Bank of Canada researchers say zero-knowledge proofs are still too immature for CBDC use

Zero-knowledge proofs and similar cryptographic approaches to blockchain network privacy are "in their infancy," and aren't ready to be widely deployed in central bank digital currency (CBDC) systems.

That's one conclusion in a new staff analytical note published by Canada's central bank. The Bank of Canda has been a leader in the research and development of CBDC prototypes. Between 2016 and 2018, as part of an initiative called Project Jasper, the bank explored the use of distributed ledger technology (DLT) for clearing and settling of bank-to-bank payments as well as securities transactions.

The new note is meant to introduce a framework for evaluating various "privacy models" for CBDCs. Different payment methods fall on a spectrum in terms of the privacy they offer users, with the anonymity of physical cash being one end of that spectrum. But in the realm of digital assets, "techniques to achieve cash-like privacy are immature," it said. 

In particular, one privacy-enhancing approach that is widely seen as promising in this context is the use of zero-knowledge proofs, which is how Zcash lets users hide transaction data from public view. 

The Bank of Canada struck a cautionary note, however. Few zero-knowledge proof systems have been deployed, and few people have the skill set required to deploy and maintain them. It warned: "The risk here is that their technical complexity combined with their immaturity could mask vulnerabilities."