← Proposals / Privacy & Security
Privacy & Security
Commons Currency implements a multi-layered privacy and security architecture that balances
individual financial privacy with public accountability for institutional actors. The system enables selective
disclosure through zero-knowledge proofs while maintaining robust security against attacks.
Privacy Philosophy
National-level operations remain transparent for accountability, while individual
citizens' accounts are private by default.
This dual approach prevents corruption at the institutional level (governments, central banks) while protecting
personal financial privacy for ordinary citizens.
Privacy Layers
Transaction Privacy
Optional shielded transactions where amounts and parties are encrypted (similar to Zcash):
- Shielded addresses: Hide transaction amounts and recipients
- Zero-knowledge proofs: Prove transaction validity without revealing details
- Selective disclosure: Can reveal specific transaction details to authorized parties when
needed
- Regulatory compatibility: Can prove compliance without exposing entire financial history
Identity Privacy
Pseudonymous identities rather than real names on-chain:
- Users identified as "Identity #XYZ" on blockchain
- Real-world identity only known to user and parties they choose to reveal it to
- Proof of personhood ensures one identity per person without storing biometrics
- Government ID verification doesn't put personal details on-chain
Selective Disclosure via Zero-Knowledge Proofs
Users can prove facts without revealing underlying data:
- Creditworthiness: "I have good credit history" without showing all loans
- Compliance: "I'm not on sanctions lists" without revealing identity
- Income: "I earn above $X" without disclosing exact salary
- Residence: "I'm a citizen of Country Y" without showing passport
See Identity & Credit for detailed examples of ZK proofs in action.
National Account Transparency
Government and institutional accounts are transparent by default:
- National treasury balances visible
- Central bank reserves auditable
- Government spending trackable
- Trade balances public
- Surplus recycling flows transparent
This prevents corruption and ensures democratic accountability without compromising individual privacy.
Security Architecture
Consensus Security
Byzantine Fault Tolerant consensus provides strong security guarantees:
- 66%+ honest validators required: Can tolerate up to 1/3 malicious nodes
- Finality: Once confirmed, transactions cannot be reversed
- Distributed trust: ~200 nation-state validators prevent collusion
- Geographic distribution: Validators spread globally prevent regional attacks
Node Security
Validator nodes employ enterprise-grade security:
- Hardware security modules: Private keys stored in tamper-proof hardware
- Air-gapped systems: Critical key material kept offline
- Multi-signature schemes: Require multiple parties to authorize actions
- 24/7 monitoring: Automated alerts for anomalous behavior
- Regular audits: Independent security reviews of infrastructure
Smart Contract Security
Core system contracts undergo rigorous security processes:
- Formal verification: Mathematical proofs of contract correctness
- Multiple audits: Independent reviews by top security firms
- Open source: Public code review by global community
- Bug bounties: Financial incentives for responsible disclosure
- Upgrade mechanisms: Democratic assembly can fix vulnerabilities
- Timelock delays: Critical changes have delay periods for review
Key Management
Multiple layers of key security for different stakeholders:
- Individual users: Hardware wallets, biometric protection, social recovery
- Banks: Multi-party computation, threshold signatures
- Governments: HSMs, geographic distribution of key shares
- Smart contracts: Time-locked upgrades, multi-sig requirements
Regulatory Compliance
The system enables compliance without mass surveillance:
KYC/AML Compatibility
- Selective disclosure: Prove compliance without revealing all data
- Regulated on-ramps: Banks and exchanges perform KYC for fiat conversion
- Identity verification: Government ID or proof-of-personhood anchors
- Transaction monitoring: Large transactions can trigger review
- Sanctions screening: ZK proofs can verify not on blacklists
Data Protection (GDPR, etc.)
- Data minimization: Only necessary data on-chain
- User control: Individuals control their identity data
- Right to erasure: Personal data stored off-chain can be deleted
- Consent management: Users explicitly authorize data sharing
Cross-Border Data Flows
- Blockchain data globally accessible but pseudonymous
- Personal identifiers stored locally in user's jurisdiction
- Regulators can access aggregate statistics
- Individual data requires legal process to unmask
Threat Model & Mitigations
Sybil Attacks
Threat: Attacker creates multiple fake identities
Mitigation: Proof of personhood ensures one identity per human
51% Attacks
Threat: Attacker controls majority of validators
Mitigation: Would require controlling 67%+ of ~200 nations (impossible)
Smart Contract Exploits
Threat: Bug in contract allows theft or manipulation
Mitigation: Formal verification, audits, bug bounties, upgrade mechanisms
Privacy Attacks
Threat: Transaction graph analysis de-anonymizes users
Mitigation: Shielded transactions, mixing services, ZK proofs
Nation-State Attacks
Threat: Powerful government tries to manipulate system
Mitigation: One-nation-one-vote prevents single actor control
Social Engineering
Threat: Users tricked into revealing keys or data
Mitigation: Education, hardware wallets, recovery mechanisms
Incident Response
Procedures for handling security incidents:
- Bug reporting: Secure channel for responsible disclosure
- Emergency assembly: Accelerated voting for critical fixes
- Circuit breakers: Ability to pause affected functions
- Transparent post-mortems: Public analysis of what happened
- Victim remediation: Process for compensating affected users
- System hardening: Implement fixes to prevent recurrence
Continuous Improvement
Security and privacy evolve continuously:
- Regular audits: Quarterly security reviews
- Penetration testing: Simulated attacks to find weaknesses
- Research collaboration: Work with academic cryptographers
- Technology upgrades: Adopt new privacy/security techniques as they mature
- Community oversight: Open source enables global scrutiny
Privacy-Security Balance
Result: A system where institutions are held accountable through transparency,
individuals maintain financial privacy through cryptography, and both are secured through distributed trust
and formal verification.
Key achievements:
- ✓ Individual privacy by default
- ✓ Institutional transparency for accountability
- ✓ Selective disclosure via zero-knowledge proofs
- ✓ Regulatory compliance without mass surveillance
- ✓ Byzantine fault tolerance against attacks
- ✓ Formal verification of critical code
- ✓ Democratic governance of security policies