Original Title: "Ethereum New Proposal: Modular Architecture + Privacy Enhancement to Comply with EU GDPR Data Regulations, What Are the Features?"
Original author: Editor Jr., BlockTempo
Ethereum community member Eugenio Reggianini published a new proposal on EthResear.ch on June 9, in which Eugenio Reggianini suggests that through modular architecture and privacy-enhancing technologies (PETs), it is possible to meet the data protection requirements of the EU General Data Protection Regulation (GDPR) while maintaining the decentralized characteristics of Ethereum.
Its ultimate goal is to centralize the responsibility of personal data management at the application layer, ensuring that the underlying infrastructure only processes anonymous or pseudonymized data, thereby protecting user privacy while maintaining the decentralized vision of Ethereum.
Modular Architecture: Redefining Data Management Roles
At the heart of Reggianini's proposal is Ethereum's modular architecture, which divides the network into an execution, consensus, and data availability layers, and clearly distinguishes the roles of "controllers" (those who decide how data is used) and "processors" (those who only process data). Personal data is pushed to the edge (wallets and decentralized applications) and off-chain storage and metadata elimination technologies are used to reduce the risk of on-chain data exposure. According to Reggianini, this approach limits the GDPR controller responsibilities to a small number of entities, such as application developers, and reduces the compliance burden by leaving the majority of network nodes acting as processors or not being regulated at all.
Privacy-enhancing technology: Core tools for data protection
The proposal introduces several Privacy-Enhancing Technologies (PETs), including:
· Proto-Danksharding (EIP-4844): Stores transaction data blocks off-chain and prunes them after approximately 18 days to achieve data minimization.
· zk-SNARKs: Validators only verify succinct cryptographic proofs instead of the original transaction content, reducing data visibility.
· Fully Homomorphic Encryption and Trusted Execution Environments (TEEs): Performing operations on encrypted data to ensure that nodes cannot see plaintext.
· Multi-Party Computation (MPC) and Proposer-Builder Separation (PBS): decentralizing data processing authority to reduce a single node's access to personal data.
· PeerDAS: Erases coding shards for temporary data storage, with nodes only holding incomprehensible fragments that automatically expire.
Reggianini introduces that these technologies will significantly reduce the risk of on-chain personal data exposure, meet the data minimization and appropriate technical measures requirements of GDPR, while preserving the decentralized characteristics of blockchain.
Layered Role Assignment: Compliance Strategies for Each Position
The proposal divides Ethereum's transaction processing into three layers and proposes GDPR compliance strategies for each layer:
· Execution Layer: Wallets and application frontends act as controllers to submit encrypted data; relay nodes and block builders only handle hidden data, becoming processors.
· Consensus Layer: Validators only handle proofs and commitments, without involving personal data, becoming neutral validators, and falling outside the scope of GDPR.
· Data Availability Layer: Through PeerDAS, nodes only temporarily store anonymous data shards, in accordance with the data minimization principle.
Reggianini stated that through layered design, personal data has been transformed or abstracted before entering the blockchain to ensure privacy protection and compliance.
Collaborative Governance: The Key to Achieving Compliance
Reggianini also emphasized that the success of the proposal relies on the broad adoption of privacy-enhancing technologies by the community, support from developers, and potential alignment with EU regulatory bodies. Through a collaborative governance model, Ethereum can establish voluntary codes of conduct, further clarify the division of roles, and reduce compliance risks.
Effect: Collaborative governance ensures consistency between technology and regulatory requirements, promoting the sustainable development of the Ethereum ecosystem.
The content is for reference only, not a solicitation or offer. No investment, tax, or legal advice provided. See Disclaimer for more risks disclosure.
Modular + PETs: Ethereum's GDPR Breakthrough Formula
Original Title: "Ethereum New Proposal: Modular Architecture + Privacy Enhancement to Comply with EU GDPR Data Regulations, What Are the Features?"
Original author: Editor Jr., BlockTempo
Ethereum community member Eugenio Reggianini published a new proposal on EthResear.ch on June 9, in which Eugenio Reggianini suggests that through modular architecture and privacy-enhancing technologies (PETs), it is possible to meet the data protection requirements of the EU General Data Protection Regulation (GDPR) while maintaining the decentralized characteristics of Ethereum.
Its ultimate goal is to centralize the responsibility of personal data management at the application layer, ensuring that the underlying infrastructure only processes anonymous or pseudonymized data, thereby protecting user privacy while maintaining the decentralized vision of Ethereum.
Modular Architecture: Redefining Data Management Roles
At the heart of Reggianini's proposal is Ethereum's modular architecture, which divides the network into an execution, consensus, and data availability layers, and clearly distinguishes the roles of "controllers" (those who decide how data is used) and "processors" (those who only process data). Personal data is pushed to the edge (wallets and decentralized applications) and off-chain storage and metadata elimination technologies are used to reduce the risk of on-chain data exposure. According to Reggianini, this approach limits the GDPR controller responsibilities to a small number of entities, such as application developers, and reduces the compliance burden by leaving the majority of network nodes acting as processors or not being regulated at all.
Privacy-enhancing technology: Core tools for data protection
The proposal introduces several Privacy-Enhancing Technologies (PETs), including:
· Proto-Danksharding (EIP-4844): Stores transaction data blocks off-chain and prunes them after approximately 18 days to achieve data minimization.
· zk-SNARKs: Validators only verify succinct cryptographic proofs instead of the original transaction content, reducing data visibility.
· Fully Homomorphic Encryption and Trusted Execution Environments (TEEs): Performing operations on encrypted data to ensure that nodes cannot see plaintext.
· Multi-Party Computation (MPC) and Proposer-Builder Separation (PBS): decentralizing data processing authority to reduce a single node's access to personal data.
· PeerDAS: Erases coding shards for temporary data storage, with nodes only holding incomprehensible fragments that automatically expire.
Reggianini introduces that these technologies will significantly reduce the risk of on-chain personal data exposure, meet the data minimization and appropriate technical measures requirements of GDPR, while preserving the decentralized characteristics of blockchain.
Layered Role Assignment: Compliance Strategies for Each Position
The proposal divides Ethereum's transaction processing into three layers and proposes GDPR compliance strategies for each layer:
· Execution Layer: Wallets and application frontends act as controllers to submit encrypted data; relay nodes and block builders only handle hidden data, becoming processors.
· Consensus Layer: Validators only handle proofs and commitments, without involving personal data, becoming neutral validators, and falling outside the scope of GDPR.
· Data Availability Layer: Through PeerDAS, nodes only temporarily store anonymous data shards, in accordance with the data minimization principle.
Reggianini stated that through layered design, personal data has been transformed or abstracted before entering the blockchain to ensure privacy protection and compliance.
Collaborative Governance: The Key to Achieving Compliance
Reggianini also emphasized that the success of the proposal relies on the broad adoption of privacy-enhancing technologies by the community, support from developers, and potential alignment with EU regulatory bodies. Through a collaborative governance model, Ethereum can establish voluntary codes of conduct, further clarify the division of roles, and reduce compliance risks.
Effect: Collaborative governance ensures consistency between technology and regulatory requirements, promoting the sustainable development of the Ethereum ecosystem.