Balancing Privacy and Regulatory Concerns in the Crypto Space: Podcast Ep. 70

Balancing Privacy and Regulatory Concerns in the Crypto Space: Podcast Ep. 70

Episode 70 of the Public Key podcast is here! In a world where privacy seems more important than ever, cryptocurrency organizations strive to strike the balance between ensuring users privacy while still meeting crypto regulation requirements. In this episode, we speak to Elena Nadolinski (Founder and CEO of Iron Fish) who explains how her L1 privacy-focused protocol is doing just that.

You can listen or subscribe now on Spotify, Apple, or Audible. Keep reading for a full preview of episode 70.

Public Key Episode 70: Privacy plus programmability is the holy grail of any privacy project

Balancing privacy and programmability is notoriously difficult. In this episode of the Public Key Podcast, host Ian Andrews speaks with the creator of a Layer 1 privacy focused blockchain, Elena Nadolinski, Founder and CEO of the Iron Fish Foundation. 

Elena explains what it means to have programmability in a fully private environment and how the Iron Fish Foundation is balancing privacy and regulatory concerns in crypto. 

She also demystifies the differences between mixers and privacy coins, while explaining how Iron Fish as a privacy platform has the ability to support multiple assets and their plans to bridge other chains.

Elena clarifies what is zero knowledge proof and how view keys are utilized in a way that is very much analogous to how the non-crypto financial world works today.

Quote of the episode

“That’s why Iron Fish does have view keys, for instance. A view key at Iron Fish is a complete view key, meaning that it shows all the details about incoming transactions and all the details about the outgoing transactions.And so it’s actually very much analogous to how the non-crypto financial world works today.” –  Elena Nadolinski (Founder and CEO, Iron Fish)

Minute-by-minute episode breakdown

• (2:15) – Introduction to Iron Fish’s L1 blockchain and its privacy features 
• (4:04) – Elena’s background and journey from AirBNB  into crypto
• (7:25) – Evolution of zero-knowledge proofs and their importance in privacy
• (13:06) -Differences between mixers, Zcash and Iron Fish’s privacy protocol and multi-chain capabilities
• (17:05) – Iron Fish’s focus on usability and blockchain interoperability 
• (21:02) -Balancing privacy and regulatory concerns in the crypto space
• (26:05) – Explaining the concept of view keys for privacy and transparency
• (31:37) – Future roadmap for Iron Fish including asset support and community growth

 

Related resources

Check out more resources provided by Chainalysis that perfectly complement this episode of the Public Key.

• Website: Iron Fish: Seamless, Safe Crypto
• Blog: Verified Assets on Iron Fish!
• Article: Sequoia Capital – Elena Nadolinski: Privacy for the People
• Blog: Web3 = Web2++: The Iron Fish Vision 
• Announcement: The Privacy Layer for Web3, Iron Fish, Launches Node Application, Enabling Privacy-conscious Users to Run a Full Node in One Clicks
• Blog: Understanding View Keys in Iron Fish
• Blog: Vulnerability in Curve Finance Vyper Code Leads to Multi-Million Dollar Hack Affecting Several Liquidity Pools [UPDATED 8/8/23]
• YouTube: Chainalysis YouTube page 
• Twitter: Chainalysis Twitter: BuildCareers at Chainalysising trust in blockchain
• Tik Tok: Building trust in #blockchains among people, businesses, and governments.
• Telegram: Chainalysis on Telegram 

Speakers on today’s episode

• Ian Andrews * Host * (Chief Marketing Officer, Chainalysis) 
• Elena Nadolinski (Founder and CEO, Iron Fish)

This website may contain links to third-party sites that are not under the control of Chainalysis, Inc. or its affiliates (collectively “Chainalysis”). Access to such information does not imply association with, endorsement of, approval of, or recommendation by Chainalysis of the site or its operators, and Chainalysis is not responsible for the products, services, or other content hosted therein.

Our podcasts are for informational purposes only, and are not intended to provide legal, tax, financial, or investment advice. Listeners should consult their own advisors before making these types of decisions. Chainalysis has no responsibility or liability for any decision made or any other acts or omissions in connection with your use of this material.

Chainalysis does not guarantee or warrant the accuracy, completeness, timeliness, suitability or validity of the information in any particular podcast and will not be responsible for any claim attributable to errors, omissions, or other inaccuracies of any part of such material. 

Unless stated otherwise, reference to any specific product or entity does not constitute an endorsement or recommendation by Chainalysis. The views expressed by guests are their own and their appearance on the program does not imply an endorsement of them or any entity they represent. Views and opinions expressed by Chainalysis employees are those of the employees and do not necessarily reflect the views of the company.

Transcript

Ian:

Hey, everyone. Welcome back to Public Key. This is your host, Ian Andrews. Today I am joined by Elena Nadolinski, founder and CEO at the Iron Fish Foundation. Elena, welcome to the show.

Elena:

Thank you so much for having me. Excited to be here.

Ian:

I’m so excited for this conversation because I have to admit, I was not aware of Iron Fish before your team reached out. And so I’ve been doing some reading on it to try and be conversant in the topic, and I’m super fascinated with this intersection of privacy and anonymity in crypto, and you and your team are working at the heart of that. So maybe we can just start with a quick overview for other people that haven’t heard. What is Iron Fish? What are you all building? And then we’re going to dive into a bunch of related topics.

Elena:

Perfect. Yeah, so Iron Fish a brand new Layer-1, Proof of Work chain, and every transaction on Iron Fish is encrypted, meaning that it hides the sensitive information such as the sender, the recipient, the amount, asset type, and so on. We also have something called the multi-asset feature, and what we’re really doing is we’re building Iron Fish to be the privacy platform for crypto, to be like the Lego piece that other protocols can use for their privacy needs. So right now, Iron Fish is Mainnet launch. We kind of view Mainnet as step zero of launching this fundamental privacy platform, and then the next steps are going to be bridge into other chains so that we can actually support other assets from other chains on Iron Fish to give them the best privacy.

Ian:

There’s so much in there that we’re going to unpack through the conversation.

Elena:

That’s great.

Ian:

But I have to ask, you’ve been working on this for a while, right? Iron Fish launched in 2017, so six years in the making to this point, is that right?

Elena:

No, 2017 is when I learned about Ethereum.

Ian:

Got it. Okay. All right.

Elena:

Yeah, so I’ve been in crypto since 2017.

Ian:

Okay, so maybe we start there then. What brought you into crypto and then ultimately led to launching Iron Fish?

Elena:

Yeah, so I was a software engineer at Airbnb. And in 2017, I started to learn more and more about Ethereum. I went to a dinner at Protocol Labs House. Protocol Labs is the company behind IPFS and Filecoin, and everyone there was talking about Ethereum. So definitely was interested. I started to read more about it, started going to meetups and just learning as much as I could. In a few months afterwards, the very first Youth Global Hackathon was announced, Youth Waterloo. And if you remember the Crypto-keys project, for instance, that’s when they kind of unveiled their project. And so I went there and it was an incredible experience. Everyone there was extremely welcoming, open, and just extremely helpful. And that was when I realized I really want to be involved in crypto in some capacity. And it took me a year and a bit to finally quit my job at Airbnb and jump into crypto full-time.

Ian:

Wow. Now, at the time you made that decision, did your former colleagues at Airbnb say, “What are you doing, running off into crypto?” Or were they kind of jealous, “Wow, this is the new hot space and it’s awesome that you’ve done this”?

Elena:

I mean, Airbnb actually has a crypto alumni system at this point. Brian Armstrong, who was at Coinbase, was actually at Airbnb prior to that. And ChangeTip was a company that was actually a crypto company that was acquired by Airbnb and some people have since lept backed into crypto from the company. There are other people from Airbnb that started their own crypto company. So I remember there was a Slack channel called Crypto at Airbnb, and it ballooned to 400 people and just always lively conversations.

So I think a lot of people Airbnb, because they were kind of already in the heart of Silicon Valley and had this mentality of, I don’t know, I guess sharing people’s spaces, crypto is actually a pretty natural thing for people to know about or to gravitate towards. So yeah, there was a, I guess, like a crypto club, so to speak, at Airbnb that started off from this Slack channel, but we had guest speakers come in and we had “meetups” within the company. So when I did eventually leave, it wasn’t as big of a surprise, so to speak, just because of my interests, and I was already sharing a lot of the things that I was doing on the side.

Ian:

Yeah. What made you want to tackle this challenge around privacy specifically? What was the attraction there?

Elena:

Yeah, I mean, when I decided that I wanted to go into crypto full-time, I decided to work backwards. Let’s assume that in whatever time horizon crypto is going to win, is going to be the fundamental payment system or programmable money, whatever. What are we missing to get to that future? And to me, privacy was the biggest kind of section of crypto that very few people were working on that I thought was extremely important, and the tech behind it is extremely cool. So even back in 2018, 2019, when we really started to dig into it, it was pretty apparent that zero-knowledge proofs were going to be the leading technology for privacy and zero-knowledge proofs are cutting-edge cryptography, super cool tech, and something that I believe, still believe, is going to outlive crypto and kind of spill over to other industries as well, which is kind of what it’s doing already. So the intersection of this is a massive opportunity, this really much aligns with what I want to do, and it kind of completes the thesis of what crypto is hoping to bring to people.

Ian:

I was going to ask you about that because I feel like I’m relatively new to the crypto space, only having gotten into it sort of in the last two and a half years. But going back and reading some of the early white papers and looking at some of the commentary from, say, 10 years ago, it seemed like the public nature of the ledger was part of the original design, and the mindset has kind of shifted, I think, in the discourse to say, “Well, maybe it’s not such a great thing that all transactions are publicly viewable by everyone all the time forever.” What’s your take and position on that? Am I misreading the early days of the intent behind the public ledger? Have people just gotten smarter? What do you think?

Elena:

Yeah, so I think firstly, Bitcoin already was a revolutionary tech, and zero-knowledge proofs only became practically usable in 2013, 2014. So there was definitely a gap between what Bitcoin brought to the table and when, versus when zero-knowledge proofs or privacy-preserving tech really became applicable. Yeah, so the way Bitcoin validation works or any transparent [inaudible 00:07:11] validation works is based on transparency.

So if I were to send you a Bitcoin, the way a full node would validate that transaction is they would have to see all my prior transactions going into my wallet to see that my wallet does indeed have these funds that I’m trying to spend, so I can give that to you. So validation works on transparency. Now what zero-knowledge proofs bring to the table is they say, “I can prove to you honest computation.” So zero-knowledge proofs are not necessarily give you privacy or scalability. They’re just a tool to prove honest computation. And so now I can say, “Look, this transaction is encrypted,” meaning that it hides this information, “but I can prove to you that I’ve constructed it correctly and that you as the validator can have the confidence that the transaction is valid without the transparency aspect in order to validate that.” So does that make sense?

Ian:

It totally makes sense and I’m glad you went there because I think zero-knowledge proofs, or ZK proofs, is something that people hear about, but they don’t have a deep understanding on. So this idea that I can prove possession of something without having to show it to you, I think is at the core of the idea. Is that a fair sort of summation of what you just went through?

Elena:

It’s proving that the computation is valid, which is a bit more nuanced. So for instance, one example is I can show you, let’s say I have a receipt, a grocery store receipt, and the output of that receipt is my total balance. And I can say, “Look, like the total balance for these groceries is like $10,” and I can prove to you mathematically with a proof, with a constant-size proof, that the $10 total sum is correct without showing you all the itemized lists. So the computation is correct, and they can say, look, given the output, meaning $10, and given this proof, you can be verified or you can be confident in the fact that these groceries cost $10 without redoing the computation yourself.

Ian:

I can check out at the store and say, “I owe you $10,” because of the things I bought, but I don’t have to show anybody all the candy that I’m purchasing.

Elena:

Exactly.

Ian:

And be embarrassed about my choices in food, right?

Elena:

That’s exactly it. Yeah.

Ian:

So why has this ZK technology become the layer of choice for privacy and crypto? What’s the appeal over alternative approaches or options? You mentioned that this didn’t even really come into meaningful existence until maybe 2013, and I feel like I’ve only really started hearing about it in earnest over the last couple years. What’s changed?

Elena:

Well, so zero-knowledge proofs were invented like 1985 by Shafi Goldwasser, Silvio Micali, and Christof Rackoff. I always forget the last person’s name,. But back then, it was an interactive protocol and it wasn’t really usable. And so in 2013, there was a paper by like IBM research and Microsoft Research called the Pinocchio paper that kind of first made generic, dynamic, I guess, zk-SNARKs, and zk-SNARKs are just a type of zero-knowledge proof. The SNARK stands for succinct, non-interactive arguments of knowledge. And so in 2013, it was really when they just became applicable to do anything. But since then, there’s been just an explosion of research in the space. So Zcash, if you’re familiar with that project, they were the first to pioneer how to use zero-knowledge proofs for the privacy aspect. And so the privacy actually comes from encryption and zero-knowledge proofs prove that even though something is encrypted, I can still prove to you that it’s valid.

So again, privacy, or sorry, zero-knowledge proofs, they don’t necessarily give you privacy. It’s the encryption that gives you privacy. They just give you the ability or give full nodes the ability to validate that transaction without seeing it. But yeah, in 2019 onwards, there’s been an incredible surge of academic research into zero-knowledge proofs. And so now we have much many more different types of zero-knowledge proofs with different drawbacks. And there there’s zero-knowledge proofs that have a trusted set-up, ones that don’t. They can go into what that means. And so it kind of opened up a landscape to do other things like ZK roll-ups, if you’re familiar with that, for scalability, and then zkEVMs, again, for scalability purposes. And so we just have so much more innovation happening now.

Ian:

This is awesome. I want to go back because you mentioned Zcash as being one of the first production implementations, at least in the crypto ecosystem. Can you set up the differences between what you’re building on Iron Fish, something like Zcash, and maybe a mixer, as an example? Because I think people maybe incorrectly lump all these together, and there’s some pretty major technical differences between the three that’d be good to unpack.

Elena:

Yeah. So I’ll talk about mixers first.

Ian:

Sure.

Elena:

So a mixer is kind of like that, trying to mix things, but if you’re doing static analysis and you have any sort of sophistication, then you can very easily de-anonymize a mixer.

So mixers are no longer popular because they provide pretty bad user experience. You have to wait a long time, and then they give you pretty bad privacy. So that’s what mixers are. So then the next question was like, well, what is Zcash? So Zcash has two modes. It has transparent mode, which it technically is almost identical to Bitcoin. And then they have shielded Zcash. And shielded Zcash is where the innovation with zero-knowledge proofs and encryption comes from. And so for Zcash, again, a transaction is fully encrypted, so it does not reveal who the sender is, who the recipient is, or what the amount is. And instead, everything’s encrypted, and there’s a zero-knowledge proofs accompanying the transaction that validates it. And so in that way, it’s definitely not a mixer because it’s not mixing anyone’s funds. You are still sending your own funds to someone else. It just so happens that it’s hiding the sensitive transactional details.

And in terms of what Iron Fish is in comparison to all that, so we did bootstrap off of Sapling, which is the privacy protocol for Zcash, and we’ve done some modifications for it, such that Iron Fish can support multiple assets. So we kind of view Iron Fish as a chain-agnostic privacy platform, and our goal is to bridge to other chains so that multiple chains can use Iron Fish as a privacy platform. So one of the things we’re very eager to support is how do we support Bitcoin on top of Iron Fish so we can have private Bitcoin for the very time ever. How do we have stablecoins on top of Iron Fish so we can get to a digital cash experience? So we view Iron Fish as we’re not competitors to Ethereum or any of those other chains. We’re actually trying to augment, meaning add more value, to existing crypto assets.

Ian:

This is fascinating. So in practical sense, I have ETH on the Ethereum network in my MetaMask. Let’s just make a really simple example, and I want to send some of that to you, but I want that transaction to be private. So I would bridge that ETH onto Iron Fish, and then I would send from my Iron Fish wallet presumably to your Iron Fish wallet, at which point you could keep the assets on the Iron Fish network or you could bridge back to ETH?

Elena:

Exactly.

Ian:

Is that it?

Elena:

You got it.

Ian:

Okay. And when I do that, is the asset on the Iron Fish network similar to something like wrapped ETH where it’s-

Elena:

Yep, you got it.

Ian:

There’s another token. Does that mean that the native ETH is locked up in a bridge on the Ethereum network that you’re also operating?

Elena:

So yes on the first part. Our goal is to partner with other bridge operators so we can expand the Iron Fish ecosystem. The whole point of us launching Mainnet when we did is to start the clock running of here is a finished product and how do we entice people to build on top of it? This is our vision for privacy, this is our vision for Iron Fish to be this privacy platform, and here’s literally this fundamental privacy platform that has been running for at least a month now that is humming along quite nicely, stable, good to go. So here’s opportunity for you to build. So really the goal here is how do we convince other bridge operators to build those infrastructure wheels for us? Or I shouldn’t say for us, but for the Iron Fish ecosystem. But ultimately our goal is to do that. And so we’re very eager to support those bridges as well.

Ian:

Cool. So somebody like Wormhole for example, could say, “Okay, now we’re going to enable bridging into the Iron Fish ecosystem,” and you don’t have to operate a bridge. They do that, and then people can bridge from other chains as well. It’s not like you need to go out and build multiple chains.

Elena:

Exactly.

Ian:

Very cool. And then I guess presumably, you could convince somebody like the Centre Foundation to bridge Circle potentially onto Iron Fish, and then you get stablecoins as well, or create a native stablecoin on the Iron Fish protocol.

Elena:

Yep, exactly. So those are all the things that we’re definitely focusing on, of how to bring more value and how to support more assets.

Ian:

And do you imagine, then, that there are Native DEXes or lending protocols or all sorts of everything else, NFTs that we see, in the Ethereum ecosystem? Do those start to exist natively, or is it more of a transit, a private transit layer? How do you think about that?

Elena:

Yeah, so the way we think about it is let’s just focus on one thing, do it well. And once we get to a point where we think it’s stable, then kind of inch forward to the next thing. So the very first step is Iron Fish is a privacy platform. How do we enable more assets to live in Iron Fish? And there’s just so much work that needs to go into that. How do we make sure that the transition to and from Iron Fish is smooth and seamless? How do we integrate with wallets? You kind of described this journey of like, okay, I have MetaMask and then presumably I would get into Iron Fish. Well, to make that all seamless, it’s actually a lot of effort and a lot of work to make sure that easy things actually are very hard to do. So that’s kind of our step one post-Mainnet. Again, Mainnet was step zero. Step one is like how do we support multiple assets and how do we make sure that users are aware of how to do that and it’s intuitive?

And then to your point, it’s like, okay, great, Iron Fish supports all these assets, but the reason why people use crypto is because they want yield or they want DeFi, they want NFTs, or they want to do something with it. And so we are kind of thinking about how do we add programmability to Iron Fish? Privacy plus programmability is almost like the holy grail of basically any privacy project, and partially because it’s really hard to do.

What does it mean to have programmability in a fully private environment? What are you trying to hide? Are you trying to hide the state or the program itself or funds or just add anonymity to people? And so there’s different protocols that actually kind of attack this in different ways. And the way we think about it is one way for us to support the use cases that you mentioned is how do we have a layer-2 experience on top of Iron Fish, such that we’re very explicit to our users, the layer-1 is always private. No matter what you do on the layer-1, it always has the full-blown privacy guarantees. However, once you go into the layer-2 experience, you give up that privacy for programmability, but you kind of have the privacy benefit of always relying on a very private layer-1.

Ian:

Interesting. I’m curious, I was reading some of your documentation before we jumped in to record, and sort of step one is download Node.js, do an npm, install, and then start the node that you’re actually running locally. And the instructions were super straightforward, well-organized, but I could imagine that’s a fairly intimidating getting started experience for the average crypto ecosystem participant today. But on your website, you highlight, and you actually just said it, usability being key design goal for the entire thing, which I think is so lacking generally in crypto. I was really excited to see that as a premise of where you’re building. What’s the roadmap and direction that you want to take things there? What is the intended or future-state ideal for a typical end user?

Elena:

Yeah, so yeah, we did launch Mainnet, again, step zero. We launched it early so we could start getting feedback, and yeah, usability definitely matters a lot to us. And it matters to us even from the ground up. We made sure that our CLI is actually really easy to use. In comparison to other layer-1 projects, I think installing in Iron Fish is extremely easy. So once you have the latest version of Node, it’s just one command line tool to get it going. So npm installed, actually Iron Fish, you have the full Iron Fish SDK from just one Google command line tool. If you want to start the node, it’s just Iron Fish start. If you want to do any commands, any wallet commands and so on, everything’s very accessible from the command line tool. Now to your point-

Ian:

I can validate that, by the way. This is incredibly true. I mean, I was reading the documentation, I was like, “Oh, even I could do this. This is awesome.”

Elena:

Nice.

Ian:

Yeah, yeah.

Elena:

And you definitely should. But yeah, I mean to your point, usability does matter. So in a few weeks, we are releasing the desktop app for Iron Fish. People have been asking for a wallet for a long time. So the node app does have a built-in wallet as well. So the node app is a desktop experience for how to run a full-blown Iron Fish node. So you would have a GUI that kind of displays what your node is doing. It would allow you to send, receive money, and so on. But in the background actually is running a full-blown Iron Fish node, and so you can see all the peers that has connected to, the traffic, and so on.

So that is coming out shortly in roughly a couple of weeks. And so yeah, we’re definitely excited to do that. But the way we think about launching is how do you launch one thing and literally get more feedback from your community and your users so you can iterate and can make a product that actually suits them well. And so for this node app experience, if you go into the design channel from our Discord, you can scroll up and see all the feedback that we have we’ve collected from the community over the several months to make sure that it actually suits our needs.

Ian:

Yeah, I think it’s interesting. In some ways, it’s probably a similar experience right now to people who want to try and use Lightning on Bitcoin, which is you really need to be running your own full node in order to participate in the network, although I don’t know that you necessarily have the same challenges in peering to the other nodes in order to get scaled transactions. But at some point, do you imagine more of a lightweight experience, where I don’t need to run a node in order to have assets on the platform? Somebody else is running a node for me, or I just have a lightweight wallet only that can connect to nodes that are run by somebody else and I can accomplish a transaction.

Elena:

Yeah, exactly. So FoxWallet is a wallet that already integrated Iron Fish and that is mobile wallet experience. So you can use Iron Fish on your mobile phone today. Definitely, we are looking into how do we have the MetaMask experience for Iron Fish. Because right now, if you wanted to have full privacy, you have to download the full node. And I think that’ll still stay true in the long term as well. But the way Fox Wallet did it, for instance, is we kind of made it slightly difficult for them. I think what they did was actually a pretty impressive engineering feat to support Iron Fish. Because for privacy coins, there’s not a node you can ask, “What’s the balance of this wallet?” because everything’s private. And so there’s a lot of computational challenges in terms of figuring out is, is it the mobile wallet that is doing the decryption, where is it getting the information, and so on.

And so for light clients, there’s like two approaches. One is, you know, you have a server and you give the view key to the server, and then the server does all the heavy duty decryption for you, and then it gets you a lot closer to the MetaMask and Infura experience. So MetaMask relies on Infura, which is a third-party hosted node provider that gives MetaMask all the information it needs. So yeah, if the user’s comfortable to give up some of the privacy, meaning that they’re comfortable giving out the view key to the server, then you get to that experience.

The other alternative, which is kind of more in line with how the Zcash light client server implementation works, is the mobile wallet actually gets almost like simplified blockdata. And so the decryption happens on the phone, meaning that the view keys never leave your device. So the trade-off there is your phone does have to sync blockdata and your phone does have to attempt to decrypt those blocks in order to update your balance properly. So there’s a bit more computation burden on the phone, but more privacy for the user. So those are the two different approaches, and we’re actually looking into both of them because they serve different needs.

Ian:

Yeah. It’s fascinating that I wasn’t making the logical leap to, oh, without running the full node, it’s really hard to deliver that complete privacy guarantee. But as you explained it, it makes total sense why that would be a hard thing to do. One last technical question, and then I want to talk a little bit kind of business and philosophy perspective. You mentioned something at the top of the conversation about a multi-asset feature, and I didn’t totally follow what that was, but it sounded important. Can you unpack what that means?

Elena:

Yeah, so on Ethereum, for instance, you can make an ERC20 custom coin. On Iron Fish, you can make a custom coin as well, even though we don’t support smart contracts. So user could potentially create their own version of, I don’t know, whatever coin that they want in order to represent an asset. And we did that so that bridge operators could mint their own wrapped assets of whatever asset they’re bridging. So for instance, if a bridge operator wants to represent wrapped Bitcoin, then they would have to create a custom asset to represent wrapped Bitcoin. So that’s kind of what that means.

Ian:

Oh, that’s awesome. Okay. So Iron Fish has, I think, attracted some interest from some of the top venture capital firms in the space, Andreessen Horowitz, Electric Capital, Sequoia. Balaji Srinivasan I think is also on board as an advisor. I’m curious, what was the pitch that you used to bring them in into this area? Because I think this privacy and crypto, there’s two sides to it. There’s people that are saying, “Hey, privacy is a right. We should all be able to operate with that guarantee. Our data is not publicly available to the world.” And I think the other side of the argument is, “Well, that may be generally true, but in certain circumstances, there are things more important than privacy, like protecting children, for example, or stopping terrorists who are about to do something awful.” And I can imagine that for a venture capital firm wading into the middle of that debate, which it seems far from solved, would be maybe something that would be a turnoff. But obviously, you succeeded here. So how did you approach that conversation? I had to imagine it came up in the fundraising process.

Elena:

Yeah, so there’s two sides of privacy. One is privacy is a human, and we can talk about that more. The other one is privacy is very pragmatic. It’s really hard for a business to do business in the open like that. And most companies that are trying, like Tradify, like non-crypto companies that are trying to crypto, they’re kind of understanding that the lack of privacy actually does hamper their ability to react with crypto. So EY, for instance, which is one of the biggest accounting firms in the world, they have a protocol called Nightfall that is launching in Polygon, which is a privacy protocol. JP Morgan has always had a crypto team, and they used to support a project called Zther, which is another privacy protocol on top of Ethereum. I don’t think it ever launched. And if I’m mistaken, that’s great, but still they put in the effort to do that research. Visa has an internal crypto team as well, and they really care about privacy, too, because if Visa were to support stablecoins, then to some degree they’re leaking the financial information of their customers.

So privacy is a very pragmatic thing as well. If you’re trying to bring crypto to the traditional kind of commerce world, just financial privacy, it is way more than a moral right to them, but literally necessity for them to operate their business. So that’s definitely one side of the coin.

The other side of the coin is privacy is by far a net good to the world, and there are other ways that we can prevent bad actors from entering the system. And that’s why Iron Fish does have view keys, for instance. A view key in Iron Fish is a complete view key, meaning that it shows all the details about incoming transactions and all the details about the outgoing transactions. And so it’s actually very much analogous to how the non-crypto financial world works today.

So for instance, if you were a suspicious actor, a law enforcement agent would get a subpoena or a warrant to get access to your bank account. So there’s probable cause, and then they get to see your bank statements based on that. And for Iron Fish, it would work about the same. So if there was a suspicious actor, the view keys would allow someone to have a full audit trail for that account. But yeah, I mean it seems like you have a question, so I’ll pause here.

Ian:

No, I love the explanation and that you gave there. I mean, the way that I’ve talked about this with people is if you imagine you’re in line at the grocery store, you go to check out, and the cashier’s rung up your items, you swipe your credit card. No one in line behind you gets to know your bank account details, the balance of your checking account, or your credit card bill. All that information’s private, but it’s not anonymous. The store is collecting your credit card information. It’s passed through a payment network. Your bank receives this as a charge ultimately at some point. All of those people are doing things like fraud checks to make sure that you didn’t steal somebody’s card to buy your groceries.

There’s a whole bunch of other things that happen in that transaction path, but they’re private to the parties involved in the transaction. And all the people standing in line behind you don’t really get to participate, whereas in the crypto world, it’s like, well, no, everyone, not just in line behind you, but in the store, in the town, in the entire world can theoretically be a party to that transaction suddenly. And it’s always struck me as being uncomfortable, right?

Elena:

Yeah, totally.

Ian:

And so I think the way that you set it up is great. Do you think that amongst sort of policymakers and regulators, because you made a couple good points there about EY global accounting firm and a number of the big banks and other financial firms are investing, or at least trying to get academically competent in this area. Do you think the regulatory and policymaker side appreciates this? Or do they just see, oh, this tool for privacy is really going to get abused by criminals and therefore we can’t allow it to exist?

Elena:

So there’s definitely concern from regulators of privacy in general. So our job is to convince them and to make them more comfortable with the technology and also to explain to them that different privacy protocols work differently, like Iron Fish having that view key makes Iron Fish analogous to the non-crypto traditional banking system. We don’t need to reinvent the wheel on how we catch bad criminals because those things are already in place and those can be applied to how regulatory entities support Iron Fish. I think the thing that we as a crypto community are still trying to figure out is what gets regulated? Does a protocol get regulated? Do the developers need to follow those rules or do the regulatory entities need to follow those rules? And what are the rules?

Ian:

Yeah, those are probably a long list of questions that we may not get the chance to answer on the podcast. Yeah, I mean, the debate about does a node operator, are you facilitating a financial transaction because you run and host a node and the node is processing transactions on the network? I think, again, there’s sort of two sides to it. It’s like, well, you benefit financially in a lot of these networks by operating that node.

Elena:

Sure.

Ian:

Do you have an obligation to intermediate those transactions in some way, or are you more like a cloud hosting provider, where you provide network connectivity and power, and you really don’t have a direct responsibility in most cases for what’s run on top of that server from a software standpoint? I don’t know if you have an opinion on that, where you fall on that position. Should node operators be treated as regulated financial entities or not?

Elena:

I mean, I would say no. So the other example is, and it is an example that I’ve used before and other people have used as well, let’s say you’re Verizon, and there’s a terrorist, and the terrorist called in a bomb order using the Verizon cellular service. Who’s at fault here? Is it Verizon? Right? And I would argue, no. I would argue that the terrorists who called in the bomb order is the bad guy here, not Verizon. But then the question is like, well, what falls on Verizon? Do they now need to monitor every single phone call in order to figure out if there’s a bomb threat being called? Okay, well, that would mean that 99.9% of their customers are going to be losing the privacy in order for law enforcement to catch a bad actor. Is that a sacrifice that normal users are obligated to take, or is the law enforcement to come up with better models to how to catch that terrorist? Right?

So there’s a lot of these questions of whose responsibility is it to catch those bad actors and how? So I think from a protocol standpoint, a protocol should have the guardrails for regulated entities to catch bad actors, but it shouldn’t do it itself. So for instance, I think it would be pretty misaligned with crypto ethos for the protocol itself to say, “I’m going to self-censor on the base layer of the protocol.” And we have never seen that works successfully either, 

Ian:

Yeah, I think that’s a really interesting case, But a different question, going back to your telecom example, I think most telecoms are required to maintain call data records so that when law enforcement says, “Oh, a bad person did something and we think there was a phone involved that may give us information to do something about it.” They go and subpoena through due process those call data records, which feels analogous to your view key concept.

Elena:

Exactly.

Ian:

And so I don’t want to skip over that because I feel like this is a novel part of the architecture. If you could maybe explain practically how does the view key work? I possess something that unlocks the ability for someone else to be able to see balance and transaction history, and then I can share that either generally or selectively to anyone that I believe has a right to be in the know on my transactions? Is that the right way to think about it?

Elena:

That’s exactly it, right. So in Ethereum or Bitcoin, you have a private and a public key. And for Iron Fish, you have a private, public key, and a view key. And I want to make that distinction really clear, that the Iron Fish does not have a global view key. There is no global view key, there is no backdoor. So when you create the wallet, your wallet has three parts to your wallet, which is the private, public, and view key. So whoever creates a wallet, that is a person or entity or whoever who has the ability to give the view key to someone else. And just like you described, the view key gives you a full and complete transactional history for that wallet. And one way to argue that is, it’s actually even better than relying on the banking system because it gives you the ultimate truth that’s like cryptographically backed rather than a paper trail that banks would provide to you.

Ian:

Yeah. One of the things that’s really interesting is at Chainalysis, we’ve been talking to a couple different protocols that have a similar kind of view key feature, and one of the things that they’re hopeful for is that exchanges, or traditional banks for that matter, will start accepting these view keys. And so you have privacy on the network layer, but the exchange is able to validate and accept a deposit without holding your funds because, oh, it sees that the previous possessor of those funds was a mixer or some other privacy-producing feature of the network.

And it’s like, no, no, I can assert that my funds aren’t the result of illicit activity, that I’m not a sanctioned individual, and here’s my proof. I’m actually depositing it to myself for entirely legitimate purposes. And so it’s an interesting, I think what could be an interesting step forward that benefits everybody. Say for ecosystem, as you said, cryptographically proven rather than the hand drawn audit trail that we might find in Tradify. Very cool. Last question for you before we wrap up. You’ve just launched Mainnet in the last month, huge milestone. Where does it go from here? What’s the horizon for the rest of the year for people that want to follow along the Iron Fish journey?

Elena:

So again, everything we do is very iterative. We launch something, we get feedback, we make it better, and then we progress from there. So we launch Mainnet and we’re getting a lot of feedback from miners, exchangers, wallet providers, and so on of things that we could do better for Iron Fish today. So the very short term is kind of taking that feedback and adding different RPC APIs that people are requesting, adding optimizations to our networking layer. We’re listening to miners and miners are saying every transaction has a zero-knowledge proof attached to it, so validation takes longer. So block [inaudible 00:44:04] generation takes longer. How do we fix that or how do we optimize that? So right now we’re kind of working through those immediate responses to our community, making sure that everyone’s happy, the ecosystem is healthy, and so on. So that’s a very, very short term solution.

And everything, by the way, we do everything open source. If you want to see what we’re doing, you can either go to our GitHub, go to our Discord, go to our Twitter. We’re extremely open with what is happening right now. We even have monthly Discord updates where we, the entire engineering team, gets on there. We open up the Q&As and people can ask us live questions of what is the engineering team working on right now? So again, very transparent. In terms of slightly longer term, like end of year, right now, our goal is definitely how do we bring different assets on top of Iron Fish? That is my personal goal. So I’m going to kind of speak from more of a personal level. I do want to see multiple assets, other assets from other chains come onto Iron Fish. And so we are trying to figure out how do that, and so the goal, again, my personal goal for Iron Fish is to have at least one bridge to either Ethereum or Bitcoin and support at least one asset from one of those bridges.

So we’re definitely working hard towards that. And again, just getting to that experience in a way that is seamless, intuitive, and so on, it’s going to require a lot of work. The desktop app, as I mentioned, is also coming out very shortly, so the team is also working on that. Improving our documentation so that integrators, wallet providers, and so on can have a much easier time working with Iron Fish. That’s been a really huge focus as well, and just growing our community. We Mainnet launched, we set up the foundation, and we’re setting up the grants proposal process. We want to invite more people to build and to provide privacy to other assets. And so setting all that up is definitely a focus for the next six to 12 months as well.

Ian:

Outstanding. That’s a lot of exciting stuff. We’ll link to the social media handles and your regular AMAs so that if any of the listeners are interested to join in, they can easily do that. Elena, this was a terrific conversation. I feel like I’m leaving much smarter than I was when we began.

Elena:

Great.

Ian:

So thank you so much for spending the time with us.

Elena:

Thank you. Really appreciate it.