Neha Narula | Director

Re: Comments to the Financial Crimes Enforcement Network on Requirements for Certain Transactions Involving Convertible Virtual Currency or Digital Assets

FinCEN Docket No. FINCEN-2020-0020, RIN 1506-AB47

January 4, 2021

DCI Director, Neha Narula and Patrick Murck (@virtuallylaw) submitted this comment on FinCEN's latest proposed rule. They explain this might limit policy choices for a future digital dollar, reduce market competition, and most importantly, that's not how addresses actually work.

Abstract:

Exchanges are critical for providing liquidity and price transparency to markets, but electronic exchanges sometimes front run their users: because the exchange is in a privileged position, it can observe incoming orders and insert its own orders or alter execution to profit, if undetected, risk-free. There are cryptographic schemes to address front-running, but they either require an assumption of non-collusion or do not definitively prevent it, and none can provide the exchange with useful evidence of good behavior: a transcript the exchange can show to an offline entity, like a potential new customer or a regulator, to prove that it is not front running.

We present ClockWork, a practical exchange protocol which gives an exchange the ability to prove to a user that it did not front-run their order. In ClockWork, users commit to and encrypt orders inside a timelock puzzle. By assuming a lower bound on the time it takes to solve the puzzle, we ensure that no one, including the exchange, can submit new orders or selectively drop orders after the batch is fixed, and that users cannot repudiate committed orders. Users interacting with the exchange are convinced that the exchange did not front-run, and the protocol creates a transcript between the exchange and the users that serves as evidence orders were matched correctly and has attestations from users who agree they were not front-run. We implement ClockWork and show that despite using computationally expensive timelock puzzles, it provides reasonable performance for batch auctions . This is a useful tradeoff to provide a verifiably correct exchange.

Dan Cline worked with the DCI via the Co-op program from the University of Massachusetts Amherst. His mentors were Neha Narula and Tadge Dryja

Introduction

In a 2019 speech, Bank of England governor Mark Carney said that “Technology has the potential to disrupt the network externalities that prevent the incumbent global reserve currency from being displaced.” Certainly one of the most interesting places where technology is disrupting payments and finance is in cryptocurrencies. Cryptocurrencies have emerged from open source development communities in large part because electronic transaction systems are too expensive and they have not evolved fast enough to keep pace with the demand for retail online digital payments and more sophisticated types of financial transactions. The wide variety of experimentation in cryptocurrencies is causing technologists and central bankers to rethink the interface to money and explore a digital form which can be held by users and companies directly. This could lead to a financial system with a simplified institutional structure, capable of serving the public at a much lower cost. Though there has been much discussion about the policy design for central bank-issued digital currency (CBDC), there are important technical points missing from the conversation: CBDC should not be a direct copy of existing cryptocurrencies with exactly the same design and features but there are things we can learn from their emergence - the usefulness of programmability in money and the importance of preserving user privacy.

Cryptocurrency technology, in some instances, can provide an important feature: Anyone can participate and build applications with financial transactions to a standard, which creates a free-entry market that enables competition. These rules are set and maintained by users of the system, not by a coalition of companies or other large market participants. This is due in large part to the fact that many participate in observing, auditing, and validating the creation of money and the legitimacy of payments by observing a highly replicated audit trail of activities.

The cryptocurrency ecosystem should be viewed as a laboratory where developers are inventing different technologies, monetary policies, governance strategies, and reward systems which are competing. The space is still in its infancy, but make no mistake -- successful ideas from this area will eventually find their way into the more conservative world of fiat digital payments. Libra and other stablecoins are the latest prominent example of these ideas breaking through. There will be more.

By Ethan Heilman (Boston Uni), Neha Narula (MIT Media Lab), Garrett Tanzer (Harvard), James Lovejoy (MIT Media Lab), Michael Colavita (Harvard), Madars Virza (MIT Media Lab), and Tadge Dryja (MIT Media Lab)

We present attacks on the cryptography formerly used in the IOTA blockchain, including under certain conditions the ability to forge signatures. We developed practical attacks on IOTA’s cryptographic hash function Curl-P-27, allowing us to quickly generate short colliding messages. These collisions work even for messages of the same length. Exploiting these weaknesses in Curl-P-27, we broke the EU-CMA security of the former IOTA Signature Scheme (ISS). Finally, we show that in a chosen-message setting we could forge signatures and multi-signatures of valid spending transactions (called bundles in IOTA).

Auditing and financial oversight are critical to proving institutions are complying with regulation. This paper presents zkLedger, the first system to protect ledger participants’ privacy and provide fast, provably correct auditing.

The Web has steadily evolved into an ecosystem of large, corporate-controlled mega-platforms which intermediate speech online. In this report we explore two important ways structurally decentralized systems could help address this.