Here’s Why Web3 Needs Confidential Smart Contracts
Confidential smart contracts allow more privacy in transactions and can be used for a wide range of applications. Read more in the Oasis blog!
Smart contracts will always be a fundamental building block for everything in Web3.
However, they still need improving.
In a virtual world of permissionless finance, the smart contract is a mechanism for speed, efficiency, trustlessness, transparency and security. Smart contracts manage a wide range of types and quantities of sensitive onchain information, and this data needs to be protected. Confidentiality is an essential ingredient in architecting improved smart contracts. By design, public blockchains are transparent. But a smart approach to privacy by using confidential smart contracts means reinforcing individuals’ data sovereignty and user-controlled privacy in a transparent financial ecosystem.
Oasis pioneers confidential smart contracts to address the limited privacy built into existing smart contract developer tooling and resources. Smart contracts with programmable privacy settings accelerate growth of the existing Web3 landscape and, critically, they unlock yet-unknown possibilities beyond the familiar, established blockchain infrastructure.
Mainstream acceptance of Web3 depends on robust solutions to the privacy failings of Web2 companies, and Smart Privacy through confidential contracts is a key step towards this revolution.
What are confidential smart contracts?
Confidential smart contracts are transaction protocols on blockchain networks that execute predetermined rules with user-determined privacy settings to protect data involved in the virtual agreement.
Snooping third parties can scrape whatever information they want from unprotected smart contracts on public blockchains. Even the most basic network explorer allows anyone to browse a catalog of information on any transaction at any time, including the transaction’s timing, recipient, sender, value, asset type, method of transfer, and more. This is the default status of transparent smart contracts.
Confidential smart contract allows this data to be kept private, even from node operators within a network. Engineers who deploy it are also unable to see confidential data executed by peers who execute an agreement via the shared contract.
However, every contract does not require the same type of confidentiality, which introduces a key design element of confidentiality on Oasis: customizability. In the same way that transparent smart contracts can be customized to fit whatever situation a user needs, confidential smart contracts on Oasis can also be purpose-built to meet the specific privacy requirements of any user.
What can confidential smart contracts do?
Consider the future of Web3 (account abstraction) for a moment.
Growth and development inevitably involve more tokens, networks, layers, and applications. Infinite scalability is a highly desired goal, but reliable communication across all of these segments of Web3 is an essential precondition for it to scale. Communication synchronizes the state of all activity throughout Web3, and smart contracts are the primary mechanism for communicating what is happening where and by whom.
But, more often than not, the Web3 status quo cannot communicate well. In fact, the industry has most likely reached the limit of scalable communication with transparent smart contracts. Better communication is the key to scaling. Oasis believes “better” requires programmable privacy.
Consider a few potential use cases that appeal to different audiences within Web3. The following examples are abstract, but they highlight the wide-ranging flexibility of data protection through confidential smart contracts.
- Time-Based Confidentiality: Perhaps users want to use (or deploy) a smart contract that keeps secrets only for a predetermined period of time (e.g. days or blocks). In a DAO, this criteria could be useful to protect sensitive voting information while a proposal is being evaluated, and only after the voting is finished will results be made public. For financial accounting purposes, sensitive onchain transaction data could be kept secret for a predetermined period of time and later made public to facilitate audits by a third party.
- Investment Confidentiality: Using confidential contracts allows investors to control the type of sensitive financial information they disclose to the public. For example, one investor may wish to protect the amount they invested but disclose the asset(s) they acquired. A separate group of investors may do the opposite, hiding the type of assets they acquire but disclosing the total sum value of their portfolio. Each scenario, albeit simple, is possible.
- Cross-Chain Confidentiality: Consider a Bitcoin or Monero light client controlled through a confidential EVM-based smart contract. In this scenario, a confidential contract could manage funds, transactions, and other operations across the separate chains with a fraction of the execution overhead that other infrastructure requires. A trustless bridge from an EVM network to Bitcoin, by comparison, would require a block-by-block synchronization of the network’s entire state. Other privacy solutions (e.g. zero-knowledge proofs) would introduce significant computational overhead.
- Autonomous Confidentiality: Wallet utility and management can be greatly enhanced through confidential contracts. For example, a wallet address can be public, but only the confidential contract knows the private key. So, the wallet can sign its own transactions and manage assets and data within the wallet address autonomously. This type of autonomous confidential wallet-managing contract can also be configured to act as an oracle for other users.
Read more on Web3 and dAPPS smart privacy
Oasis smart contracts protect data privacy.
Oasis smart contracts are designed to have their own secrets, by default. Confidential smart contracts on Oasis run on Sapphire, the first and only confidential EVM in Web3. Developers can deploy smart contracts that are 100% confidential, 100% public, or anywhere in between.
Of course, Oasis is not the only privacy option for developers in Web3, but its features outweigh the potential advantages of other technologies. Developers can accomplish lots of interesting things with alternative privacy technologies, but there are even more tasks they cannot complete simply because the contracts cannot natively keep secrets by default. Moreover, the complex cryptography and mathematical overhead required to execute contracts that integrate alternative privacy solutions is a burden that builders on Oasis simply do not experience.
There is no perfect top-down solution for privacy in Web3. But, the best way to integrate formidable protections for individual data is to empower users to create their own privacy settings with customizable frameworks that are native to the code-based agreements they participate in. That goal is the core of the smart privacy framework created by the Oasis ecosystem.
Learn more about confidential decentralized exchange (DEX), illuminex, powered by Oasis Saphire
Learn more about confidential smart contracts.
The era of confidential smart contracts is in early stages of development. Many important building blocks for full implementation of the use cases enabled by confidential contracts are not yet built. And some of the necessary building blocks are not even known. But another important consideration is asking, “What existing infrastructure can be removed because smart contracts now have customizable privacy by default?” The answers to all of these questions will define Web3.
To learn more about confidential contracts on Oasis, watch this recorded presentation from SmartCon 2023 on the next generation of EVM smart contracts. Also, explore the Sapphire protocol and the Oasis Privacy Layer (OPL) framework.
Join the Oasis community in building the future of Web3 privacy on Discord, Twitter, and through Oasis community programmes.
This article has been updated since its original version published in 2022.