Effective privacy

I have a shielded balance -so now my on-chain privacy is completely protected?! Yes, but...
While your on-chain privacy is perfectly private (your tx cannot be directly linked to your identity) there are a few (temporary) caveats that influence your 'effective' privacy:
  • Shield your funds some time before you plan to use them for the first time. (We currently recommend a few hours to few days)
  • Shield a round number of funds, like 3 or 5 or 10 SOL instead of just the exact amount you plan to use up a day later.
Here's why: when you unshield your tokens privately the actual token transfer is still recorded on the public ledger. What can't be seen is where the payment is coming from. (for the ledger it looks like it's coming from the Light Protocol smart contract). Now say you'd stack your shielded balance and then immediately use the same amount you shielded just a few minutes prior - people could still look at the in- and out flows of the smart contract and try to connect the dots...
  1. 1.
    Your on-chain privacy is directly correlated to the size of the anonymity set at the time of unshielding.
  2. 2.
    While shielded assets are private by default, when you shield and unshield, transactions happen in clear text on regular Solana addresses. So if you unshield before there's a considerable amount of shielding transactions from other users, your shielding address and 'unshielding' burner wallet may be identifiable.
We'll publish a detailed post about this. Until then:
  • We recommend you wait for 10-100 other shielding transactions before you unshield (This currently translates into a few hours to a few days) track the program's token address to check the traffic.
  • Preferably unshield denominations similar to your peers and unshielding amount << shielding amount
Light does not provide off-chain privacy out of the box. This means you still share IP/networking-layer information with various providers when using Light. On-chain privacy should be sufficient for most, but if you prefer off-chain privacy you have to use other tools, i.e. Tor.

Privacy Scores and Recommendations

The Light Shield UI offers a feature that helps you navigate safe usage more easily. When you unshield you get:
  • amount recommendations for what likely are sufficiently private amounts to unshield.
  • a privacy flag. Can either be "Good", "Moderate", or "bad".
It aggregates recent protocol traffic (your own and other users' shields and unshields) and applies a set of rules according to what we described above. Including:
  • Similarity to other unshields, and your own shields
  • Number of other unique users' shields, relative to your own usage
  • Ratios of amount / TVL, and amount / your shielded balance
All calculations for this happen client-side, on your computer. We don't collect or store data that's not on-chain.
  • This is considered a beta feature, and we'll fine-tune the underlying algorithms over time! If you see strange recommendations or find bugs, reach out to us!
  • Note that these are not guarantees for rock-solid privacy but rather rough indicators! Use your own judgement, and when in doubt, check the chain for recent traffic.