with shielded addresses. But the more versatile Ethereum has a different environment structure, with account-based tracking and smart contracts increasing the complexity of protecting wallet information. Thus, providing the same level of privacy on Ethereum required additional research and development.
One possibility for anonymizing transactions through Ethereum is using mixers or tumblers, protocols that enable users to transfer to another Ethereum address without the deposit and withdrawal addresses being linked, often in set denominations of 1, 10, or 100 ETH. However, this privacy model is incomplete. With a balance in a mixer, it’s impossible to withdraw to a smart contract or interact with DeFi protocols. The user has to create an additional address, withdraw to that address, and then submit the contribution
or transaction to the smart contract. Additionally, they have to make sure that none of their behaviors enable someone to link the new address to their original address. Even with the proper use of a new address, only being able to exchange denominational values makes proper DeFi interaction difficult.
Railgun has introduced a stronger model of privacy that brings security to DeFi. By establishing a shielded wallet for all users, any interaction you can execute with your Ethereum wallet can be executed anonymously with your Railgun wallet. The same for the other smart contract-capable blockchains the technology has been ported to.
DeFi has been at the core of blockchain development over the past 2 years. It’s been foundational in moving the technology from ICOs and into the development of efficient financial products. DeFi applications are responsible for billions of dollars worth of transactions, all of which are easily trackable.
If these applications are to be trusted and used as true financial mechanisms, then privacy is necessary. Privacy that doesn’t require expert knowledge.
Using Railgun, once the initial contribution is made, your address is shielded. Your Railgun wallet can make a transaction to any smart contract or wallet address, and all that will be revealed is that a Railgun user executed the transaction. Contributions to a liquidity pool, exchanges over a DEX, internal or external transfers—all can be made in any denomination with a single transaction. Railgun solves the vast majority of privacy problems DeFi has been struggling with. That said, as recent years have shown, DeFi requires the mindset that no one is quite sure what is over the horizon.
Shielded wallets are a solid foundation, but constantly-evolving products, features, and methods require protocols that can adapt. The team behind Railgun is full of strong minds, cryptography experts, and accomplished engineers, but the ultimate power lies in the democratized decision-making of the DAO. With a list of enhancements already in discussion, the community has the ability to hear the voices of any DeFi innovator, Ethereum developer, or simply anyone who truly believes that privacy should be within reach. Railgun introduces a new paradigm, enabling us to unlock the full potential of DeFi.
By Nick Ulven