Zero-knowledge for DeFi is ‘not the correct answer’ — Multicoin Capital’s Kyle Samani

A number of teams are working to enable zero-knowledge DeFi, but they’re all dealing with the same basic logic problem

by Darren Kleine /
article-image

ADragan/Shutterstock modified by Blockworks

share

Kyle Samani says zero-knowledge proofs have their place, just not in DeFi. “I’m fairly confident ZK is not the correct answer for privacy on-chain.” 

Proving to someone that an individual is old enough to buy alcohol without revealing personal details like an address? “That maps to ZK extraordinarily well,” he says. 

“That’s literally what a zero-knowledge proof does,” he says. “If the goal is to preserve privacy, proving something about yourself, that works very well.” But that’s not the case if the goal is privacy in the context of DeFi, Samani explains.

On the Lightspeed podcast (Spotify/Apple), Multicoin Capital’s Kyle Samani explains why zero-knowledge, or ZK, rollups are not practical solutions for privacy in DeFi.

DeFi requires the notion of a “shared state,” Samani explains. “There’s an LP pool and a limit order… and you have people crossing the spread and you have people doing interactions and there’s now math happening between people.”

“In the world in which people are submitting ZK things to a blockchain to do these kinds of financial transactions, there is no notion of global state,” he says. “Therefore, if there is no notion of global state, you cannot reason about global state.”

Reasoning from the top-down

Samani suggests thinking about the basic premise of zcash (ZEC), the privacy-based cryptocurrency, to illustrate the problem. With zcash, he explains, the proof of any transaction states that a series of UTXOs (unspent transaction outputs) have been sent to a series of private addresses in an “encrypted blob.” 

In the example Samani gives, he says, “the total number of UTXOs I have received is less than the number of UTXOs I have sent out, including the current transaction.”

“Basically, you’re just saying my balance is larger than zero,” he says. 

Theoretically, zcash should never exceed a circulation of 21 million since it is a fork of Bitcoin built with the same supply limit, but there’s no way to audit the supply due to its privacy-based design, according to Samani.

It’s been a fundamental property of zcash since “day one,” Samani says. He points to what could have been a catastrophic bug, reported and remediated by the zcash team in 2019, whereby someone might have been able to mint an unlimited number of zcash in the encrypted pool.

“No one believes that it was taken advantage of, but it was discovered, it was patched and then disclosed afterwards by the Electric Coin Company, which further highlights the fact that there was no way to audit the system from the top-down.” In other words, it’s impossible to know with certainty that the supply of zcash is still fixed at 21 million.

Samani relates the incident to attempts to implement zero-knowledge solutions in DeFi. “If you can’t reason about the system from the top-down, then DeFi, at least DeFi as we know it right now, doesn’t work.”

“There is no XYK. You don’t know what K is, and therefore you don’t know what X and Y are.”

“Collateral management, and are you solvent, and your health factor and all this stuff — those concepts don’t work when everyone is submitting a bunch of private proofs to the chain.” DeFi requires a top-down view to function, Samani says, “And that fundamentally doesn’t map to a bunch of encrypted ZK transactions.” 

A number of teams are working at enabling zero-knowledge SDKs, Samani says, “but they’re all dealing with this very basic logic problem.”

Samani suggests the right way to get to privacy in DeFi is via FHE, or fully homomorphic encryption. Contracts would be encrypted end-to-end, with state transitions applied by validators. “The validators don’t need to actually know what any of the balances are to apply the transitions and run the comparative ‘if statements’ and such.”

“The beauty of that system is that the core logic of the system is preserved,” he says. “That strikes me as the right way to solve the problem.”

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Tags

Upcoming Events

Permissionless III

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

learn more

recent research

Research report - cover graphics (3).jpg

Research

Across Protocol: Based on Intents

The Across protocol emerges as a dominant bridge within the Ethereum and L2 ecosystem, settling notable volumes with low latency, low fees, and no slippage. Across seeks to expand beyond just bridging as an application, to ultimately become modular, optimistic middleware for settling generalizable cross-chain intents.

by Luke Leasure

/

news

article-image

Op-Ed

AI has a monopoly on power and privacy. Blockchain fixes this.

Crypto and blockchain can provide a safer, fairer, more human-centric collaboration between AI and the rest of us

by Sean (Xiang) Ren /
article-image

Web3

Empire Newsletter: The SEC’s internal rift

SEC Commissioner Mark Uyeda says that the SEC needs to create a “pathway for compliance”

by Michael McSweeney&Katherine Ross /
article-image

DeFi

Vitalik rallies support for temporary smart wallets on Ethereum

New EIP would resolve disagreements around the best path towards universal smart contract wallets by temporarily giving EOAs superpowers

by Macauley Peterson /
article-image

DeFi

After billionth Bitcoin transaction, a look at the network’s evolution

Bitcoin could become “the supreme base settlement layer” as its DeFi capabilities grow, industry founder says

by Ben Strack /
article-image

Policy

Ripple and the SEC’s legal fight continues ahead of final judgment

Ripple’s chief legal officer said that the new filing from the SEC is “more of the same”

by Katherine Ross /
article-image

Op-Ed

Everything in crypto is becoming a game — and that’s good

More than ever before, crypto is unabashedly embracing its most reductionist and obvious purpose — turning everything into a game of buying low and selling high

by Mike Mallazzo /