Incognito Chain Review - Privacy Focused Sidechain

Incognito Chain Review - Privacy Focused Sidechain

. 10 min read

For the last 11 years, Bitcoin and other cryptocurrencies have skyrocketed from niche cyberpunk money to a global phenomenon worth billions of dollars. Bitcoin has been hailed as the next world currency due to its "hard money" qualities.

Privacy is not a key feature of Bitcoin in its current state, it is psuedo-anonymous. As long as you do not reveal your identity or other identifying metadata, there is a high probability that you can keep your transactions private. Almost all purchased Bitcoin originates from centralized exchanges with fiat on-ramps and KYC.

So what's the big deal? Well, all Bitcoin transactions permanently remain on the ledger. Coin analysis and tracking companies use this information along with KYC data shared from exchanges to build network diagrams. These are relational maps of all wallets and addresses connected with a person or persons. The end goal is to be able to connect identities to all addresses and monitor for fraud, terrorism and other illegal activities.

Authorities do not even have to pair identity with wallet/addresses at genesis. They can simply wait for owners to self-disclose their privacy days, months or even years into the future due to the permanency of the blockchain. All it takes to break Bitcoin's privacy is to move funds into a centralized exchange such as Coinbase where KYC information is recorded and stored.  

A network diagram of Bitcoin stolen from MtGox - Source

New AMLD5 regulations in Europe and the "Travel Rule" in the United States require all virtual asset service providers (VASPs) which provide exchange , loans and other crypto-services to KYC all users and share that information with third parties when transactions are initiated. If you send Bitcoin from Binance to Coinbase, identifying information must be transmitted from Binance to Coinbase, so the chain of ownership can be tracked. This isn't just limited to Bitcoin, all blockchains and tokens must be paired with an identity and forwarded to the receiving wallet owner.

“Unfortunately, the common person is ill-equipped to protect their privacy against state-level attacks on Bitcoin. It would take quite a high level of effort out of reach of most people.” Edge Wallet CEO Paul Puey.

Wallet/address identification is a key component of how governmental authorities prevent illegally obtained cryptocurrencies from being sold for fiat or washed into other types of currencies. It also enables targeted advertising against users based on their transaction history. Marketing companies salivate over the ability to directly advertise based on purchase history, total net worth and use of certain tokens/coins.

Coinbase Identity Verification Requirements - Source

While the majority of crypto users don't care about this invasion of privacy, there are more trivial aspects of privacy which are lost with crypto. For example, if you run a distributed team and are paying salaries with USDC or DAI, unless you send all funds from a centralized exchange, each team member's salary is visible. Payroll requires privacy, both to protect wage information and also company account balances.

I value privacy as a core component of my life. As a former intelligence analyst, I uniquely wielded the power of piecing together identifying metadata to create targeting reports. We generate millions of metadata points every single day, freely available to governments and mega-corporations to construct behavioral futures models and markets.

While my initial attraction to Bitcoin was a naive belief that it could break the chains of surveillance capitalism, it would be remiss to hold these ideas in 2020. Fully anonymous private transactions are the holy grail for cryptocurrencies, even if they are eschewed by governments and regulators.

Breaking the Chain

Incognito is a stand-alone blockchain-agnostic sidechain for private transactions and apps. Founded in 2018 by CEO, Duy Huynh, who is also the founder of Constant, Incognito was designed as a solution to the payroll problem described above. Huynh did not want to disclose employee salaries when he was paying with Ethereum-based stablecoins.

"No one wants to show their bank statements to the entire world," - CEO Duy Huynh

Incognito is a full stack solution to privacy.

Centralized Network Layer (for now...)

At its core, the Incognito network is a PBFT proof-of-stake blockchain with sharding. Any node can be added to the network so long as it stakes 1,750 Privacy (PRV), the native token for Incognito's network. Once the node is added, it is randomly selected to become a validator for a 4-hour period and earns 10.9 PRV at current rates.

Read more about pBFT here in my review of Harmony

The team took their design approach from OmniLedger, Bitcoin, Ethereum 2.0 , and Zilliqa.

Incognito network operates with 1 beacon chain, run by Incognito, 8 shards, and 32 validator nodes. The team owns the beacon and the shards. On each shard the team holds 22 of the 32 available node spots currently. The 10 remaining node spots are randomly occupied by the other nodes available to the network. As more nodes come onto the network, the team will roll back their control of the network.

Transactions are UTXO's, akin to Bitcoin, rather than account/state-based like Ethereum. UTXO stands for Unspent Transaction (TX) Output. Incognito claims this makes parallelization easier across shards for scaling. One of the benefits of a stateless transaction is addresses are never reused, increasing privacy. Address reuse is a powerful attack vector for breaking privacy in Bitcoin.  

For the current moment, the team controls 80%+ of the token supply, around 6-7 million tokens of the 8 million supply currently in circulation. A good portion of the 5 million pre-mine is locked for physical node sales, liquidity pools and for pDEX. From the remaining, the team will only be vested 2 million tokens over a 5 year period. Almost 1 million tokens were used for test net expenses and validator rewards.

Only 8 million of the total 100 million supply have been mined so far. The entire supply will be mined after 40 years. Block rewards are reduced by 9% every year. A pre-mine was necessary to populate the first nodes and give the team token liquidity in their pDEX.

Current block rewards collected by the team are distributed equally between the Incognito DAO and to the physical node staking pool. The DAO is used to fund development and ecosystem growth. Any team or person can apply for grants from the DAO. All company expenses are published for transparency and their present burn rate is just under $500,000 a year.

While it does mean the project is centralized at the moment, I was told by company representatives that they will announce in February their plan for how they will use and distribute this PRV. Eventually they want to fully turn over all shards and the beacon chain to nodes once enough come online to prevent any attacks on the network.

Private Data Layer

Transaction privacy is preserved with Zero-knowledge proofs, ring signatures, stealth addresses and confidential transactions to mask all network activity.

With a UTXO based blockchain, there are three things required to validate a transaction:

  1. Signatures are Correct: The transaction originated from and to a valid address
  2. Amounts are Unspent: No double spends
  3. The Sum of the Inputs is Greater than the Sum of the Outputs: Outputs must equal Inputs — Transaction Fees.

Based on the above list, transparent public transaction data is not a requirement for successful operations. Even today it's mind boggling why Bitcoiner's do not promote fully private, confidential transactions.

When observing a wallet with 100 PRV, the funds are a collection of several UTXO's. It could be 100 UTXO's of 1 each, or 2 UTXO's of 50. The amounts don't really matter, just that they add up to 100.

When you spend your PRV, it grabs one, some or all of your UTXO's to spend to the output address. With Bitcoin, a clear, transparent analysis is easily conducted by tracking the public UTXO's. Incognito uses technology based on Bulletproofs (aka confidential transactions) and Cryptonote to break the chain.  

Confidential Transactions

Bulletproofs are based on confidential transactions and were created by University College of London’s Jonathan Bootle and Stanford’s Benedikt Bunz. The technology conceals sent transaction data, such as amount transferred, but the sender and recipient’s address are still visible and can validate each others' receipt. Every Incognito transaction uses a zero-knowledge proof to enable validators to verify without knowing transaction details.

“I don’t think you have to be an idealist to see that confidentiality for money is basically a requirement.” - Benedikt Bunz

The other part of the data layer is based on CryptoNote, an open-source application layer built to provide untraceability and unlinkability for anonymous transactions. Incognito based this on CryptoNote, a cryptographic technology first published anonymously by pseudonym Nicolas Van Saberhagen in 2012.

Ring Singatures in a transaction. 

Untraceability is when the sender address cannot be identified due to all senders being equi-probable. This is achieved with Ring Signatures, based on an original group signature concept first proposed by David Chaum and E. van Heyst that later evolved into “Traceable Ring Signatures.” Ring signatures use multiple public keys mixed together to obfuscate the true signer of a transaction, while still being able to verify that the transaction is valid.

Stealth Addresses

Unlinkability is when it is impossible to prove that two or more transactions were sent to the same person. Incognito achieves this with Stealth addresses, multiple one time keys for each incoming transaction. By using the Diffie-Hellman Key Exchange, the sender hashes the receiver's public key with their own inputs to create a one-time key for that transaction. Only the receiver can decode the key and release funds once the transaction is committed to the block.

App Layer

Incognito is a mobile first platform for iOS and Android.  A desktop and web interface is in development, but don't expect it before Q2.

As Incognito is a sidechain, it uses bridges to securely move tokens from their native chains onto the Incognito network. Bridges are either custodial or non-custodial.

The Ethereum bridge is the only non-custodial implementation at the moment. All deposited funds are held in an audited, trustless smart contract. Tokens are transferred back and forth between each network without the need for any third party manager.

For all other coins (BTC, BNB, TOMO, XZC) Incognito holds the coins themselves in custody (warning: security risk!). Larger holders can request their funds be deposited with licensed regulated custodian, Bitgo. The team told me that this was a less than optimal solution and that they don't want to be custodians in the longer term. A trustless bridge will be released in Q2 for BTC and BNB.

Once on Incognito, users can access the pDEX, a fork of Uniswap for trading and liquidity provision. Currently, the pDEX and Constant are the only two platforms to purchase the token. Anyone can create tokens for trading, so long as they are ERC20. The team put out a request on my podcast for any other token projects to build a bridge to their network.

Smart Contract Interaction

I've done several bridge transactions now and the steps are pretty clear, but also show centralization of the contract.

When a deposit order is created in the Incognito app, a wallet address is provided that will work for up to 60 minutes. I believe the wallet addresses are cycled so that incoming transactions can be associated with their Incognito account. I sent my ETH to this address:

Address 0x6c2d64a5d4af1e12033c1b3de03ec63eec822871 | Etherscan
The Address 0x6c2d64a5d4af1e12033c1b3de03ec63eec822871 page allows users to view transactions, balances, token holdings and transfers of both ERC-20 and ERC-721 (NFT) tokens, and analytics.

After 14 blocks, the ETH was sent to a smart contract at this address:

Contract Address 0x0261db5aff8e5ec99fbc8fbba5d4b9f8ecd44ec7 | Etherscan
The Contract Address 0x0261db5aff8e5ec99fbc8fbba5d4b9f8ecd44ec7 page allows users to view the source code, transactions, balances, and analytics for the contract address. Users can also interact and make transactions to the contract directly on Etherscan.

This is the Incognito Ethereum bridge to Incognito. It contains 150k worth of ETH  after just two months of use. The contract is used around 30-40 times a day on average. Token transfers occur on average around 15 times a day.

The intermediary wallet between my account and the Smart Contract leads me to believe that the team has an automated system running to transfer funds into the smart contract.

Conclusion

Incognito has built a strong privacy producing network, at the expense of trustless operations. For now, the network is essentially run by the company and all token/coin deposits require an intermediary. This is not ideal, but the project has been live only two months. From what I was told by the team, they are working diligently to roll out new decentralizing features and slowly exit as validators. For now, just be aware that they are in control of the network.

It's too hard to come to a conclusion at such an early stage of growth. I wonder what the reason will be that people 100% must use the network. Maybe it's apps? Maybe it's greater payroll and functionality for finance? What I would like to see are more pApps added to the wallet for lending (pcTokens?) and other DeFi features.

I haven't discussed anything about the hardware in this review. I'm waiting to get a node to test out the profitability and ease of use. I've set up a virtual node through Google Cloud and while the directions on the website are good, it took me three attempts to get everything correct.

For Ethereum users, I'm not sold if Incognito's feature set is better than Aztec or Tornado Cash. The app fits a specific purpose to act as a sidechain for token creation and swaps. If they can solve the decentralization problems (yes, they are big) then the network could have a life of its own. Until then, it will be yet another project shooting for fully trustless cross chain data transfers, which no other team has solved yet. I'm not giving up hope just yet;  they do have a head start and the nodes look pretty cool. I would like to see how the next 2-3 quarters play out. I'm making a note right now to revisit this article in 6 months time to see where the project is and if they have achieved their goal of decentralisation. Definitely one to watch.

Note: I'm running a month long test to determine profitability for running a node versus staking on Constant. Another interested blogger already did some back of the hand math on profitability which I recommend you check out.



Subscribe to our podcast on iTunes