Panther Protocol’s Vision for Secure and Private DeFi
Panther Protocol will provide private access to DeFi while providing access to compliance tools supporting the new frontier of on-chain finance. Last month, Panther Ventures’ Head of Product, Saif Akhtar, and Chief Architect, Vadim Konstantinov presented the protocol’s latest vision for secure and private decentralized finance (DeFi) ecosystem at the Ethereum Community Conference 2024 (EthCC). This blog delves into that vision.
A New Era for DeFi: Privacy and Compliance
Panther Protocol’s mission is to provide on-chain privacy infrastructure for regulated financial services providers, enabling them to operate private trading Zones with customizable rules that can be aligned with local or regional regulatory requirements. As regulatory scrutiny intensifies, financial service providers who deal in digital assets face increasing challenges in finding solutions that are compliant without compromising the privacy and security of their users. Panther Protocol is being developed specifically to address this challenge.
KYC and KYT Attestations: Ensuring Trust and Security
KYC (Know Your Customer) and KYT (Know Your Transaction) attestations are critical in today’s regulatory landscape. In its initial releases, Panther Protocol will support the use of first and (for use where permitted) third-party KYC/KYT services, including Panther Protocol partner, PureFi.
However, Panther’s use of circuit-friendly signatures and Zero-Knowledge Proofs will have the capability to enable verification without exposing sensitive data, thus preserving even more user privacy. Where allowed, Panther’s Zero-Knowledge Proofs could be used to establish that regulatory conditions have been met. In the future, we believe using Zero-Knowledge Proofs will become the preferred way to satisfy regulatory requirements while preserving the user’s privacy.
Panther’s client-side proof generation will also be conducted through user’s browsers, as this method best preserves the privacy of the user’s information. Panther will use the Groth16 proving system to meet basic browser requirements while minimizing computational resource demands.
zAccount and Zones: A Dual-Layer Approach to Privacy
zAccounts and Zones are integral components of Panther’s architecture. zAccounts function as private on-chain identifiers that link user transactions without revealing personally identifiable information (PII). Zones, configurable by operators, enforce KYC/KYT rules and transaction limits, helping to align activities within the Zone to compliance standards. This dual-layer approach allows VASPs, and other regulated operators, to tailor privacy and compliance measures to their specific needs.
Data Escrow: Safeguarding Transactional Privacy
When transactions occur within Panther’s Shielded Pools, they will generate encrypted data that is stored in a data escrow system. This transaction data will be encrypted using Zero-Knowledge Proofs and zkSNARKs, ensuring that the details remain confidential and can only be accessed under predefined circumstances (rules set by a Zone Manager). The escrow system will be configurable, where allowed, to be managed by the Forensic Data Escrow Operator (FDEO), which holds the decryption key necessary to access the escrowed data but cannot do so unilaterally. Access to the escrowed data will require the activation of the Zone’s rules, as defined by the respective Zone Manager. Alternatively, the escrow system could be configured to provide unfettered access to the Zone Manager, as required.
When regulators require information, (for example, for the purpose of submitting reports to regulators, such as a suspicious activity report, or when requested by law enforcement), the protocol will be able to be configured so that the Zone Manager can access it on demand, relaying relevant data to regulators as required. Alternatively, where permissible, this data could bebe decrypted and disclosed in accordance with pre-programmed rules, set by the Zone Manager.
The system also supports selective disclosures, allowing specific parts of a transaction history to be revealed (for example, for auditing purposes) and providing mathematical proofs to validate these disclosures without revealing the entire transaction history. Disclosing information in this way ensures that only the minimum information necessary for the check or audit is revealed without including any additional data. This mechanism balances user privacy with compliance needs, leveraging advanced cryptographic techniques and a collaborative access model.
Smart compliance: the future of compliant privacy
Smart Compliance includes zAccounts, Data Escrow, and KYT Attestations, which will help to align Panther’s Zones to regulatory standards but also reduce the risk of illicit activities by enforcing rules by allowlisting customized lists of participants and assets, placing limitations on transactions and more. While Panther Protocol will be used in its initial releases by Zone Managers who use first-person KYC/KYT with full access to the FDOE’s transaction data, in the future (and where allowed today), we expect that Zero-Knowledge smart compliance will become the preferred method of providing evidence of compliance. Using a combination of the technologies described above, will preserve the maximum privacy possible for users.