Panther Protocol & Privacy Pools: Approaches Compared

Different approaches to private asset velocity in light of the Privacy Pools paper.


Introduction

Public blockchains inherently champion transparency. The cornerstone of this architecture allows anyone to validate transactions without dependence on centralized intermediaries. This transparency, while advantageous in many respects, also accentuates the pressing need for privacy, especially given the escalating prominence of platforms like Bitcoin and Ethereum, their DeFi applications, and adoption by institutions.

The industry has various challenges to solve to deliver privacy-enhancing protocols: transaction linkability, network privacy, and private key management are some. There have been commendable strides in these areas, such as the development of Layer-1 blockchains like Zcash, which offers private transactions, and smart contract solutions like Tornado Cash, which breaks the transaction link between deposit and withdrawal addresses on Ethereum. Due to their permissionless nature and approach, these systems are currently not designed for risk management. Notably, Tornado Cash was rampantly used for cybercrime money laundering activities. According to Buterin: “Tornado Cash has also been used by various bad actors. Deposit data suggests that hacker groups have moved funds from illicit sources through the protocol.” (Buterin et al., page 1). While Tornado Cash had its pitfalls, notably its usage by malicious actors (causing the protocol to get internationally sanctioned), the root cause of such vulnerabilities isn't necessarily technological but rather structural and was meant to be exploited.
At its core, the true sentiment we need to grapple with is this: compliance, while ensuring standardized behavior and safeguarding user interests, undeniably carries a cost – both financial and in terms of user accessibility. There's an exclusionary element to compliance, where stringent checks can sometimes inadvertently alienate non-malicious users. Furthermore, the absence of clear regulatory frameworks around decentralization and DAOs has ushered in shades of ambiguity. This uncertain environment is ripe for exploitation.

Historically, many actors in the space prioritized rapid growth over diligent compliance, often underestimating or even ignoring the long-term repercussions of such a strategy. Their motivations were straightforward – to reduce immediate costs and accelerate expansion. But such a strategy is inherently flawed. With today's well-informed user base demanding greater clarity and accountability, the repercussions of neglecting compliance have grown exponentially in magnitude. Simply put, compromising compliance for short-term gains threatens the longevity and credibility of any decentralized system.

It's essential to differentiate between ideologic and economic motives. While the decentralized movement was born from a desire for autonomy and freedom from permissionless surveillance, its sustained growth and mainstream adoption are undeniably tethered to economic incentives. In this case, ideology isn't the dominant force; it's the potential for economic upside. Similarly, while security concerns are paramount, they represent a distinct set of challenges, separate from those posed by compliance.

Thus, as we critique systems like Tornado Cash, it's imperative to understand that their vulnerabilities aren't just a result of technology but are deeply intertwined with larger strategic challenges and a blind eye toward solving compliant access.

Panther Protocol, however, envisions a refined balance. Our goal is to augment data privacy on public blockchains while introducing a flexible approach to compliance, making it accessible to a diverse user base, from individuals to institutional giants.

Panther’s overall approach

Panther Protocol refines and extends the Shielded Pool concept and has developed advanced Multi-Asset Shielded Pools to include compliance features enabled by zero-knowledge proofs.

  1. Users can deposit into a Multi-Asset Shielded Pool (or simply Shielded Pool) only after presenting a ZK proof of their verified status, an action that's verifiable on-chain.
  2. Transactional activities like deposits or withdrawals necessitate a ZK proof to vouch for the purity of the associated wallet address.
  3. Upon providing the necessary proofs, users activate a zero-knowledge Account (or zAccount), which serves as a unique user identity record, tethering all their transactions.
  4. Situations like regulatory scrutiny may necessitate users to reaffirm their credentials, leading to zAccount reactivation.
  5. All interactions with the protocol are strictly based on zero-knowledge proofs, ensuring minimal data exposure on-chain.
  6. With the zAccount system, all transactions from the same user are interconnected, and a ZK proof can be generated to showcase the volume or assets dealt with, offering a possible avenue for regulatory review.

In a pioneering approach that seamlessly complements the decentralized structure we've discussed, Panther introduces an innovative method to manage compliance risks. At the heart of this strategy is the inclusion of a compliance provider, operating autonomously from the Protocol. This provider's principal role is to authenticate users, offering them a unique set of credentials after a series of verifications. These credentials then serve a dual purpose:

First, they enable users to craft zero-knowledge proofs directly within their browsers—a testament to the strategy's user-centric design. Second, in line with the modern digital identity landscape, these credentials can be seamlessly integrated with blockchain-based DIDs and similar platforms. Panther's vision extends even further. In a move that underscores flexibility and choice, users aren't bound to a single compliance provider. They can seek verification from any compliance provider of their choice. Once verified, users can then present these credentials as an irrefutable attestation to their authenticity, granting them unhindered access to the protocol. This strategic integration ensures multilevel compliance and amplifies user trust, forging a pathway to a more secure decentralized future.


The Solution for the problems presented in the Privacy Pools paper.

In a quest to strike the right balance between privacy and compliance in decentralized finance, Panther unveils a revolutionary approach that aspires to solve the same set of issues as presented in the paper titled “Blockchain Privacy and Regulatory Compliance: Towards a Practical Equilibrium”, also known as the “Privacy Pools” research paper, by thought leaders such as Vitalik Buterin and Ameen Soleimani. As highlighted in their work, "Privacy Pools-like systems allow users to achieve more privacy around their financial transaction histories and activity while retaining the ability to prove their disassociation with known illicit activity. We expect that honest users will be incentivized to participate in such a scheme by a combination of two factors: (i) the desire for privacy, and (ii) the desire to avoid suspicion.” (p.8)

Central to the Privacy Pools model is a foundational idea: "Instead of merely zero-knowledge-proving that their withdrawal is linked to some previously-made deposit, a user proves membership in a more restrictive association set." (p.4) However, Panther diverges here, adopting a more tailored approach suited for real-world applicability. Panther operates on the positive constraint that all deposits emanate from verified users with authenticated wallets. This eradicates the need for additional proof during fund withdrawals.

Users can:

  1. Attest ownership of the originating Account for their deposits.
  2. Showcase credentials affirming the withdrawal to an address in good standing, either owned by them or a validated Account holder within Panther.
  3. When directing withdrawals to other DeFi protocols or centralized exchanges, they can offer proof of 'source of funds', which is verifiable by the receiving party.

Another aspect highlighted in the Privacy Pools paper is the inventive adaptation of the Tornado cash UTXO model. However, one of the challenges presented is the maintenance of reliable and upright Associate Set Providers within a decentralised framework. These systems employ third-party entities known as ASPs to establish association sets. While the association data resides off-chain, its Merkle proof is recorded on-chain, ensuring ASPs maintain data integrity. ASPs might encompass compliance providers or even wallet screening oracle services.

The Privacy Pools paper underscores the necessity of expansive association sets to attain the desired privacy level and to lure good depositors, distancing them from malicious actors. Panther's answer to this is the creation of "Zones". Differently from the association sets of Privacy Pools, Zones are logical divisions within a Shielded Pool, each identified by a unique Zone-ID ingrained in every UTXO commitment. This allows for entities to create and tailor their own Zone, shaping membership criteria, selecting compliance providers, meeting regulatory demands, and even facilitating interactions with other Zone members. Notably, while these Zones provide tailored functionalities, they share the same anonymity set, as they all operate under the unified MASP architecture, reinforcing the strength and integrity of the system.

For instance, as a Zone Manager, an institution would have the capability to:

  1. Designate which Zones can transact their Zone and vice versa.
  2. Choose a new compliance provider or integrate an existing one tailored for its Zone.
  3. Define KYC renewal durations for Zone members.
  4. Set transactional boundaries, including deposit, withdrawal, and internal transfer limits.

The advent of "Zones" thus arms regulated entities and institutions with a formidable toolset, enabling them to seamlessly conduct privacy-preserving on-chain transactions and interact with protocols, welcoming a broader spectrum of participants into the world of DeFi. This agility comes out of Panther’s UTXO design and is instrumental in tapping into new opportunities and maximizing the potential of decentralized finance.

Panther Protocol & the advanced UTXO model

Before the broader public became acquainted with the intricacies of the Privacy Pools paper, which mentions, "The simplified, privacy-preserving coin systems above only support coin transfers in the same denomination. Zcash supports arbitrary denominations through its use of a UTXO model," (p.6) Panther Protocol was already ahead of the curve. Panther crafted a pioneering system that not only facilitated transactions in diverse denominations, but also tackled real-world challenges to amplify on-chain transactional privacy. Additionally, Panther's advanced Shielded Pools are designed to support a wide range of assets, including:

  • ERC-20: The standard for fungible tokens on Ethereum, allowing for a consistent interface across multiple token contracts.
  • ERC-721: A standard for representing non-fungible tokens (NFTs) that can be used to represent ownership over unique items or pieces of content.
  • ERC-1155: A more generalized standard that supports both fungible and non-fungible tokens, enabling the creation of multiple token types within a single contract.

With these integrations, Panther Protocol not only serves as a privacy shield for traditional tokens, but also for the blossoming world of NFTs, showcasing its versatility and forward-thinking approach.

Let’s dig a little deeper into Panther User Accounts and how they enable Compliance:

1. User Account UTXOs ( or zAccounts): At the heart of Panther's approach lies the concept of the "User Account UTXO" — a distinctive type of UTXO nestled within the broader UTXO Merkle Tree. This can be imagined as a dynamic address book or user registry that can be activated based on several criteria, such as:

  • Association with a social network account.
  • Linkage to an Ethereum address.
  • Ties to a user’s KYC records.

2. Activation and Non-Interactive Transfers: Upon Account activation, the user account registry establishes a link between the public root spending key, public reading key, and a "public" Ethereum address associated with the user. This elegant arrangement enables non-interactive transfers within the Shielded Pool, eliminating the need for the sender to fetch the receiver’s pubkeys.

3. Accounts and their utility: The fields encapsulated within the zAccount UTXO pave the way for a myriad of functionalities. For instance:

  • The "Nonce" serves as a transaction counter for user accounts, helping in linking and ordering transactions under the same Account.
  • Parameters such as "Order" and "Quantity" further enhance transactional clarity.
  • This feature might also be employed for disclosures to provide proof of completeness.

4. Expiry Time & Renewal Mechanisms: Recognizing the absence of a foolproof exclusion proof, Panther has instituted an "Expiry Time"mechanism, which mandates periodic renewals of user accounts. Potential renewal methodologies could range from:

  • Aligning with KYC renewals.
  • Adopting a permissionless approach.
  • Re-verification of humanity.
  • Using a zk-proof to validate the total volume of transactions remaining under specified limits.

Panther Protocol's nuanced use of the UTXO model paints a future where transactions are not only private but also flexibly aligned with the intricate demands of the world of DeFi.

Panther's architecture, with its foundational pillars of privacy, is crowned with a structure for on-chain compliance. Yet, one might wonder –what avenues are available to Panther users to leverage the augmented privacy derived from their Panther-based transactions?

This is precisely where Panther distinguishes itself from conventional privacy paradigms:

1. Seamless integration with premier DeFi protocols
Panther has engineered private adaptors in collaboration with eminent DeFi protocols such as Uniswap and Curve. This enables users to execute ‘one-click’ swaps, instantly privatizing and verifying the transaction from a regulatory standpoint.

2. Diverse platform Adaptors
Our vision goes beyond mere swaps. We anticipate adaptors that bridge Panther with an eclectic range of platforms, spanning from NFT marketplaces to lending hubs and beyond.

3. zTrade: Panther’s Dark Pool
Panther includes an innovative solution for confidential and compliant dark pool transactions. With zTrade, users can preserve their trading strategies, mitigate counterparty risks, and effortlessly execute voluminous trades at pre-negotiated rates, all within the Shielded Pool.

Conclusion

In the ever-evolving world of decentralized technology, the quest for innovation remains perpetual. As the landscape gravitates towards establishing fully permissionless and decentralized privacy solutions, the challenge is ensuring these platforms don't inadvertently provide refuge to malicious actors. Panther recognizes this dilemma and has meticulously worked to strike a balance. By weaving in compliance features, we ensure a blend of unwavering privacy without compromising the ethos of decentralization.

An essential distinction to note is that while Panther's system might appear to have rules-based access on the surface, it operates within a decentralized framework. No centralized entity dictates or establishes the rules. Instead, the rules of compliance, tiers, and other requirements are orchestrated by the Panther DAO or by the institutional entities that will own and oversee the Zones. This approach signifies a pioneering stride in the blockchain world, merging decentralized ethos and structured compliance advantages.

Moreover, as government-issued identities gain traction in various developing nations and blockchain-based DIDs persist, the symbiosis with Panther becomes increasingly potent. We are confident that such integrations will pave the way for scalable, secure, and trustful access methods, aligning with the vision of a more inclusive and transparent decentralized world.

About Panther

Panther is a cross-protocol layer that uses zero-knowledge technology to build DeFi solutions that meet regulatory requirements and satisfy users' on-chain data privacy needs. The goal of Panther is to allow seamless access to DeFi and create a cross-chain-supported architecture that serves different use cases. Panther's zero-knowledge primitives are also generalizable to KYC, selective disclosures between trusted parties, private ID, voting, and data verification services.

Website · One-pager · Lite Paper · Twitter · Telegram · Discord