Friendica Social Network

Ownerless, immutable settlement protocols for real-world assets: no operator, no capture, no data

I have deployed a collection of independent smart contract protocols on Ethereum mainnet. Each one is finished infrastructure. No governance, no upgrade path, no owner. Ownership is renounced on all contracts. The contracts are deployed and the keys are gone.

This post is for the privacy angle. The full technical documentation is in the repo linked at the bottom.

Minimal data, by architecture

No protocol stores personally identifiable information. On-chain data is limited to cryptographic commitments, timestamps, addresses, and amounts. All sensitive data stays off-chain with the parties involved.

This is GDPR compliant by architecture, not by policy. There is no personal data to protect because the system is not designed to collect it. The deployer controls their own data. The user controls their own disclosure.

No operator, no capture

The contracts are deployed with renounced ownership. There is no entity that can be subpoenaed, pressured, or acquired. The privacy is structural, it holds regardless of what any individual, p

This post is for the privacy angle. The full technical documentation is in the repo linked at the bottom.

Minimal data, by architecture

No operator, no capture

The contracts are deployed with renounced ownership. There is no entity that can be subpoenaed, pressured, or acquired. The privacy is structural, it holds regardless of what any individual, platform, or authority wants.

Most privacy tools rely on the trustworthiness of an operator. These protocols have no operator to make promises and no operator to break them.

Currency agnostic

Every protocol settles on Ethereum mainnet. What currency a user pays in is a platform decision. A platform can accept XMR, BTC, ETH, fiat, or any combination and convert to ETH at the platform layer before interacting with the protocol.

Combined with the atomic, hop-by-hop settlement structure, this means the payment trail fragments naturally across chains without any privacy feature being explicitly designed in. It is a structural consequence of currency agnosticism and independent atomic settlements.

Human rights and legal grounding

The right to private correspondence is not a crypto argument. It is a human rights argument.

Universal Declaration of Human Rights, Article 12 covers it. ECHR Article 8 covers it. GDPR covers it. A parcel dispatched between two parties with no central record of who sent what to whom is functionally identical to a sealed letter. The legal and moral precedent for protecting that is centuries old.

These protocols are built in that direction. Anyone arguing against this privacy model is arguing against the existing human rights framework.

Documentation, protocol repositories, template repositories, and orchestration examples:

github.com/pablo-chacon/the-su…

GitHub - pablo-chacon/the-substrate: Belongs to no one. Available to everyone.

Belongs to no one. Available to everyone. Contribute to pablo-chacon/the-substrate development by creating an account on GitHub.

^GitHub

#privacy

This entry was edited (2 weeks ago)

in reply to pablochacon

unitedwithme

in reply to pablochacon • 3 weeks ago • •

Wants privacy and security, posts in GitHub lol. Jk sort of. In all seriousness, it's an interesting project I'm going to check out. Thanks for the hard work.

Edit: fixed your link github.com/pablo-chacon/the-su…

GitHub - pablo-chacon/the-substrate: Belongs to no one. Available to everyone.

Belongs to no one. Available to everyone. Contribute to pablo-chacon/the-substrate development by creating an account on GitHub.

^GitHub

This entry was edited (3 weeks ago)

in reply to unitedwithme

pablochacon

in reply to unitedwithme • 3 weeks ago • •

Thanks for the link fix, and the appreciation.

in reply to unitedwithme

WhyJiffie

in reply to unitedwithme • 3 weeks ago • •

pretty sure it's an AI automated account. I had the feels when reading the "blabla: no X, no Y, no Z" listing, and when opened it all these separator lines and many headings made me confident.

cherry on top: it acknowledged your fixed link but did not update the post with it over half a day now

in reply to WhyJiffie

unitedwithme

in reply to WhyJiffie • 3 weeks ago • •

Ah, good catch. Well it's too bad.

in reply to unitedwithme

pablochacon

in reply to unitedwithme • 2 weeks ago • •

As your joke about github vs privacy, I fully agree. But I did this a certain way of several reasons, all design choices has a explanation if you read the docs. And one is the transparency, it's like 3 clicks then you could verify. It wasn't about my privacy in relation to the code, it's privacy regarding real world/"titts-for-tatts"/seller-buyer transactions. But in general my imposter syndrome doesn't like to much discussions in forums. So I'm pretty good at "post&run" to quietly watch on a distance like a creep. And that's pretty much what you could expect from me.

This entry was edited (2 weeks ago)

in reply to WhyJiffie

pablochacon

in reply to WhyJiffie • 2 weeks ago • •

Before dismiss anything based on assumptions it is actually possible to verify that this isn't a AI account. Knowing is better then assuming. 😉
In opposite to a "AI-account" I'm not good at human interaction. Always same result:
they're looking at me, nod their head like they understand. But I see in their eyes they don't. I just hope that others understand what I'm trying to communicate. But on the other hand the "good catch" is very AI-suspicious. How can I know you're not 2 AI-accounts that want this dismissed?

This entry was edited (2 weeks ago)

in reply to pablochacon

[object Object]

in reply to pablochacon • 3 weeks ago • •

I don't quite understand the problem this protocol solves that existing solutions don't, to be honest. I think it would be great to add what problems it solves in the document.

This entry was edited (3 weeks ago)

in reply to [object Object]

pablochacon

in reply to [object Object] • 3 weeks ago • •

Existing platforms settle real-world transactions too, but the rails they run on are owned and operated by someone. That operator can raise fees, gate access, extract data, be acquired, be regulated into compliance, or be pressured by any sufficiently motivated actor. The settlement behavior is only as neutral as the operator chooses to be.
These protocols have no operator. The fee is immutable at the protocol layer. The contracts are deployed with renounced ownership.
There is no entity that can modify the behavior, no platform that can be captured, and no intermediary between the user and the settlement rail.

in reply to pablochacon

yelling_at_cloud

in reply to pablochacon • 2 weeks ago • •

Could these principles be used for ID/age/humanness verification?

in reply to yelling_at_cloud

pablochacon

in reply to yelling_at_cloud • 2 weeks ago • •

Technically: yes. The ERC primitive can act as a verification key. All identity data stays off-chain at the platform layer. The protocol anchors the proof, not the data.
That said it's possible if done with discipline and no PII on-chain. Similar like in the CUT protocol, the token isn't access to the files, it's authorization to access the decryption key of the files. 👍

This entry was edited (2 weeks ago)

⇧

pablochacon via Privacy

pablochacon
3 weeks ago • •

Ownerless, immutable settlement protocols for real-world assets: no operator, no capture, no data

Minimal data, by architecture

No operator, no capture

Minimal data, by architecture

No operator, no capture

Currency agnostic

Human rights and legal grounding

GitHub - pablo-chacon/the-substrate: Belongs to no one. Available to everyone.

unitedwithme

GitHub - pablo-chacon/the-substrate: Belongs to no one. Available to everyone.

pablochacon

WhyJiffie

unitedwithme

pablochacon

pablochacon

[object Object]

pablochacon

yelling_at_cloud

pablochacon

pablochacon via Privacy

pablochacon 3 weeks ago • •

Minimal data, by architecture

No operator, no capture

Currency agnostic

Human rights and legal grounding

pablochacon
3 weeks ago • •