Paper 2023/122
SoK: Privacy-Enhancing Technologies in Finance
Abstract
Recent years have seen the emergence of practical advanced cryptographic tools that not only protect data privacy and authenticity, but also allow for jointly processing data from different institutions without sacrificing privacy. The ability to do so has enabled implementations a number of traditional and decentralized financial applications that would have required sacrificing privacy or trusting a third party. The main catalyst of this revolution was the advent of decentralized cryptocurrencies that use public ledgers to register financial transactions, which must be verifiable by any third party, while keeping sensitive data private. Zero Knowledge (ZK) proofs rose to prominence as a solution to this challenge, allowing for the owner of sensitive data (e.g. the identities of users involved in an operation) to convince a third party verifier that a certain operation has been correctly executed without revealing said data. It quickly became clear that performing arbitrary computation on private data from multiple sources by means of secure Multiparty Computation (MPC) and related techniques allows for more powerful financial applications, also in traditional finance. In this SoK, we categorize the main traditional and decentralized financial applications that can benefit from state-of-the-art Privacy-Enhancing Technologies (PETs) and identify design patterns commonly used when applying PETs in the context of these applications. In particular, we consider the following classes of applications: 1. Identity Management, KYC & AML; and 2. Markets & Settlement; 3. Legal; and 4. Digital Asset Custody. We examine how ZK proofs, MPC and related PETs have been used to tackle the main security challenges in each of these applications. Moreover, we provide an assessment of the technological readiness of each PET in the context of different financial applications according to the availability of: theoretical feasibility results, preliminary benchmarks (in scientific papers) or benchmarks achieving real-world performance (in commercially deployed solutions). Finally, we propose future applications of PETs as Fintech solutions to currently unsolved issues. While we systematize financial applications of PETs at large, we focus mainly on those applications that require privacy preserving computation on data from multiple parties.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- privacy enhancing technologymultiparty computationzero-knowledgefinanceblockchainweb3
- Contact author(s)
-
cabau @ dtu dk
jachiang @ ucla edu
bernardo @ bmdavid com
jot2re @ gmail com - History
- 2023-06-16: revised
- 2023-02-02: received
- See all versions
- Short URL
- https://ia.cr/2023/122
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/122, author = {Carsten Baum and James Hsin-yu Chiang and Bernardo David and Tore Kasper Frederiksen}, title = {{SoK}: Privacy-Enhancing Technologies in Finance}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/122}, year = {2023}, url = {https://eprint.iacr.org/2023/122} }