Ethereum privacy roadmap proposes EU GDPR-safe blockchain design

As the broader Ethereum ecosystem and its halfway principles germinate to code information privateness concerns, a caller connection recommends a modular compliance strategy arsenic a way to reconcile nationalist blockchains with the European Union’s General Data Protection Regulation (GDPR).

On June 9, a connection drafted by Ethereum assemblage subordinate Eugenio Reggianini suggested the usage of modular architecture for effectual information absorption and privacy.

“By pushing idiosyncratic information to the edges (wallets and DApps), utilizing offchain retention with metadata-erasure, and splitting roles cryptographically, we tin absorption GDPR controller duties connected a tiny acceptable of entities, portion the wider web becomes specified processors oregon falls retired of scope,” Reggianini said.

Ethereum’s modulation to a modular architecture could alteration the integration of assorted privacy-enhancing technologies (PETs), which, according to Reggianini, tin execute GDPR compliance successful permissionless blockchain environments.

Source: ethresearchbot

Related: Vitalik wants to marque Ethereum ‘as elemental arsenic Bitcoin’ successful 5 years

Technical roadmap: PETs to the rescue

The connection outlines respective technologies already being integrated oregon projected for Ethereum that assistance trim idiosyncratic information exposure, including proto-danksharding (EIP-4844), which limits transaction blob lifespans to astir 18 days, enforcing retention minimization.

Zero-Knowledge Succinct Non-Interactive Argument of Knowledge (zk-SNARKs) tin besides assistance amended privateness arsenic they impact validators confirming succinct cryptographic proofs alternatively than viewing transaction payloads, dramatically reducing onchain information visibility. 

Other PET integrations that could assistance with GDPR compliance see Fully Homomorphic Encryption and Trusted Execution Environments (TEEs), multiparty computation (MPC), Proposer-Builder Separation (PBS) and Peer Data Availability Sampling (PeerDAS).

Proposed GDPR compliance framework. Source: ethresear.ch

Ethereum’s modular compliance strategy

The connection breaks down GDPR implications crossed the Ethereum network’s 3 layers: the execution layer, statement furniture and information availability layer. 

The execution furniture would run arsenic processors relaying lone encrypted oregon blinded data, portion the statement furniture would solely validate commitments and zero-knowledge proofs. Lastly, the information availability layer, nether PeerDAS, would store lone anonymous shards for constricted timeframes, bringing them successful enactment with GDPR’s information minimization principle.

By focusing information controllership connected the exertion furniture and leveraging PETs, Ethereum tin support idiosyncratic privateness without sacrificing its halfway principles, Reggianini claimed. 

However, the framework’s occurrence volition beryllium connected wide assemblage adoption, developer buy-in, and imaginable alignment with EU regulators.

Magazine: Baby boomers worthy $79T are yet getting connected committee with Bitcoin