Privacy Pools are a novel smart contract-based tool that enhances the privacy of user’s transactions while still allowing users to benefit from the public nature of the blockchain.^[2][3]

Overview

Privacy pools are a new concept that allows users to deposit cryptocurrency into a shared pool while keeping ownership of the currency private. The pool uses cryptographically hidden records to track ownership, and users can withdraw without any connection to previous deposits. Privacy pools also allow users to demonstrate the legitimacy of their transactions without revealing specifics.

The core idea for Privacy Pools is to allow users to publish a zero-knowledge proof demonstrating that their funds originate from known lawful sources, without publicly revealing their entire transaction graph. Once that proof is validated, their wallet address would be added to an "allowlist" by a smart-contract protocol, allowing them to join a group of users whose transactions are batched and mixed together. This mixing provides user privacy by making it difficult to identify which user in the pool was ultimately the sender of the transaction.^[1][3]

Privacy pools are a proposal by Ethereum founder Vitalik Buterin alongside members of the Ethereum community as well as researchers from blockchain analytics firm Chainalysis that offer a compelling solution to this problem. Privacy pools are a first step in demonstrating that user privacy and regulatory compliance don't have to be mutually exclusive concepts.^[3]

How Privacy Pool Works

Privacy Pools aim to protect the privacy of transactions while separating criminal activities from lawful funds by organizing them into isolated sets or categories, allowing users to prove to regulators that their funds are not mixed with illicit funds.

This is accomplished through the use of techniques like zero-knowledge proofs to demonstrate the legitimacy of the transactions and the absence of involvement with criminal activities. Zero-knowledge proofs are cryptographic techniques that allow one party (the prover) to demonstrate knowledge of a specific piece of information to another party (the verifier) without revealing any details about the information itself.

When users want to take their money out of the Privacy Pool, they can choose to create a zero-knowledge proof. This proof does two things: First, it confirms that the user’s transaction is legitimate and does not involve a blockchain address associated with criminal activity. Second — and more importantly for users — it keeps their identities private.^[6]

Privacy pools that make use of zero-knowledge technology could theoretically solve part of this issue since they would give users privacy around transaction data while also distinguishing it from any criminal activity. By pooling honest transactions together, users could prove that their transactions come from one of the honest deposits.

Privacy Pool operates similarly to Tornado Cash by mixing multiple user transactions to obscure their true origins. However, when users choose to withdraw funds, they have the option to generate a zero-knowledge proof.^[7]

Criticism

• Vulnerability to private key transfers
• Innocent-until-proven-guilty

Some users criticized the notion of privacy pools on a more fundamental, philosophical level. For example, Zooko Wilcox, founder of Zcash, one of the earliest and most prominent blockchain networks that use zero-knowledge proofs for private transactions, believes the strongest possible privacy guarantees for individuals come from systems that look as close to "cash" as possible. His criticism of privacy pools focuses on the fact the construction is expressly the opposite of the “innocent-until-proven-guilty” principle upon which U.S. and European legal systems are based.^[3]