Paper 2023/122

SoK: Privacy-Enhancing Technologies in Finance

Carsten Baum, Technical University of Denmark
James Hsin-yu Chiang, Technical University of Denmark
Bernardo David, IT University of Copenhagen
Tore Kasper Frederiksen, Protocol Labs
Abstract

Financial applications have historically required strong security guarantees. These can be achieved in a digital world via cryptographic tools but have traditionally been employed to provide authenticity and privacy for data exchanged between clients and financial institutions over insecure networks (e.g. the Internet). However, the recent advent of cryptocurrencies and smart contract platforms, based on blockchains, allowed financial transactions to be carried out over a public ledger, instead of keeping such transactions exclusive to private institutions. This introduced a new challenge: Allowing any third party to verify the validity of financial operations by means of public records on a blockchain, while keeping sensitive data private. Advanced cryptographic techniques such as Zero Knowledge (ZK) proofs rose to prominence as a solution to this challenge, allowing for the owner of sensitive information (e.g. the identities of users involved in an operation) to provide unforgeable evidence that a certain operation has been correctly executed without revealing said sensitive data. Moreover, once the Fintech community discovered the power of such advanced techniques, it also became clear that performing arbitrary computation on private data by means of secure Multiparty Computation (MPC), and related techniques like Fully Homomorphic Encryption (FHE), would allow more powerful financial applications, also in traditional finance, involving sensitive data from multiple sources. In this survey, we present an overview of the main Privacy-Enhancing Technologies (PETs) available in the state of the art of current advanced cryptographic research and how they can be used to address challenges in both traditional and decentralized finance. In particular, we consider the following classes of applications: 1. Identity Management, KYC & AML; 2. Legal; 3. Digital Asset Custody; and 4. Markets & Settlement. We examine how ZK proofs, MPC and related PETs have been used to tackle challenges in each of these applications. Finally, we propose future applications of PETs as Fintech solutions to currently unsolved issues. While we present a broad overview, we focus mainly on those applications that require privacy preserving computation on data from multiple parties.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
privacy enhancing technologymultiparty computationzero-knowledgefinanceblockchainweb3
Contact author(s)
cabau @ dtu dk
jchi @ dtu dk
bernardo @ bmdavid com
tore frederiksen @ protocol ai
History
2023-02-07: approved
2023-02-02: received
See all versions
Short URL
https://ia.cr/2023/122
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/122,
      author = {Carsten Baum and James Hsin-yu Chiang and Bernardo David and Tore Kasper Frederiksen},
      title = {SoK: Privacy-Enhancing Technologies in Finance},
      howpublished = {Cryptology ePrint Archive, Paper 2023/122},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/122}},
      url = {https://eprint.iacr.org/2023/122}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.