Privacy in digital and decentralized identity and asset transfers

Abstract

Decentralized systems, exemplified by blockchain technology, have redefined trust and transparency by replacing centralized state management with a decentralized paradigm. This shift eliminates single points of trust and failure, and establishes a transparent, immutable ledger. However, the inherent design of most blockchains, which supports permissionless read access, exposes stored data to public scrutiny, thereby undermining privacy. Consequently, preserving data confidentiality is a core challenge in these systems. The pursuit of privacy frequently conflicts with regulatory compliance, as the latter demands data accessibility that privacy-preserving mechanisms may intentionally conceal. Achieving a balance between these opposing requirements is essential for the broad adoption of decentralized systems. Cryptographic techniques, such as zero-knowledge proofs, enable the verification of statements without disclosing extraneous details, yet their computational overhead often degrades system efficiency and hence usability. Thus, addressing the interplay of privacy, compliance, and efficiency remains critical to realizing the full potential of blockchain-based ecosystems.

This thesis, first, proposes a novel cryptographic primitive tailored for privacy-preserving, and regulatory-compliant decentralized identities. In digital asset transfers, regulatory frameworks require the association of blockchain transactions with real-world identities. Without such linkage, certain enforcements become impractical. The introduced primitive facilitates the generation of unlinkable pseudonyms that are cryptographically bound to verified real-world identities, ensuring Sybil resilience, anonymity, and efficiency. Leveraging this identity framework, the thesis develops three innovative constructions for digital asset transfers that harmonize privacy, compliance, and efficiency. These constructions support crucial applications including Central Bank Digital Currencies (CBDCs), stablecoins, and Real-World Asset (RWA) tokenization. We formalize critical requirements and realize them using standard cryptographic assumptions. Key features include self-custody, interoperability, blockchain-agnosticism, proofs of balance, receiver affirmation, asset-specific auditing, anonymity, Sybil resilience, unlinkability, multi-party transactions, blockchain-independent fees, tracing, privacy revocation, and additional considerations. These contributions establish a strong foundation for decentralized infrastructures, advancing privacy, compliance, and efficiency in blockchain technology.