Original Title: "New Ethereum Proposal: Modular Architecture + Privacy-Enhancing Technologies to Comply with EU GDPR Data Regulations, What Are the Features?"
Original Author: Editor Jr., BlockTempo
On June 9, Ethereum community member Eugenio Reggianini published a new proposal on EthResear.ch, suggesting that through modular architecture and privacy-enhancing technologies (PETs), it is possible to meet the data protection requirements of the EU General Data Protection Regulation (GDPR) while maintaining Ethereum's decentralized characteristics. The ultimate goal is to centralize the responsibility for personal data management at the application layer, ensuring that the underlying infrastructure only processes anonymous or pseudonymized data, thereby protecting user privacy while upholding Ethereum's decentralized vision.
Modular Architecture: Redefining Data Management Roles
The core of Reggianini's proposal lies in Ethereum's modular architecture, which divides the network into execution, consensus, and data availability layers, clearly distinguishing the roles of "controllers" (those who determine the use of data) and "processors" (those who only process data). Personal data is pushed to the edge (wallets and decentralized applications) and employs off-chain storage and metadata elimination techniques to reduce the risk of on-chain data exposure. Reggianini believes this approach limits the GDPR controller responsibilities to a few entities (such as application developers), allowing most network nodes to act only as processors or to be completely unregulated, thus reducing compliance burdens.
Privacy-Enhancing Technologies: Core Tools for Data Protection
The proposal introduces several privacy-enhancing technologies (PETs), including:
· Proto-Danksharding (EIP-4844): Stores transaction data blocks off-chain for about 18 days before pruning, achieving data minimization.
· zk-SNARKs: Validators only verify concise cryptographic proofs rather than the original transaction content, reducing data visibility.
· Fully Homomorphic Encryption and Trusted Execution Environments (TEEs): Perform computations on encrypted data, ensuring nodes cannot see plaintext.
· Multi-Party Computation (MPC) and Proposer-Builder Separation (PBS): Decentralize data processing authority, reducing a single node's access to personal data.
· PeerDAS: Temporarily stores data using erasure coding, with nodes only holding incomprehensible fragments that automatically expire.
Reggianini explains that these technologies will significantly reduce the risk of on-chain personal data exposure, meet GDPR's data minimization and appropriate technical measures requirements, while preserving the decentralized nature of blockchain.
Layered Role Allocation: Compliance Strategies with Defined Responsibilities
The proposal divides Ethereum's transaction processing into three layers and presents GDPR compliance strategies for each layer:
· Execution Layer: Wallets and application front-ends act as controllers submitting encrypted data; relay nodes and block builders only process hidden data, becoming processors.
· Consensus Layer: Validators only handle proofs and commitments, not involving personal data, becoming neutral validators outside the scope of GDPR.
· Data Availability Layer: Through PeerDAS, nodes only temporarily store anonymous data fragments, complying with the data minimization principle.
Reggianini states that through layered design, personal data is transformed or abstracted before entering the blockchain, ensuring privacy protection and compliance.
Collaborative Governance: The Key to Achieving Compliance
Finally, Reggianini emphasizes that the success of the proposal relies on the widespread adoption of privacy-enhancing technologies by the community, developer support, and potential alignment with EU regulatory bodies. Through a collaborative governance model, Ethereum can establish voluntary codes of conduct, further clarifying role divisions and reducing compliance risks.
Effect: Collaborative governance ensures alignment between technology and regulatory requirements, promoting the sustainable development of the Ethereum ecosystem.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
