How to Design a Compliant, Privacy-Preserving Fiat Stablecoin via Zero-Knowledge Proofs
Authors: Jonas Gross, Johannes Sedlmeir, Simon Seiter
This proposal applies previous work by Gross, Sedlmeir, Babel, Bechtel, and Schellinger, who designed a central bank digital currency (CBDC) system that supports cash-like private, compliant payments using zero-knowledge proofs and digital identities (Gross et al., 2021). We explore the feasibility of a (fiat) stablecoin that provides cash-like privacy while enforcing compliance with anti-money laundering (AML) and countering the financing of terrorism (CFT) regulation. Such a privacy-oriented stablecoin solution does not exist today. We demonstrate, based on concepts developed in Gross et al. (2021) in the context of a CBDC, how users can exchange small amounts of value with a (fiat) stablecoin within pre-assigned limits outside the view of third parties, such as banks, central banks, crypto exchanges, regulators, or other parties, in a regulatorily compliant way. Put differently: this study uses the key concepts developed in Gross et al. (2021) to demonstrate the feasibility of a privacy-preserving and compliant stablecoin. The contribution of this paper is to show how the privacy and compliance concepts for a centralized CBDC can be applied to a decentralized stablecoin. In particular, we discuss the changes that result from replacing a central validator, i.e., the central bank in the context of a CBDC, with a decentralized transaction validation based on a distributed ledger. Further, we sketch how the Mina Protocol can be the basis for a privacy-preserving and compliant stablecoin system.
The proposed system enables cash-like private digital stablecoin transactions up to specific monetary limits. If these monetary limits are reached, transactions are conducted in a less private way, e.g., fully transparently on a blockchain or by including third parties that approve the transaction. The concept allows us to implement a wide range of different limits, including transaction limits, balance limits, and (e.g., monthly) turnover limits, depending on the legal requirements in the respective jurisdiction. In contrast to existing approaches beyond the realm of stablecoins, such as the mixer Tornado Cash, this allows us to comply with AML and CFT regulation requirements, e.g. around identification of the transaction parties and the origin of funds. High privacy guarantees and compliance with limits are, as in Gross et al. (2021), ensured in a trustless way via the use of cryptographic zero-knowledge proofs, in particular, zk-SNARKs. From an abstract perspective, a payment system that provides cash-like privacy in a centralized setting (CBDC) also provides cash-like privacy in a decentralized (blockchain-based) system where transactions are recorded on a public ledger, such as a stablecoin. As a result, the full technical solution by Gross et al. (2021) can be readily replicated, with the key difference being decentralized, smart contract-based verification of payments based on a distributed ledger instead of central bank-based verification of transactions.
To effectively implement turnover limits, the system follows the idea to rely on the availability of a unique digital ID (Gross et al., 2021) available to all participants of the stablecoin system. Payments by one person can then be mapped to one ID (or rather a hash of the information included in the ID) and summed up. This summing up is necessary to ensure that a participant can only open one private stablecoin account. Yet, only the owner of a unique digital ID and the corresponding account, i.e., the individual, can do this mapping — it will not be transparent to any third party. While in this context a digital government-issued ID is a desirable solution, we observe that the availability of such a digital ID will take time. Due to this fact and in contrast to Gross et al. (2021), for this new stablecoin approach, we consider a digital ID that is issued by the stablecoin issuer or contracted third parties in an outsourcing relationship instead of the government.
A cash-like private stablecoin transaction between Alice and Bob works as follows. Alice and Bob bilaterally agree on a payment, e.g. Alice wants to send Bob 50 euros privately via stablecoins. Both Alice and Bob create a ZKP on their computer or mobile phone. Alice proves that she owns sufficient funds to send to Bob, that she does not create new money out of thin air, and that the transaction complies with the regulatory limits on her account. Bob creates a similar proof. Subsequently, Alice and Bob send these proofs to the network. No confidential information about the transaction parties or the transaction amount is shared with any of the participants in the network. After submitting the transaction to the network, validators verify the ZKPs and, after the successful verification, append the transaction to the distributed ledger. This entry does not contain any confidential information, thereby allowing cash-like private payments.
Note: This paper has been updated on December 17. The initial paper, published on December 15, was adjusted to more accurately capture the contribution of the paper and, in particular, to draw the lines between the novel concepts used in this paper versus the concepts that are used from previous work by Gross, Sedlmeir, Babel, Bechtel, and Schellinger (2021) around a privacy-preserving CBDC.
About the Contributors
etonec GmbH builds blockchain-based payment solutions at the intersection of payments, banking, and digital assets. What makes etonec unique is that it combines decades of global experience in payments and traditional finance, e.g., from working for PayPal, with insights in emerging technologies and concepts gleaned from working for leading crypto projects, such as the Libra/Diem Association. The etonec team is comprised of leading experts in digital currencies, stablecoins, central bank digital currencies (CBDCs), cryptocurrencies, self-sovereign identity (SSI), and in further innovative topics, such as the Bitcoin Lightning Network, Zero-Knowledge Proof Technologies, and Crypto-Backed Lending — topics that will heavily impact the future of payments. We make use of a global network of high-quality experts to help leading global brands leverage blockchain-based payment solutions and digital assets.
HAUCK AUFHÄUSER LAMPE (HAL) can look back on 226 years of tradition. The bank emerged from the merger of three private banks rich in tradition: Georg Hauck & Sohn Bankiers in Frankfurt am Main, founded in 1796, Bankhaus Lampe, founded in Bielefeld in 1852, and Bankhaus H. Aufhäuser, on the market in Munich since 1870. The two houses Georg Hauck and Bankhaus H. Aufhäuser merged in 1998, Bankhaus Lampe was added in 2021. HAUCK AUFHÄUSER LAMPE sees itself as a traditional and at the same time modern private bank. The private bank focuses on the four core business areas of private and corporate banking, asset management, asset servicing and investment banking. The focus of its business activities is on comprehensive advisory services and asset management for private and corporate clients, asset management for institutional investors, comprehensive fund services for financial and real assets in Germany, Luxembourg and Ireland. In addition, Hauck Aufhäuser Lampe offers research, sales and trading activities specializing in small and mid-cap companies in German-speaking countries as well as individual services for IPOs and capital increases.
The Mina Foundation is a public benefit corporation serving the Mina Protocol, the world’s lightest blockchain. The Foundation supports the protocol and its community by issuing grants to third parties that make significant contributions and by maintaining & managing community and network health. Board members include Former Executive Director at ZCash Foundation Josh Cincinnati, Harvard Business School Finance Professor and Coinbase Advisory board member Marco Di Maggio, VP of Engineering at Interchain GmbH and Tendermint developer Tess Rinearson, Mina Foundation General Counsel Joon Kim, and Mina Foundation CEO Evan Shapiro.
The Interdisciplinary Centre for Security, Reliability and Trust of the University of Luxembourg conducts research in information and communication technology with high practical relevance to create socio-economic impact. In addition to long-term, foundational research, SnT engages in demand driven collaborative projects with industry and the public sector. For instance, within the FINATRAX research group, these activities include topics in applied cryptography and blockchain, the digital transformation in the financial and energy industry, and general management information systems.
The authors thank Kurt Hemecker, Philipp Kant, Jonathan Knoll and Brian McKenna for their great feedback that were essential for this research. The original paper has been published on the etonec website.