How Privacy Works

The ALIAS Privacy Protocol provides complete anonymity when creating virtual cards by mixing your funds with other users' deposits before card issuance. This page explains how privacy works in practical terms—no cryptography degree required.

The Basic Concept

Think of the privacy pool like a jar of coins at a party.

Without privacy (standard flow): You hand the cashier a $100 bill with your name written on it. They give you a card. Everyone can see your name on the bill and connect it to your card.

With privacy (privacy protocol): You put your $100 bill into a jar with 99 other people's $100 bills. Everyone mixes the jar thoroughly. Later, you prove you put money in the jar (without saying which bill) and get your card. No one knows which bill was yours.

The privacy protocol is basically this jar system, but using sophisticated mathematics instead of physical mixing.

The Three-Step Privacy Flow

Privacy card creation happens in three distinct phases.

Step 1: Deposit

You send funds to the privacy pool smart contract on Solana.

What happens:

• You choose a fixed amount ($25, $50, $100, $200, or $500)
• Generate a secret note on your device (never leaves your computer)
• Submit deposit transaction to the privacy pool
• Receive confirmation that your deposit was accepted

What you get: A secret recovery note containing two pieces of information—a secret that only you know and a commitment that proves you made a deposit.

What goes on-chain: The blockchain records that someone deposited $100, but doesn't record who. Your deposit looks identical to everyone else's $100 deposit.

Step 2: Waiting & Mixing

Your funds sit in the pool along with other users' deposits.

What happens: Nothing, literally. Your funds just sit there while other people make deposits and withdrawals. The longer you wait, the more deposits accumulate, increasing your anonymity set.

Why waiting helps: If you deposit and immediately withdraw, you're one of 10 people. Wait a day and you might be one of 100 people. Wait a week and you might be one of 500 people. The more people in the pool, the harder it is to figure out who's who.

No time requirement: You can withdraw immediately if you want. You just get less privacy. Many users wait hours or days for maximum anonymity.

Step 3: Withdrawal

You use your secret note to withdraw anonymously and receive your card.

What happens:

• You provide your secret recovery note
• System generates a zero-knowledge proof on your device
• Proof is submitted to the blockchain
• Blockchain verifies you made a valid deposit (without knowing which one)
• Your card is created and delivered

What goes on-chain: The blockchain sees a valid proof that someone who deposited $100 is withdrawing. It can't tell which $100 deposit was yours.

What you get: A virtual card funded with your amount, completely unlinked from your original deposit wallet.

Understanding Anonymity Sets

Your privacy level depends on how many other people have made deposits.

Small anonymity set (10-50 deposits):

• Harder to trace than no privacy
• Sophisticated attackers might narrow down possibilities
• Better than nothing, not ideal

Medium anonymity set (50-200 deposits):

• Good privacy for most use cases
• Very difficult to link deposits to withdrawals
• Recommended minimum before withdrawing

Large anonymity set (200+ deposits):

• Excellent privacy guarantees
• Nearly impossible to trace with current technology
• Ideal for high-value or sensitive transactions

How to maximize your anonymity set: Wait longer before withdrawing. The pool accumulates more deposits over time, increasing the number of possible matches for your withdrawal.

What Information is Hidden

Understanding what privacy protects helps you use it effectively.

Hidden from everyone (including ALIAS):

• Which deposit wallet corresponds to which withdrawal
• Who owns which card
• Connection between your payment and your card

Visible on blockchain:

• That someone deposited $100 at a specific time
• That someone withdrew $100 at a specific time
• Total number of deposits and withdrawals
• Total amount in the privacy pool

Visible to card providers:

• Card details and usage (but not connected to your deposit)
• Your withdrawal wallet (but not your deposit wallet)

Visible to merchants:

• Card number and standard payment information
• Billing address (generic, not personally identifying)
• Nothing crypto-related or wallet-related

The Role of Fixed Amounts

Privacy only works if everyone deposits the same amounts.

Why fixed amounts matter: If you deposit $127.42 and someone withdraws $127.42, it's obvious that's you. But if 50 people deposit $100 and someone withdraws $100, it could be anyone.

Available denominations: $25, $50, $100, $200, $500

Creating odd amounts: If you need $175, deposit $100 and $50 and $25 separately. Each denomination has its own anonymity set, but you still get privacy for each piece.

Trade-off: Fewer denominations mean larger anonymity sets per denomination. More denominations would fragment liquidity and reduce privacy.

Commitment System Explained

When you deposit, you create a "commitment"—a cryptographic promise.

What is a commitment? Think of it like a sealed envelope. You write "I deposited $100" on paper, seal it in an envelope, and hand it to someone. Later, you can prove what you wrote without opening the envelope.

How ALIAS uses commitments:

• Your secret note generates a unique commitment
• Commitment is posted to the blockchain
• Anyone can see the commitment exists
• No one can tell what secret generated it
• Only you can prove you created that specific commitment

Why commitments enable privacy: The blockchain knows 100 people created commitments for $100 deposits. When you withdraw, you prove you created one of those commitments without revealing which one.

Nullifier Protection

Nullifiers prevent you from withdrawing the same deposit twice.

What is a nullifier? A unique identifier derived from your secret note. Think of it like a ticket stub—once used, it's marked and can't be reused.

How nullifiers work:

• When you withdraw, system generates a nullifier from your secret
• Nullifier is posted to the blockchain
• Blockchain checks: "Has this nullifier been used before?"
• If yes, withdrawal is rejected (prevents double-spending)
• If no, withdrawal proceeds and nullifier is marked as used

Why nullifiers matter: Without nullifiers, you could withdraw the same deposit 100 times and steal money. Nullifiers ensure each deposit can only be withdrawn once.

Nullifiers and privacy: Nullifiers don't reveal which deposit you're withdrawing. They only prove you haven't withdrawn this specific secret before.

Zero-Knowledge Proofs (Simplified)

ZK proofs let you prove something without revealing how you know it.

Real-world analogy: Imagine proving you're over 21 without showing your ID. A zero-knowledge proof would be like:

• Showing a signed paper from the DMV saying "This person is over 21"
• Not showing your birthday, name, address, or photo
• The verification confirms you're over 21 but learns nothing else about you

In ALIAS privacy: You prove "I made a $100 deposit to this pool" without revealing:

• Which deposit was yours
• What wallet you deposited from
• When you deposited
• What your secret is

How the proof works: Your device performs complex mathematics using your secret note to generate a proof. The blockchain verifies the math checks out. The blockchain learns you made a valid deposit but learns nothing about which one.

What Could Go Wrong

Understanding risks helps you use privacy safely.

Losing your secret note: Your funds are permanently lost. No recovery possible. This is by design—if ALIAS could recover your note, privacy wouldn't exist.

Small anonymity set: If you're one of only 5 people who deposited, your privacy is limited. Wait for more deposits before withdrawing.

Timing analysis: If you deposit and withdraw within minutes, timing correlation might reduce privacy. Wait longer for better anonymity.

Amount correlation: If you always deposit and withdraw the same amount from the same wallets, patterns might emerge. Use different wallets and vary timing.

Blockchain analysis: Sophisticated attackers with access to extensive blockchain data might attempt correlation attacks. Larger anonymity sets make this impractical.

Best Practices for Maximum Privacy

Get the most anonymity from the privacy protocol.

Before depositing:

1. Use a fresh wallet you haven't used on ALIAS before
2. Fund this wallet in a privacy-preserving way
3. Choose a common denomination for larger anonymity sets
4. Understand you'll need to save your recovery note securely

During deposit:

1. Save your secret recovery note IMMEDIATELY
2. Store in a password manager or write on paper
3. Never share the note with anyone
4. Verify note is saved before closing the window

After depositing:

1. Wait hours or days before withdrawing (patience = privacy)
2. Check privacy pool stats to see anonymity set size
3. Don't discuss your deposit publicly or link it to your identity

When withdrawing:

1. Use a different wallet than your deposit wallet
2. Wait for a large anonymity set (50+ similar deposits)
3. Generate withdrawal from a different device or network if paranoid
4. Don't withdraw immediately after depositing

Next Steps

Learn more about using the privacy protocol:

• Understanding Privacy - Zero-knowledge proofs explained
• Making Deposits - Step-by-step deposit guide
• Withdrawing Funds - How to get your card anonymously
• Privacy Protocol Overview - High-level introduction