Privacy is one of the missing ingredients of the current generation of security token solutions. The introduction of regulation and compliance models in crypto-tokens introduced an identity layer that challenged many of the pseudonymity and anonymity concepts of cryptocurrencies. However, security tokens come with their own set of privacy requirements that remain largely ignore by the ecosystem. Thinking that all aspects of security token transaction should be disclosed on a public ledger is not only naïve but literally contradicts many of the best-established compliance models in the securities industry. Recently, I’ve been exploring the idea of using zero knowledge techniques to enable a more robust layer of privacy in security token protocols. I would like to use this article to explore some of those ideas.
Securities transactions are subjected to regulations such as know-your-customer(KYC) that impose identity disclosure requirements among their participants. However, those constraints are mostly based about trying to prove assertions about the investor’s compliance to specific security requirements and not about knowing the identity of the investor itself. In other words, identity compliance is more about proof than knowledge and, understanding that difference, is essential to enable a new set of capabilities in security token applications.