Privacy-preserving payments shouldn’t be “niche,” says Monero developer Justin Ehrenhofer
Privacy has always been an important part of the crypto industry. Bitcoin’s earliest adopters often thought of the system as truly private, digital money. It wasn’t until Mt. Gox went bust and Chainalysis was founded to investigate where all the missing coins went, shattering the illusion of anonymous transactions on Bitcoin. This was a tough lesson for many to learn, and part of the drive to develop various chains that put privacy first.
Monero is one of the oldest of these projects, founded in 2014, and one of the most widely used. Although many people still use Bitcoin for transactions they would rather keep secret, those who are truly concerned about privacy know that a permanent, immutable and forever traceable blockchain is not the best option. Monero retains many of Bitcoin’s best features, but essentially protects the addresses. Like Bitcoin, Monero had a fair launch, and at this point is developed by a diverse community.
Justin Ehrenhofer is a speaker at CoinDesk’s Consensus 2023 conference in Austin, 26-28 April.
Justin Ehrenhofer, co-founder of Cake Wallet, is one of the most prominent Monero backers. He found the monero cryptocurrency, XMR, after developing an interest in cryptography and online data security while growing up gay in the not-always-friendly Midwest. He is one of the sharpest minds on Crypto Twitter regarding privacy, and is a board member of an organization that pays grants to people who maintain public payment systems.
CoinDesk caught up with Ehrenhofer ahead of Consensus, where he is scheduled to talk about politics in a post-Tornado Cash world. We cover the state of global privacy regulations, the beef between Zcash and Monero as well as the “technical debt” the latter has incurred over the years.
What topics do you think are under-covered or under-explored in crypto?
I think there are several areas that are little explored. The industry is massive now. People can specialize in everything from tokenomics to compliance. If you work in a very niche field, you probably always feel like that particular thing is underreported. For example, I tend to think that privacy is often underreported.
Did you have an “aha moment” where you realized the importance of privacy?
I certainly did. In high school, I needed to use Tor to bypass firewall restrictions on my network about LGBT content—back then, and possibly still now, a bunch of family filters would block that kind of content. It got me interested in privacy at a very early age. When I heard about Bitcoin, I thought it would be very interesting to combine money and privacy. My first private payment was when I used cash to buy a Walmart gift card that I used to redeem for a VPN – back in 2013 or so.
It is funny. Where do you think the privacy debate is headed in 2023 – especially with Tornado Cash in mind?
I think every country is going to do their own different things. Of course, the actions of the US will have the most influence, but there are going to be some jurisdictions that will try to completely ban anything they consider to be a privacy-enhancing tool. The international bodies that discuss anti-money laundering are unlikely to oppose bans. Other jurisdictions may try to redefine what remittance is to cover a wider scope. And it will be missed along the way. I hope that in the US we continue to have very clear lines of what money transfer is, so that people know when they need to register and know specifically what activities apply.
One thing I also hope for is that “regulation as enforcement” is less often done on an optical basis. Whether an asset of optics is considered to be a privacy coin or not is generally quite arbitrary.
What is the role of private money? Is it always going to be a niche?
I don’t want it to be a niche. I worry that if it is continually pushed to the side, we are going to lose important parts of our identity. Most practically, I worry that less private money – something where a third party has a high degree of control over it, or some government or regulator – will be politicized. This is how you end up with discrimination. There are many things under the guise of “public safety” – risk indicators and risk scoring that are currently attributed to cryptocurrencies that label some addresses as riskier than others. When we rely on third parties to track this information and provide services, it has a really big potential to be discriminatory, whether it’s intentional or not because they’re written by humans. So I think it is extremely important to have basic privacy for money. Even those who are not members of marginalized communities must push for higher privacy protections by default, so everyone is better off.
Over the past decade, are there any design decisions you would have made differently for Monero?
Monero as a network when it was launched in 2014 was completely different from the network today. It didn’t hide things like amounts, and ring signatures were very poorly implemented. They first tried to enter amounts [being spent] and it was best described as a disaster. Privacy is a very complicated thing to do well, and it was terrible. So it was learned quite early, to switch from that kind of system. And that kind of mindset has really stayed with Monero. If I were to relaunch Monero today or reboot the Monero ethos today on a separate blockchain, it would be very convenient to get rid of a lot of the technical debt that has accrued over time. It has pretty messy code at this point. There are some attempts to rewrite parts of it ahead of the next big sweeping change that is currently being proposed but not yet widely accepted.
You hear things like this a lot in crypto – are there specific ways this affects development?
Absolutely. There are many things we have learned over the years. One thing that keeps coming up is that privacy is always a struggle – you always have people getting better and better at tracking. They will always develop new techniques to counter what you are doing to protect yourself. As this applies to data that you store in a public database and a permanent record [i.e., a blockchain], it doesn’t disappear, so your opponents really have time to research that information. So privacy needs to keep getting better and better. The tools have to keep getting better and better. You can’t just stand still because if you stand still you become obsolete. It is one of the most interesting things between the Bitcoin and Monero communities. They have many similarities, but one big difference is that Bitcoiners generally demand strong backwards compatibility features – they want to be able to open a wallet and essentially use the exact same software they set up 10 years ago. This certainly has some benefits, but when it comes to privacy, you kind of have to force people to keep using a better opsec.
Forcing people to use the latest reasonable privacy standard is one thing the monero community decided to do right. However, major changes are not considered unless they provide significant benefits. The key is to be open to them.
This is probably a stupid question, but considering that you have compared to Bitcoin: Can you explain the rivalry with [privacy system] Zcash?
Some members of the Monero community definitely dislike Zcash and vice versa. There was definitely a rivalry when Zcash first started. Members of the early Zcash community were usually from academia, so you had these academics who have very interesting cryptography that they implemented in Zcash. What Monero offered at the time was arguably significantly inferior. If there was no “trusted setup” with Zcash and no developer tax, and you know, let’s say it was a fair launch, meaning Zcash launched the same way Monero launched, then maybe a large portion of The Monero community has actually switched over . You know, if there weren’t such inconveniences.
There’s more to say, but it boils down to Monero supporters think Zcash is bad at implementation, and the zcash community talks for hours about trademarks and other nonsense that shouldn’t be a concern here. Zcash has a sustainable way to get money from the block reward to keep funding all these cool developments and things. And I would say that there are definitely members of both communities who are far more interested in how both projects advance transactional privacy
Are you familiar with the idea of solarpunk – the idea that crypto transparency, or perhaps data transparency in general, is a better route?
I’m not familiar with the specific ideology, although I think I might be too pessimistic at times. When it comes to transactional data, there are certainly some benefits to transparency. We see that for charities that offer transparency – it can be very good. But I’m just too worried about mass discrimination, and how data will be used against people.
As someone building a crypto wallet, can you give an overview of what kind of progress is being made?
Yes, I work for Cake Wallet. It is an open source and non-custodial wallet that was originally launched in 2018 as a mono wallet for iOS. Since then, bitcoin has been added [BTC] and Litecoin [LTC] and other assets and has also expanded to Android and desktop.
Some wallets will be tailored for specific target groups.
Custody wallets generally prioritize the user experience. They prioritize onboarding, and can usually integrate things like directly [paycheck] deposit or support a debit card. They typically try to integrate less sophisticated, less technical users who often have a more investment-driven focus.
Then you have what I would say is the most common type of non-custodial wallet where you have your own access to funds and keep your keys. Even many of these are investment-focused, so design their experience to closely resemble an exchange interface and provide easy options for buying and selling coins.
Then there are wallets that are much more specific. In Cake, we have in a way created our niche around payments. It should not be surprising that monero is often used for payments rather than being held like bitcoin as an investment. We hope to continue to grow this niche.
Then you have other, certainly very specialized wallets like very specific Lightning wallets. They are specific in the support they have for certain cryptocurrencies or entirely designed around certain asset classes such as [non-fungible tokens].
An interesting thing is that many of these wallets are open source and many of them have permissive licenses. So it gives local communities the opportunity to start with a good design or a good existing project and drive in their own direction. It also ensures that everyone is on each other’s toes and always innovative, because if you are going to stagnate, someone else can come and continue where you left off to do better.