If you’ve been around cryptocurrencies for more than a day, you know that risk is part of the game. But the focus this time is not to analyze Aleo as an investable asset, but to analyze it as a technology and platform.
After studying ZKP and Aleo, I am convinced that it has huge potential. I like Aleo’s approach to reducing the computational cost of ZK. Howard’s credentials in the field speak for themselves. I support Alio. But there are risks, which I divide into three categories:
- Privacy: Do people care about privacy?
- Competition: If they care about privacy, how will Aleo stand out in a noisy competitive environment?
- Regulation: If Aleo comes to the fore, will regulators dampen natural market demand?
privacy
An obvious question facing the privacy-focused world of Aleo and ZK is, do people really care about privacy?
Of course, people only pay lip service to caring about privacy. When our data is breached, we get furious. We don’t like the fact that “when we don’t pay for the product, we are the product.” But… do we really care enough to take action? The monthly active user numbers on Facebook and TikTok suggest we won’t do that.
I actually think those revealed preferences are misleading.
For one, privacy is all the rage. The Metaverse, which itself has more data about what people care about than anyone in the world, is focusing WhatsApp messaging on privacy.
But more importantly, privacy has so far been a trade-off. If you want to use the Internet, you need to give up some privacy. If you want to apply for a mortgage, you need to give up some privacy. The choice is not, “Do I want to use the Internet with privacy? Do I want to use the Internet?”
ZKP has the potential to eliminate this trade-off by simplifying privacy.
If Aleo succeeds, and because it lowers the cost of privacy, the question we ask may become: “Would I prefer this app that gives me control over my data, or a similar app that doesn’t allow me to control my data?” Apps? ” By then the answer was obvious.
Frameworks like this actually make me more bullish on privacy, and Aleo should give developers the tools to protect privacy as seamlessly and cheaply as possible.
compete
As we introduced above, there are about 40 protocols in cryptocurrencies that use ZKP to some extent. Although Aleo is the only fully programmable, fully private universal L1, that’s only half the battle.
At this early stage, the more important half of the battle is educating developers on enough nuances that they are willing to learn new languages and new ways of thinking about developing applications. They also need to be convinced to either leave the comfort of the Ethereum ecosystem or enter the cryptocurrency space first, depending on where they start.
For those in the field, the nuances are apparent, and they seem more willing to collaborate to improve and spread the technology. In addition, zero-knowledge builders and investors believe that this technology will penetrate every corner of the Internet, web2 and web3. From this perspective, we may think that 40 protocols is only a small number.
The risk, then, is not that ZK competition will hinder Aleo. It just faces the same risks that any new platform faces when it comes to enticing developers to build on their stuff instead of something else. In Aleo’s case, that means convincing developers that zero-knowledge is mature enough and affordable enough, and that its language and programming environment make everything easy enough to build within its ecosystem. From there, through (possibly more secure zero-knowledge) bridges, they can connect to other parts of the crypto ecosystem or other parts of the network.
Other L1s have convinced developers through a combination of education and incentives, deploying hundreds of millions of dollars in ecosystem funds to make decision-making a little easier. Watch how aggressively Aleo implements this goal, or if it focuses incentives on provers and lets the technology and SNARK proof capabilities do the talking.
Supervision
Last August, Dutch authorities arrested developer Alexey Pertsev for his alleged involvement in Tornado Cash, a cryptocurrency mixer or mixer, and the U.S. Treasury Department froze Tornado Cash and the Office of Foreign Assets Control (OFAC) sanctions because it was allegedly used by North Korean hackers. Tornado Cash allows users to execute transactions anonymously using zkSNARKs.
For Aleo, the approval of a privacy-preserving protocol using zkSNARKs is clearly a concerning development.
Howard and Alex pointed out that the lack of privacy in web3 protocols like Ethereum actually jeopardizes the neutrality of the protocol. They believe: The agreement should be neutral .
TCP/IP is the protocol that the Internet runs on and is private and neutral thanks to encryption and TLS (Transport Layer Security). No one can read the packets sent from one place to another. If the packets forwarded by my device end up in Iran, there won’t be federal agents knocking on my door.
On the other hand, on non-private blockchains, it is relatively easy to see and put pressure on what providers (infrastructure providers, nodes, and indexers) touch, threatening the neutrality of the base layer.
Howard and Alex believe that it is important that the protocols on the Internet are essentially neutral . For them, privacy is not about helping bad actors evade sanctions, but about ensuring neutrality at the grassroots level. Whatever is built on top of the protocol is the most natural and efficient venue for regulation, as these applications may be sensitive to geography and local regulation in a way that base layer protocols cannot . This mimics the Internet’s successful compliance regime: regulate the application, not the base layer, just like my bank may be sanctioned for sending money to Iran, but the Internet itself will not be sanctioned.
Alternatively, Aleo’s developers could build something Tornado Cash lacks: risk-mitigating controls that would allow compliance with existing laws (and, optimistically, might even inspire more effective regulation). While the base layer is private, most activity will occur through the application, where ingress and egress can serve as important places to ensure compliance, just as they do in the broader crypto ecosystem today (and based on KYC compliance for zk, where applications can confirm that things like KYC and sanction clearance do not compromise user data, would be a privacy improvement over many current KYC options).
In this environment, the tricky part is getting regulators to listen and appreciate the potential of this infrastructure, with the internet itself being an important analogy. People are just as likely to do wonderful things and terrible things on Aleo as they are to do wonderful and terrible things on the Internet. Like developers, Aleo’s biggest regulatory challenge will be education.
I think that’s a real risk, the biggest risk Allio faces, and the best defense is a good offense. Specifically, Aleo needs to demonstrate the value of positive use cases to regulators by engaging developers to build applications with clear consumer benefits. Here, I think uses such as healthcare research, voting, AI data integrity, and user data privacy will be particularly valuable.
At the same time, industry developers and policymakers can work together to develop risk mitigation and compliance frameworks that meet policy goals while protecting privacy and allowing innovation to flourish. Some might say I’m a dreamer, but if that happens we might get more privacy and better compliance.
Ultimately, zero-knowledge has spread, and like any technology, they are not inherently good or evil. It will be the responsibility of the Aleo team and the larger zero-knowledge ecosystem to steer this technology in a way that will far outweigh the negatives with positives.
