Developing the Hack-Proof Privacy Coin: No ‘PICNIC’


Even the best anonymous chains were only as secure as their users- until now.

Privacy coins have become a fixture in the crypto market. Their white papers are paeons to the libertarian, Austrian School of economics, anarcho-capitalist streak at the heart of the blockchain revolution. But while the idea behind these tokens might be lyrical poetry, the reality has been more an exercise in screaming headlines.

Monero, probably the most famous of these deliberately not-famous coins, recently had to deal with a malware attack that snatched value out of wallets downloaded from its own website. At least one person who was alerted to the attack decided to go ahead and use his wallet anyway and ended up $7,000 poorer. Similarly shocking, a 2018 University of College London paper found that only 7.1% of Zcash transactions take advantage of the security settings available; most of the rest are completely transparent – because that’s how the defaults were set.

Even so, privacy coins generally live up to their name, at least as far as their code is concerned. They provide anonymous, untraceable transactions for – and here is the important part – those who are sophisticated enough to use them properly. Candidly, that is a very small percentage of people in the crypto trading game. It’s safe to say that most of the errors are on Layer 8 of the seven-layer OSI model. They are wetware bugs, biological interface errors. They are what system analysts call PICNIC: “Problem In Chair, Not In Computer.”

The challenge, then, is to make the blockchain impervious to the self-hack. One project, Pirate Chain, may have figured out how to do precisely that.

Privacy by default

Trading under the absolutely perfect ticker symbol ARRR, Pirate Chain begins with Zero-Knowledge Succinct Non-interactive Arguments of Knowledge, better known as zk-SNARKs. These take a degree of complexity out of intricate, verifying computations. While the theoretical underpinnings have been around for decades, it wasn’t until the 2016 launch of Zcash that it found practical application.

A zk-SNARK “proves possession of certain information without revealing that information, and without any interaction between the prover and verifier,” according to Forbes.

Pirate Chain, which forked from Zcash, employs zk-SNARKs as a default rather than as an option, assuring that something approaching 100% of transactions are shielded from disclosure.

The trick, though, is to make each coin impervious to hacking not only in-flight from one wallet to another, but from the moment it comes into being. Only that way can users be fully assured that each transaction is at once verifiable and untraceable. That is why an ARRR coin starts out with an unusual consensus mechanism called delayed proof of work, or dPOW.

This hybrid consensus method allows one blockchain to take advantage of the security provided through the hashing power of another. So-called notary nodes add data from the first blockchain onto the second, which then requires both blockchains to be compromised to undermine the security of the first. Pirate Chain’s zk-SNARKs are predicated on dPOW mining, which has the added advantage of being more energy efficient than bitcoin-style POW due to its leveraging of neural networks.

“Pirate Chain and collaborating mining pools obfuscate the mining pool reports,” according to a Pirate Chain team member who, in the spirit of working on a privacy project, goes by the nom de jeton Wookiee. “dPOW, which notarizes transactions to avoid a 51% attack, is like having a second padlock on your door,” Wookiee says.

Sense of mission

Incidentally, dPOW was developed by the Komodo project, which specializes in custom permissioned blockchains for legacy businesses. It may be an odd origin story for a privacy coin, but it speaks to what was most important to many of the individuals who were working on Komodo – some of whom are now the co-founders of Pirate Chain.

Another element of Pirate Chain’s dedication to privacy is that it’s fully decentralized. There is no third party in charge of any user’s funds at any time. Rather, all transactions are trustlessly confirmed on-chain.

The best guarantee of privacy is the project team’s commitment to it, though, and “commitment” does not begin to convey the sense of mission members of the Pirate Chain crew bring to the discussion.

“We’re not just proponents of privacy, we’re champions of the human right to privacy,” Wookiee says. “We’re more than just a project, even more than a grassroots community. Just as other non-governmental organizations are dedicated to saving rainforests or protecting dolphins, we see ourselves as an NGO (non-governmental organization) dedicated to that basic human right.”

Given this set of values, the Pirate Chain crewmembers are often at odds with other corners of the blockchain world. Of course, they are competing directly with more established privacy coins. But they’re not shy about expressing what they see as the shortcomings of the bellwether bitcoin, which they consider too transparent to fulfill the potential of cryptocurrency. They’ll also give you an incredulous chuckle if you ask them about central bank digital currencies. And while they would never tell Binance or Coinbase to delist ARRR should it come to that, they’re not actively pursuing centralized exchanges as a way of pumping the coin’s trading price. They’re much more philosophically aligned with the decentralized exchanges.

Pirate Chain might not be run by actual pirates, but there is something of the freebooting outlaw to their self-perception.

Even so, Pirate Chain is thriving as it pursues its mission. Although it was founded in 2018, ARRR took off this April and is now one of crypto’s top 10 privacy coins.