Privacy in Project Hamilton CBDC

I am in the process of reading the Hamilton Project whitepaper for a US CBDC, and so far, I am struck by how much thought is being put into creating private or anonymous transactions. Here’s what I have gleaned so far.

First, they are decoupling “transaction validation from fund existence checks; only a validating layer needs to see the details of a transaction.” Funds are stored as “opaque 32 byte hashes inside an Unspent funds Hash Set.” This UHS, it is argued, will allow for future privacy-preserving designs that will be explored in Phase 2 of the project. They are also following the UTXO model to allow for “scalable privacy designs.” (Bitcoin comes up a lot in this paper.)

A key to Hamilton’s privacy design is the use of “sentinels” for local validation of transactions. These sentinels receive transactions from users and validate that each transaction is correctly formatted, has valid signatures, and that the balance is preserved (outputs equal inputs). For the sake of privacy, the sentinels could then “strip witness data and only forward the transaction’s inputs and outputs for processing.”

Further, the developers state that the transaction processor does not need to store account balances and information, but the sentinels need to see them to validate a transaction. “We anticipate being able to remove this requirement using cryptographic privacy-preserving design” in Phase 2.

This will result in rather anonymous transactions. However, the devil is in user access to the platform. What KYC will be needed to get into this game?

I find all this very promising, and I will keep everyone up to date on other things I find in the whitepaper.