For business-to-business interactions, the requirements of commercial confidentiality mean that privacy is normally essential. When we think about blockchain privacy, it’s helpful to consider two dimensions: anonymity of the parties to the transaction, and privacy of the transaction itself. We can show this as a 2x2 matrix, with the anonymity level running from ‘Anonymous’ to ‘Identified’ and the transaction privacy running from Private to Public. This gives rise to different ability to be confident about the credentials of a counterparty, as shown in the diagram, and different ability to protect commercially sensitive information. Clearly, making all business information publicly available is not an acceptable approach, but also, the need to operate in a regulated environment, and to comply with laws and even basic morality, mean that fully private, completely anonymous transactions are not the correct approach either. With that in mind, the top left of the diagram gives an optimal balance of privacy and assurance in most situations. It’s that quadrant that Nightfall* privacy technology targets.

• True blockchain privacy is hard to achieve. Blockchain technology enables protection against data manipulation and censorship, and therefore increases data security. However, this often comes at the expense of privacy, as records are stored in a decentralized, transparent, and immutable way.
  
• There has been a great deal of research into the problem of blockchain privacy over the last few years and, with the rapid development of Zero Knowledge Proof technologies, this research is beginning to bear fruit.
  

EY has put two applications, Nightfall and Starlight, into the Public Domain. These use Zero Knowledge Proofs to provide blockchain privacy for various applications.

Reimagining privacy on public blockchain with Nightfall and Starlight:

Nightfall uses Zero Knowledge Proof technology to provide private transfers of tokens on the public blockchain. It has a built-in, optimistic layer 2 rollup to increase throughput and reduce transaction costs. A private ERC20 transfer using Nightfall is approximately one eighth of the cost of a conventional transfer.

Knowing who you are dealing with is important, especially when transactions are private. Therefore, Nightfall includes a sophisticated decentralised permissioning component, to ensure that users have undergone an appropriate level of scrutiny:

• Nightfall_Application_Brief.pdf
• Nightfall_FAQ.pdf
• Nightfall_Usecase.pdf
• The EY and Polygon organizations update source code for blockchain privacy-based protocol Nightfall | EY - Global
  
  

The source code for Nightfall version 3 and supporting tools are in the public domain and are available on GitHub.

The ability to make private payments is a fundamental business capability, but sometimes more sophisticated and bespoke business logic is required. However, writing blockchain applications that use Zero Knowledge privacy is difficult, and people with appropriate skills are in short supply. Starlight was conceived as the solution to this problem. It enables a Solidity smart contract to be marked up to indicate which variables should be private, and in what way, and then the marked- up contract can be compiled into a full ZKP-enabled blockchain application using the Starlight compiler.

The compiler creates circuits for generating zero knowledge proofs, a solidity contract to manage the on-chain component, and some NodeJS code to orchestrate everything. It even deploys a working copy to your laptop. The functions in the original Solidity become http:// endpoints which can be called to interact with the compiled application.

• Starlight_Application_Brief.pdf
• Starlight_FAQ.pdf
• Starlight_Use-Case.pdf
• EY contributes the beta version of zero-knowledge-proof compiler Starlight to the public domain to enable secure, private business logic on Ethereum
  
  

The source code for Nightfall version 3 and supporting tools are in the public domain and are available on GitHub.

*Nightfall and Starlight are internal project names at EY for code related to privacy/ZKP on a blockchain. This code has been contributed to the public domain and is not owned by EY. EY provides no warranty and disclaims any and all liability for use of this code. Users must conduct their own diligence with respect to use for their purposes and any and all usage is on an as-is basis and at your own risk.