How Compliance Works

Detail the inner workings of the compliance network, including selective de-anonymization.

Overview of SeDe

Selective De-Anonymization (SeDe) Network:

Labyrinth introduces the SeDe Network to strike a balance between privacy preservation and compliance. SeDe allows for the de-anonymization of illicit transactions through the recursive traversal of subgraphs of linked transactions. It achieves this without centralizing control and decision-making. It operates as follows:

a. Balancing Privacy: SeDe aims to balance privacy-preserving features by allowing for the de-anonymization of illicit transactions. It recognizes that privacy should not be absolute and that certain transactions need to be traceable for regulatory purposes.

b. Multiple Entities: SeDe distributes the responsibility for de-anonymization among multiple entities, ensuring that no single entity has complete control over this process. This prevents potential abuse of power.

c. Threshold Encryption: SeDe uses threshold encryption schemes to protect user data while allowing for controlled de-anonymization when required. This ensures that sensitive information remains confidential until a legitimate need for de-anonymization arises.

d. Zero-Knowledge Proofs (ZKPs): Zero-knowledge proofs are employed to prove the correctness of transactions without revealing sensitive data. This enables the verification of compliance without exposing transaction details.

Network Components:

• Users (U): Users of the privacy-preserving application, which can be either honest users seeking privacy or malicious actors.

• Guardians (G): A set of entities responsible for gatekeeping transaction de-anonymization. A minimum quorum of guardians is required to grant de-anonymization permission.

• Revoker (R): An entity with the ability to de-anonymize transactions but requires permission from guardians.

1. Accountable Anonymity: Users must adhere to compliance constraints during transactions, ensuring that any attempt to act maliciously will result in the loss of anonymity.

2. Accountable De-Anonymization: The revoker cannot de-anonymize transactions without publicly requesting permission from guardians. Guardians, even when colluding, cannot reveal transaction data without cooperation from the revoker.

3. Non-Fabrication: Honest users can prove their innocence if falsely accused of involvement in illicit transactions.

4. Implementation: SeDe is implemented using threshold encryption schemes and Zero-Knowledge Proofs (ZKPs). Users are constrained to include double-layered encryptions of newly created notes in transaction payloads, and they must provide proofs that the encryptions were performed correctly.

5. The decryption of Illicit Transactions: When de-anonymization is required, the revoker initiates the process by signing a de-anonymization request and submitting it to guardians. Guardians verify the request's legitimacy, and if approved, the revoker can decrypt the transaction data. The revoker recursively traces linked illicit transactions until a subgraph of all transactions originating from illicit sources is revealed.