Crypto crimes and the risk of anonymity

I have written before that governments will never allow anonymous digital currencies and my comments attracted a certain amount of controversy. And I understand why. But to those who say that uncensorable, untraceable digital cash would be a shield against dictators, a force for the oppressed and a boon to free man everywhere… I say be careful what you wish for. The issue of anonymity in payments is complex and crucial and it deserves informed calm strategic thinking because digital currency touches on so many aspects of society.

One obvious and important aspect is crime. Would digital currency change crime? If I hire thugs to lure a cryptobaron to a hotel room and then beat him up to get $1m in bitcoins from him (as actually happened in Japan), is that a crypto-crime or just boring old extortion? If I use Craigslist to lure a HODLer to a street corner and then pull a gun on him and force him to transfer his bitcoins to me (as actually happened in New York), is that a crypto-crime or just boring old mugging? If I get hold of someone’s login details and transfer their cryptocurrency to myself (as has just happened in Springfield), is that a crypto-crime or just boring old fraud? If I kidnap the CEO of a cryptocurrency exchange and then release him after the payment of a $1 million bitcoin ransom is that, as the Ukrainian interior minister said at the time “bitcoin kidnapping” or just boring old extortion?

Holmes

Cash or charge? (CC-BY-ND 4.0)
NFT available direct from the artist at TheOfficeMuse (CC-BY-ND 4.0)

 These are just crimes, surely? And not very good ones at that, because they are recorded in perpetuity on an immutable public ledger. Personally, if I were to kidnap a cryptocurrency exchange CEO I would ask for the ransom to be paid in some more privacy-protecting cryptocurrency, because as I explained in the FT some years ago, Bitcoin is not a very good choice for this sort of cyber-criminality. It’s just not anonymous enough for really decent crimes or the darkest darknets. Hence my scepticism about claims that Bitcoin’s long term value will be determined by it’s use for crime.

Untraceable

But what if there were an actually untraceable cryptocurrency out there and it wasn’t up to governments to allow it or not? Would an aspiring cryptocriminal mastermind be able to use it for something more innovative than the physically-demanding felony of kidnapping? I’m sure the Mafia would be delighted to have anonymous digital cash to zip around the world, but what would they use it for? Might they come up with some dastardly enterprise that is not a virtual shadow of a crime that has been around since year zero, but a wholly new crime for the virtual world? What if they could find one with the potential to take over from drug dealing (currently approximately 40% of organised crime revenues) as the best option for the criminal entrepreneur?

Ransomware is one interesting candidate. It is certainly a major problem. Criminals seize control of organisations’ computer networks, encrypting their data and demanding payment to deliver the decryption keys. Companies paralyzed by the attacks paid hackers an average of more than $300K in 2020 (triple the average of the year before). A cyber security survey last year revealed that more than two-thirds of organisations in the United States had experienced a ransomware attack and had paid a ransom as a result! That’s a pretty decent business for criminals and it certainly was a driver for Bitcoin, although ransomware operators have been moving away from it for some time.

(Once again demonstrating the impending explicit pricing of privacy, the Sodinokibi payment website last year began charging 10% more for Bitcoin ransoms compared to the more private Monero cryptocurrency.)

On the whole, given the basic nature of most organisation’s cyber-defences (more than half of all ransomware attacks stem from spam e-mails), one might expect the ransomware rewards to continue to grow. Apart from anything else, the ransomware raiders are reinvesting their profits in increasingly efficient operations, making for even bigger and bolder attacks.

Assasinate and Win

So, ransomware. But what about a more sinister candidate for large-scale criminality though? Is it time for the “assassination market”? It’s not a new idea. A few years ago, Andy Greenberg wrote a great piece about this here on Forbes. He was exploring the specific case of “Kuwabatake Sanjuro” who had set up a Bitcoin-powered market for political assassinations, but in general an assassination market is a form prediction market where any party can place a bet on the date of death of a given individual, and collect a payoff if they “guess” the date accurately. This would incentivise the assassination of individuals because the assassin, knowing when the action would take place, could profit by making an accurate bet on the time of the subject’s death.

This idea originated, to the best of my knowledge, with Jim Bell. Way back in 1995 he set it out in an essay on “assassination politics“. I suppose it was inevitable that advent of digital cash would stimulate thought experiments in this area and it was interesting to me then (and now) because it showed the potential for innovation around digital money even in the field of criminality.

Here’s how the market works and why the incentive works, as I explained in my book “Before Babylon, Beyond Bitcoin“. Someone runs a public book on the anticipated death dates of public figures. If I hate some tech CEO (for example), I place a bet on when they will die. When the CEO dies, whoever had the closest guess to their date and time of death wins all of the money staked, less a cut for the house. Let’s say I bet $5 (using anonymous digital cash through the TOR network) that a specific tech CEO is going to die at 9am on April Fool’s Day 2022. Other people hate this person too and they put down bets as well. The more hated the person is, the more bets there will be.

April Fool’s Day 2020 comes around. There’s now ten million dollars staked on this particularly CEO dying at 9am. I pay a hit man five million dollars to murder the CEO. Hurrah! I’ve won the bet, so I get the ten million dollars sent to me in anonymous digital cash and give half to the hit man. No-one can pin the crime on me because I paid the hitman in untraceable anonymous digital cash as well.

I’m just the lucky winner of the lottery.

But better than that is that if I can get enough bets put on someone, then I don’t even have to take the risk of hiring the hitman. If I use some anonymous bots or friendly tolls to coordinate a social media campaign to get a million people to put a $5 bet on the date of the tech CEOs death, then some enterprising hit man will make their own bet and kill them. If the general public had bet five million bucks on 31st March and some enterprising cryptopsycho had murdered the CEO themselves the day before, then it would only have cost me a $5, and I would have regarded that as $5 well spent, as would (presumably) everyone else who bet $5!

(This is an edited version of an article first published on Forbes, 14th April 2021.)

The CBDC privacy paradox

It seems to meet that there is something of a paradox around cash, digital cash and anonymity. The average consumer wants anonymity for their own payments because they are not crooks (and their purchasing decisions are no-one’s business except theirs and the merchant’s). On the other hand, the average consumer (not to mention the average law enforcement agent) doesn’t want anonymity for terrorists, lobbyists or fraudsters.

The Bank of England’s fintech director Tom Mutton said in a speech that privacy was “a non-negotiable” for a retail CBDC. Meanwhile, the Bank of Canada (just to pick one recent example) published a a staff analytical note on the risks associated with CBDCs stating that central banks should mitigate risks such as anonymity present in digital currencies. Note the formulation of anonymity as a “risk”. With stricter rules on the holding and exchange of cryptocurrencies coming into place around the globe. Just to give one example, South Korea’s Financial Services Commission has announced new rules to come into force in 2022, banning all anonymous digital currencies “that possess a high-risk of money laundering” (which, as far as I can see, is all anonymous digital currencies).

There is a payments privacy paradox, and cryptocurrency brings it into sharp relief. Good people should be allowed anonymous cash, but bad people should not. Click To Tweet

How can we resolve this? Well, I think that we can, if we spend a little time to think about what anonymity and privacy actually mean.

The Clinton Paradox

This is a special case of a more general paradox. Let me explain and illustrate. A few years ago, I was invited me along to “an event” in London to enjoy a morning of serious thinking about some key issues in information security. They had some pretty impressive speakers as I recall: Mike Lynch, the founder of Autonomy, was one of them. Alec Ross, who was Senior Advisor for Innovation and Technology to the Secretary of State Hilary Clinton, gave the keynote address on “ The promise and peril of our networked world ”. Alec was a good speaker, as you’d expect from someone with a background in diplomacy, and he gave some entertaining and illustrative examples of using security to help defeat Mexican drug cartels and Syrian assassins. He also spent part of the talk warning against an over-reaction to “Snowden” leading to a web Balakanisation that helps no-one.

A decade back, I wrote about what I called the  “Clinton Paradox”. This came about because I read a piece by Bob Gourley. the former CTO of the U.S. Defense Intelligence Agency, who framed a fundamental and important question about the future identity infrastructure when analysing Hillary Clinton’s noted speech on Internet freedom.

We must have ways to protect anonymity of good people, but not allow anonymity of bad people.

Mrs. Clinton had said that we need an infrastructure that stops crime but allows free assembly. I have no idea how to square that circle, except to say that prevention and detection of crime ought to be feasible even with anonymity, which is the most obvious and basic way to protect free speech, free assembly and whistleblowers: it means doing more police work, naturally, but it can be done. By comparison, “knee jerk” reactions, attempting to force the physical world’s limited and simplistic identity model into cyberspace, will certainly have unintended consequences. Hence, I had suggested, it might be better to develop an infrastructure that uses a persistent pseudonymous identity. I was looking to mobile operators to do this, because they had a mechanism to interact face-t0-face (they had retail shops at the time) and remotely, as well as access to tamper-resistant secure hardware (ie, the SIM) for key storage and authentication. It never happened, of course.

Why am I remembering this. Well, I challenged Alec about the Clinton Paradox —slightly mischievously, to be honest, because I suspected he may have had a hand in the speech that I referred to in that blog post—and he said that people should be free to access the internet but not free to break the law, which is a politician’s non-answer (if “the law” could be written out in predicate calculus, he might have had a point, but until then…). He said that he thought that citizens should be able to communicate in private even if that means that they can send each other unauthorised copies of “Game of Thrones” as well as battle plans for Syrian insurgents.

I think I probably agree, but the key here is the use of the phrase “in private”. I wonder if he meant “anonymously”? I’m a technologist, so “anonymous” and “private” mean entirely different things and each can be implemented in a variety of ways.

The Payments Paradox

How will the Bank of Canada mitigate the risk of anonymity and South Korea maintain a ban on “privacy coins” when faced with a Bank of England digital currency that has non-negotiable privacy? Well, the way to resolve this apparent paradox is to note the distinction above between privacy and anonymity.

In the world of cryptography and cryptocurrency, anonymity is unconditional: it means that it is computationally infeasible to discover the link between a person in the real world and value online. Privacy is conditional: it means that the link is hidden by some third party (eg, a bank) and not disclosed unless certain criteria are met.

Showmethemoney

You can own these cartoons!
NFTs available from the artist Helen Holmes at
TheOfficeMuse
(CC-BY-ND 4.0)

Surveying the landscape as of now, I think we can see these concepts bounding an expanding privacy spectrum. There will undoubtedly be anonymous cryptocurrencies out there, but I think it is fair to observe that they will incur high transaction costs. At the other end of the spectrum, the drive for techfins and embedded finance will mean even less privacy (for the obvious reason, as discussed before, that their payment business models around around data). One might argue, with some justification I think, that central banks are better positioned than banks or other intermediaries when it comes to safeguarding data, because a central bank has no profit motive to exploit payments data.

(I could go further and argue that if the central bank were to place transaction data into some form of data trust that would facilitate data sharing to the benefit of citizens, we might see some real disruption in the retail payments space. In a data trust, structure, data stewards and guardians would look after the data or data rights of groups of individuals with a legal duty to act in the interest of the data subjects or their representatives. In 2017, the UK government first proposed them as a way to make larger data sets available for training artificial intelligence and a European Commission proposal in early 2020 floated data trusts as a way to make more data available for research and innovation. And in July 2020, India’s government came out with a plan that prominently featured them as a mechanism to give communities greater control over their data.)

Digital Currency, Digital Privacy

As The Economist once noted on the topic of central bank digital currency, people might well be “uncomfortable with accounts that give governments detailed information about transactions, particularly if they hasten the decline of good old anonymous cash”. And, indeed, I am. But the corollary, that anonymous digital currency should be allowed because anonymous physical cash is allowed, is plain wrong.

No-one, not the Bank of England nor any other regulator, central bank, financial institution, law enforcement agency, legislator or, for that matter, sane citizen of any democracy, wants anonymous digital currency whether from the central bank or anyone else. The idea of giving criminals and corrupt politicians, child pornographers and conmen a free pass with payments is throughly unappealing. On the other hand, the Bank of England and all responsible legislators should demand privacy.

I think the way forward is obvious, and relies on distinguishing between the currency and the wallets that it is stored in. Some years ago, when head of the IMF, Christine Lagarde spoke about CBDCs, noting that digital currencies “could be issued one-for-one for dollars, or a stable basket of currencies”. Why that speech was reported in some outlets as being somewhat supportive of cryptocurrencies was puzzling, especially since in this speech she specifically said she remained unconvinced about the “trust = technology” (“code is law”) view of cryptocurrencies. But the key point of that speech about digital fiat that I want to highlight is that she said

Central banks might design digital currency so that users’ identities would be authenticated through customer due diligence procedures and transactions recorded. But identities would not be disclosed to third parties or governments unless required by law.

As a fan of practical pseudonymity as a means to raise the bar on both privacy and security, I am very much in favour of exploring this line of thinking. Technology gives us ways to deliver appropriate levels of privacy into this kind of transactional system and to do it securely and efficiently within a democratic framework. In particular, new cryptographic technology gives us the apparently paradoxical ability to keep private data on a shared or public ledger, which I think will form the basis on new financial institutions (the “glass bank” that I am fond of using as the key image) that work in new kinds of markets.

So, if I send ten digital dollars from my digital wallet to your digital wallet, that’s no-one business but ours. If, however, law enforcement agencies obtain a warrant to require the wallet providers to disclose the identity of the owners, then that information should be readily available. There is no paradox around privacy in payments, but there is an imperative for practical pseudonymity.

[An edited version of this article first appeared on Forbes, 6th April 2021.]

All the news that’s fit to ID

I came across an interesting story via my old chum Charles Arthur’s consistently interesting “Overspill” blog. The story concerns on Oliver Taylor, a student at England’s University of Birmingham. From his picture, he appears to be normal looking twenty-something. From his profile he appears to be a coffee-loving politics junkie with an interest in anti-Semitism and Jewish affairs, with bylines in the Jerusalem Post and the Times of Israel.

Why is this interesting? For two reasons. First of all because I was involved in an interesting Twitter debate with two thoughtful identity commentators, Tim Bouma and Jonathan Williams during which this issue of “anonymous” contributions to newspapers happened to come in to the conversation and it made me think about the same issues as Charles’ story. Tim had mentioned writing for a newspaper that had kept his real name off of his stories, and I responded that if they knew who you were, then you were not anonymous.

Secondly, because Oliver’s picture was created by an AI. It’s a fake face that doesn’t belong to any living human being. It was composed to be a human face that any of us would be able to recognise and distinguish, but it is entirely synthetic.

Oh, and Oliver doesn’t exist.

Charles notes that “two newspapers that published his work say they have tried and failed to confirm his identity”. But wait. Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story?

Shouldn’t newspapers try and fail to confirm someone’s identity before they publish a story? Click To Tweet

Well, no. That doesn’t work. What about whistleblowers? What about privacy in general? If the newspaper knows who Tim Bouma is then his personal data is at risk should the newspaper be compromised or co-opted. There seems to be a conflict between newspapers wanting honest opinions and newspapers needing to know identities, even if they are hopeless at telling a real identity from a fake one.

The way out of this dead end is to understand that what the newspaper should be checking for this kind of story is not the identity of the correspondent but their credentials. I doesn’t matter who Oliver Taylor is, it matters what Oliver Taylor is. It ought to be part of our national digital identity strategy (which we don’t have) to create a National Entitlement Scheme (NES) instead of some daft 1950s throwback digitised version of a national identity card. In the NES, it then becomes part of the warp and weft of everyday life for a correspondent with something interesting to say to use his persistent pseudonym “Oliver” to post his comments along with his anonymous IS_A_PERSON credit and his anonymous IS_A_STUDENT (BIRMINGHAM) credential.

That way, the newspaper gets the information it needs to obtain a story of interest and perhaps worth publishing, while even if they are socially-engineered by genius hackers, they cannot disclose the real identity of the correspondent because they don’t know it. The mention of social-engineering, by the way, brings into focus the recent Twitter hack. What’s generally true for newspapers is generally true for Twitter: who I am is none of their business, something I written about at exhausting length before.

Incidentally, it doesn’t take hackers to obtain personal information from a platform because as I am sure you will recall, two of Twitter’s former employees have been charged in the US with spying for Saudi Arabia. The charges allege that Saudi agents sought personal information about Twitter users including known critics of the Saudi government. If Twitter doesn’t have your personal information, then it can’t  be leaked, stolen or corrupted.

There is a way forward, and cryptography can deliver it using tried and tested (albeit counterintuitive) techniques.

Margaret Attwood, Kenneth Rogoff and William Gibson (and me)

A few years ago I was involved in a series of Twitter exchanges about the relationship between cash and anonymity that stimulated me to write a blog post on that topic and that debate (see “It doesn’t have to be the handmaid’s tale” from September 2016). Some more recent exchanges on the same topic made me think about revisiting and revising that post and exploring some of the ideas in further in light of recent discussions (eg, Libra and central bank digital currencies).

The root of these debates is, of course, that many in the Bitcoin community see Bitcoin’s sort-of-anonymity as an important characteristic because it defends the individual against state power and they berate me for wanting to replace cash “in circulation” with a digital alternative. Cash, they claim, is freedom, and they are correct about this: as cash is uncensorable, you have the freedom to buy what ever you want with it.

So should we replace cash with an anonymous cryptocurrency or digital currency? There are many people who I greatly respect who think the former. For example, in his presentation on ’The Zero Lower Bound and Anonymity”, Kocherlakota tends toward some form of cryptocurrency to replace fiat currency rather than a central bank digital currency and one of the reasons for this is his (entirely reasonable) concern about anonymity. This point is illustrated by a literary reference to Margaret Attwood’s “Handmaid’s Tale”, in which a theocratic American government (the “Republic of Gilead”) has taken away many of the rights that women currently enjoy. One of the tools that this government uses to control women is a ban on cash. In Gilead, all transactions now routed digitally through the “Compubank”.

The Handmaid's Tale

It was many, many years since I’d read “The Handmaid’s Tale” so I went to my bookshelf to dig it out and re-read that part. The narrator does indeed talk about how the evil junta in charge of that future America took over and says that it would have been harder if there had still been paper money. But the truth is, I don’t see how. North Korea has everyone using paper money and virtually no cards. Denmark has virtually no paper money and everyone uses cards (and phones). To be frank, in the modern world, I don’t think cash is that closely related to dictatorship.

The point I wanted to make here, though, is that it is wrong to present the only two alternatives as total surveillance and anonymity. I simply do not accept that the alternative to the unconditional anonymity of cash and the crime that goes with it is a dystopian, totalitarian nightmare. That’s only one way to design a circulating medium of exchange and it’s not the way that I would design it. I would opt for something along the lines of a universal pseudonymous mechanism capable of supporting an arbitrary number of currencies, a Mondex de nos jours, an M-PESA with go-faster stripes. In a world where there are completely, unconditionally anonymous payment mechanisms in widespread use there’s no way to stop very bad people from using them to do very bad things, so I’d prefer a world in which there are pseudonymous mechanisms that defend against routine surveillance and petty intrusion but allow societies legitimate interests to protect against crime.

Does this mean that anonymous mechanisms should be banned? Probably not, for the good reason that it would be impossible to do so. More likely would be a situation shown in the diagram below where there is an anonymous layer that has a pseudonymous layer on top of it and a absonymous (I made this word up) on top of that. People, governments and businesses would use the pseudonymous layer for the majority of transactions: the anonymous money would be useless for almost all transactions for almost all people since no-one would accept it. I would love to give this kind of anonymous money the generic name zerocash, after the William Gibson novel (“Count Zero”) in which one of my all-time favourite quotes about the future of money appears, a quote that more accurately describes the foreseeable future of payments than anything from IBM or the IMF:

He had his cash money, but you couldn’t pay for food with that. It wasn’t actually illegal to have the stuff, it was just that nobody ever did anything legitimate with it.

(Unfortunately, someone else had already beaten me to the name! See E. Ben-Sasson, A. Chiesa, C. Garman, M. Green,I. Miers, E. Tromer, and M. Virza, “Zerocash: Decentralized anonymous payments from bitcoin” in IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18-21, 2014. IEEE Computer Society, pp.459–474 (2014). But I’ll stick to using the all lower-case zerocash to mean generic unconditionally anonymous electronic cash. The wallet that this electronic cash is stored in is an anonymous digital identity. It’s just a string of bits.)

Now, you could imagine some form of zerocash in circulation as a cash alternative but not accepted in polite society (i.e., any attempt to spend it would be regarded as prima facie evidence of money laundering and exchanges would be barred from handling it). Polite society instead decides to protect privacy through managed conditional anonymity, or pseudonymity. A pseudonymous currency that is managed by a central bank but where transactions take place on a distributed ledger is much more like “RSCoin”, the cryptocurrency that was proposed by George Danezis and Sarah Meiklejohn at UCL [Danzis, G. and S. Meiklejohn. “Centrally Banked Cryptocurrencies”, NDSS ’16, 21-24 February 2016, San Diego, CA, USA] using Ben Laurie’s “mintettes” concept. By creating a pseudonym that is bound to the zerocash digital identity, we make it useful (provided that the binding is done by someone who trusted in the relevant transactional use cases).

Why bind it in this way? Well, there is the usual privacy paradox to be dealt with here: I want my transactions to be anonymous, but everyone else’s to be not anonymous in case they turn out to be criminals. I cannot see any way round this other than pseudonymity. There are people out there (e.g., my colleagues at Consult Hyperion) that know how to design systems that work like this, so there’s nothing stop the FATF, Bank of England, or Barclays or anyone else from starting to design the future, privacy-enhancing electronic money system that we need.

In the real world, as the discussions around Facebook’s proposed “Libra” digital currency have shown, regulators will never allow zerocash. In fact, in the light of the recent FATF rules about identification for cryptocurrency transfers, they will not allow any form of transaction that does not provide full details of counterparties. They might, however, as I have suggested many times before, be prepared to allow some form of pseudonymous alternative provided that we can bind the pseudonym to real-world legal entity through trusted institutions.

Bank are of course a good place to form and maintain this binding, since they’ve already done the KYC and know who I am. So I give present my pseudonym to them and they can bind it to my “real” name to form a nym. In the example below, Barclays know who I really am, and I can present my Barclays nym where needed, but most transactions with counterparties take place at the pseudonymous layer and I can present my Vodafone pseudonym “Neuromancer” there if I want to. My counterparty doesn’t know that I am Dave Birch, only that Vodafone know who (and presumably, where) I am. For the overwhelming majority of day-to-day transactions, this is more than adequate. This layered approach (show below) seems to me a viable vision of a working infrastructure. Few transactions in the top layer (for privacy), most transactions in the middle layer, few transactions at the lower layer.

Layered model of cryptomarkets

So in this made-up example, Barclays know my “real” identity and Vodafone knows a persistent pseudonym tied to my phone number. (Of course, I could go to Barclays and choose to bind my Vodafone identity to my Barclays identity, but we don’t need to think about this sort of thing here.) I’m going to reflect on how these bindings might work in practice more in the future, but for now I want to circle back to that opening concern about losing the anonymity of cash. Here’s another version of that meme that I read in Reason magazine (“Cash means freedom”) a while back: “Cash—the familiar, anonymous paper money and metallic coins that most of us grew up using—isn’t just convenient, it’s also a powerful shield for our autonomy and our privacy”

But it really isn’t. Your privacy is being taken away because of social media, people wearing cam-shades and ubiquitous drones, not because of debit cards. And none of this has anything to do with dictatorship. I wouldn’t want to live in the America of the “The Handmaid’s Tale” whether it had anonymous payments or not. I understand the concerns of those concerned with privacy (as I am) that there might be an inevitable tendency for a government to want to trespass on the pseudonymous infrastructure in the name of money laundering or terrorism, but that’s a problem that needs to be dealt with by society, not by technology.

Look, I think we should start to consigning cash to the dustbin of history, beginning with the $100 bill, the £50 note and that affront to law-abiding people everywhere, the Swiss 1,000 franc note. There are an increasing number of people coming around to my way of thinking, including the former chief economist to the International Monetary Fund (IMF) Kenneth Rogoff, who in his book “The Curse of Cash” argued that large value banknotes should be withdrawn not only because of their use in criminal endeavours but because they prevent central banks from using their full range of monetary policy tools. If we are going to start getting rid of cash though, we need to come up with alternatives the provide levels of privacy and security determined by society as a whole, not by a few engineers.

ZCash and The Glass Bank

Interesting to see the cryptocurrency ZCash in the news today, since it’s one of the ones I focussed on in my new book (in case I haven’t mentioned it, it’s called Before Babylon, Beyond Bitcoin and you can buy it from all good booksellers). As I said about Zcash in the chapter “Counting on Cryptography” written toward the end of 2016, “people, companies and governments will not use the underlying anonymous currency but instead use the privacy-enhancing kinds of money built on top of it”.

This is indeed what J.P. Morgan just announced at Consensus 2017 (see “JP Morgan Chase to Integrate Cash Technology to its Enterprise Blockchain Platform“). Or, as American Banker put it in their story “So, just to be clear: JPMorgan isn’t using Zcash”. As was set out by the parties themselves, what they intend to do is to use the Zcash technology of zero-knowledge proofs on their own Quorum blockchain to deliver privacy into financial markets where the participants want the advantages of shared ledgers but do not want to disclose the contents of transactions to all participants. I think this is quite a big deal, but that’s because the institutional use of these new technologies to create markets that work in more efficient ways accords with my own mental roadmap for shared ledgers. 

In a paper I co-wrote a couple of years ago with Richard Brown, the CTO of R3, and Consult Hyperion colleague Salome Parulava [published as Birch, D., R. Brown and S. Parulava (2016). “Towards ambient accountability in financial services: shared ledgers, translucent transactions and the legacy of the great financial crisis.” Payment Strategy and Systems 10(2): 118-131.], we adopted the term “translucent” to mean transactions that are transparent for the purposes of consensus (in other words, we can all agree that the transaction took place and the order of transactions) but opaque to those not party to the trade or the appropriate regulators under the relevant circumstances. I gave a talk introducing these concepts at NextBank Barcelona back in 2015.

It seems to me that the JP Morgan / ZCash announcement takes us another step forward in this direction and moves use towards the era of “The Glass Bank” (something I used in client workshops for many years and that I first blogged about back in 2011), an era in which translucency develops as a response to the Great Financial Crisis (GFC) and as a fundamental improvement in the way that financial markets operate, and which I have already decided will be the title of my next book!