Privacy in blockchain exists… until it doesn’t.
In this episode, Jamil Hasan speaks with Varun Kabra of Concordium about the tension between privacy, identity, compliance, and scalability in modern blockchain systems.
Rather than treating identity as the enemy of decentralization, this conversation examines whether structured accountability may ultimately be necessary for blockchain technology to operate at global scale.
The discussion explores privacy versus anonymity, institutional trust, reversibility, real-world adoption, and why some systems survive not because they are ideologically pure — but because they remain usable.
Where builders talk freedom, not price.
[00:00:00] Everybody wants decentralization until regulation shows up. So the question is, can you build a compliant blockchain without breaking what made the space matter? Today I'm here with Varun Khabra from Concordium. Let's get into it. Varun, first question is in one sentence, what is Concordium without using the word compliance?
[00:00:29] Wow, that's a good question and a good challenge. So for anybody who's new to it, we are a public layer one blockchain. You know, one could categorize us very similarly to Ethereum, Solana, Avalanche. You know, independent network, own validators, own native token, as well as consensus mechanism.
[00:00:50] I think what makes us different is the architecture decision which is made by the founders that every account in Concordium has a human identity connected to it. Not at the application level, not bolted on top as you know, you would see in every other protocol, but right at the protocol level, which means practically every wallet is associated with a real world identity.
[00:01:17] That has been verified by a third party. We don't do identities. We don't claim to sort of no identities, but there are ID providers which actually do it. But the ID is encrypted, invisible to anyone, including us, even we can't see it. And the user decides where to disclose it, who to disclose it. So, you know, think about it. How do you prove you're over 18 without showing your passport? Right.
[00:01:45] And we use zero knowledge proofs in the protocol to actually prove without revealing who you are. So that's kind of what we are. We have a native token called CCD. It has stable transaction fees. So it's back to a fiat euro rather than it has variation on fees, which matters particularly when you're trying to solve for payments, particularly for the real world who don't want that volatility.
[00:02:12] And we've got a scalable chain, which means we've got like two to four second finality. So I tried to not use the word compliance. I don't know if I did. Right. So who's it for? What's your chain for? So I think I think our chains chain is for, I would say, three types of audiences. Number one, the builders who really want to build real world products and use a decentralized infrastructure.
[00:02:42] So operate within the real world rules. And we can talk at length about identity and why we think it's so, so important. Secondly, for enterprises who actually want to get the benefit of scale, you know, stability, you know, lack of centralized control.
[00:03:02] But more importantly, I like I mean, we all kind of came into the world of blockchain because we believed in the principles and we also saw how the infrastructure built on blockchains could be far, far more efficient. And thirdly, it's for people like you and me, like, you know, we care about our privacy. We don't want our data to be shared. One could argue the Internet today is having more data about ourselves. And as we scale with the AI and the agentic economies right over there, this problem will become bigger and bigger.
[00:03:32] So that's kind of like our three core audiences that we care about. So let's get into the identity. So my first question on identity is why put identity at the protocol layer instead of what most other people do, which is at the application layer? Yeah. So, I mean, there are two parts to sort of explaining that.
[00:03:54] One is maybe maybe I take you through a little bit of how Concordium started, because, you know, typically many of these architectural decisions are driven by the fact of how founders think about things. So, you know, Concordium was founded back in 2018 by this wonderful gentleman called Lars Sire. Now, Lars co-founded Saxo Bank, ran it as a CEO for, I think, over two decades.
[00:04:20] So, you know, built a really serious global financial platform. He wasn't crypto native. He actually came from an institutional background. Right. But, you know, as a lot of us have been interested in the ethos of blockchains, he was also there. And he was good friends with many people who are crypto natives.
[00:04:40] Like, I know, Lars kind of told me very, very early when when when we were having our first conversation that, you know, he had debated this architectural choice of complete anonymity, which, you know, from Lars perspective, does not scale in real world. So he kind of said the entire industry is building an infrastructure that no regulated bank would ever touch, not because regulators would like to be unreasonable.
[00:05:07] And sometimes they do. But because I think it made compliance structurally impossible. The idea, I mean, we've all lived in the world where I guess for over the years we hear about smart contract hacks all the time. So by building it on the protocol, you're absolutely reducing the vector surface, but also sometimes you're making it economically unviable to sort of put in the effort to hack the chain.
[00:05:32] Obviously, anything in this world is hackable. The question is really about economics. Right. And then if the idea is at the protocol level, your privacy preservation through zero knowledge proofs can also be delivered on the same thing. And and, you know, this is this is the part which I actually love because he was coming from institutional side. He didn't try to build it with the usual crypto talent, as you know, many of the blockchains were built.
[00:06:00] He went to academia, he went to the biggest and the strongest cryptographers around the world. So he went to the cryptographers, he said, OK, you know, we need to build something which uses the ethos of blockchains, applies the decentralization principles, but solve for real world problems and identity taking identity out does not scale. My idea was always part of part of the protocol level.
[00:06:28] OK, so make sure I understand you completely here that the reasons what what you solve by having identity at the protocol layer that other chains don't solve is one of number one, you remove security risk. Number two, you make it unviably economically unviable to hack. Yeah. And you have any have privacy preservation. Yeah. OK, great.
[00:06:57] I would I would even say, I mean, while it could not have been relevant back then, right, like if you remember, you know, the early days of of I guess our industry, people were chasing NFTs. Then there was DeFi summer. Then there were meme coins. Then there were L2 wars. And honestly, nobody cared about identity.
[00:07:22] You know, this is why I guess Concordium kept building an architecture while I think people watched and said, like, look, how come everybody else is getting like, you know, those unicorn valuations and kept shipping the stuff. But I think I think that was hard. If I if I can think of those very hard. And there was always this questions which come in. Right.
[00:07:48] Like when when you're not being successful, while you absolutely believe in in the right things being done, you question yourself. But I think I think the team did what, you know, I would argue was the best thing. Let's keep building. Let's not, you know, try to lose belief. And then the time will come. And I think I think late 2024, when the agentic narrative and economy started breaking through.
[00:08:17] And, you know, if you remember, particularly last year, the regulations caught up. Right. Like, you know, you had the UK is online safety act. You had the copper enforcement. Age gated verification on the Internet became quite a necessity. Right. Like, you know, US enforced laws, European enforced laws, UK enforced laws.
[00:08:42] And and if you think about it with agents, the problem just magnifies. Right. So seven years building this chain, we think we have the moment right now, whether the market agrees with us or not. That's a question I guess we're all sort of created on. And this is also a bet we're making. I don't think there is certainty in life, but this is a bet we're making that we're right now in the right moment.
[00:09:10] Great. So you said a few things that are contradictory. So I just want to make sure we clarify some things. OK, you said nobody cares about identity. But then you said, you know, Lars sought out the best cryptographers in the world, you know, and then there you need age. Age verification is a hot topic. So if you sought out the best cryptographers in the world and age verification is necessary, you know, and nobody cares.
[00:09:40] Nobody cares about identity. You know, who has the ability to reverse anonymity on Concordium? Who could do that? Why is it important? Yeah. So I think nobody cared about identity. I think everybody cares about it now. So back in 2018, when Concordium was sort of conceived, I think nobody cared, I would say. And nobody is a little bit of a big statement.
[00:10:08] But I think in our industry, there was a belief that complete anonymity is what matters. Right. I think everybody now is racing to have identity slapped on, which is why you have Solana ID. You've got many, many. You've got WorldCoin, for example. Everybody's trying to solve for identity because the real world does operate on identity. Right. Now, let me let me answer the other part of the question in terms of like, look, who can disclose your identity? Right.
[00:10:38] Is that is that what you know, I understood your question correctly. Right. I want to know who has the ability to reverse the anonymity. Yes. So. So, yes. Yeah. So Concordium is a blockchain infrastructure and there are multiple parties. Right. So when you as a user or as a business, you get on the blockchain, you have to go through an identity verification process. So, you know, classic way. Right.
[00:11:05] You upload your passport, the ID providers, which are not Concordium, they are credible providers like Nota Bene, for example, or DTS. They would verify your ID. Is your passport real? Does it resemble you? Et cetera, et cetera. Now that ID is object is stored in your wallet. Concordium never has any any information. But then you can then use that object to verify.
[00:11:34] Like I said, are you above 18? Yes or no. Through zero, zero knowledge proof because your wallet keeps your identity. Right. Are you a citizen? Yes or no. Because your passport would define that. Now, so it's privacy by default. Right. There is no reason for your ID to be available to anyone. Right.
[00:11:53] Now, let's say there is an issue where it's felt by authorities that this wallet is doing something unlawful. Right. In that case, there is a multi party disclosure process, which has a few parties. You've got the ID providers. Right. Which had your ID. They obviously cannot make any connection directly on the chain. You've got what we call as privacy guardians.
[00:12:22] These are law firms, credible law firms based in Switzerland. And then this whole process has to be activated through a Swiss court order. So I cannot, you know, as a regulator, go to an American court or a Chinese court or an Indian court. I have to go to a Swiss court, get an order and only by a Swiss court order, this multi party disclosure process can allow for the identity and wallet to be connected.
[00:12:50] So no single party has keys. So, you know, Switzerland has the best privacy standards in the world. Right. So getting this order from Swiss court means actually there is a problem. Right. It could be money laundering. It could be those those kind of things. It is not government surveillance. Right. It's it's kind of like hard to do that. So we've taken the best privacy standards in the world, not from a from a legal authority, but actually from a court authority.
[00:13:18] So Swiss police cannot do it. A Swiss court actually has to do it. You've got the credible ID providers, which are mostly European. I think one is Danish, one is Swiss and you've got this this. And then you've got privacy guardians, which are law firm. So only when all of them through a Swiss order are required, then the ID can be disclosed and connected to a wallet. So there are very, very high privacy standards.
[00:13:46] Other than that, obviously, either it's an agent or it's a human. Your ID is you. Your privacy is yours. You decide what you want to do, where you want to verify, what you want to disclose. All of that decision stays with you. So we actually do not believe in complete anonymity. We believe in privacy, which is a user has control of what they want to share, who they want to share with, but doing it within the frame of law and with the highest privacy standards in the world, which is the Swiss standards.
[00:14:17] Great. So. So. Worst case scenario here. Say that Swiss court somehow gets corrupted and pressure, what prevents and like if they get pressured and they get corrupted and your and your identity is no longer safe privacy. Like, is that the centralization or is that just conditional access? Yeah. Yeah.
[00:14:43] So, look, the chances of a Swiss court order, unless, you know, they really, really feel and the case has to be presented to them that this is actually completely unlawful. Could be terrorism, could be, I don't know, malicious act of money laundering. A Swiss court cannot be pressurized, right? Like this is why Swiss privacy still today holds up the highest standards.
[00:15:11] Now, if there is a court order being law abiding, I guess, infrastructure, there is a process which allows for ID providers and privacy guardians to actually sort of serve to the court order. And so we do believe in the rule of law.
[00:15:32] But for all practical reasons, no single party can, you know, decide that, okay, I want to disclose this wallet and connect it to an identity, whether it's a law firm, whether it's ID providers, whether it's Concordia. I mean, we don't even have the data to it. So it's really, really hard.
[00:15:54] But at the same time, like, you know, we live in the world, which is governed by law, we believe in the principles of law, and we have created a process which allows for the law to be applied in extreme scenario. And, yeah, you know, we haven't seen where Swiss court has actually passed an order till today. So I think the process is working as of now.
[00:16:24] Great. So you said other chains slap on, you know, privacy identity issues, you know, I can see where that could break, right? So when you say privacy is preserved, under what exact conditions could it disappear then?
[00:16:47] I guess, I guess, I guess if somebody is doing something completely unlawful, then, then the process allows for identity to be disclosed. But because identities at protocol level, you can't hack a smart contract, get data, the data is in users wallet. And with ID provider, there is no connection, right?
[00:17:16] An ID provider cannot connect ID to an on-chain wallet that is encrypted completely. So there are enough security, I would say, guardrails, which have been done so that it's hard to hack. It's hard to sort of unilaterally find a way, or it could come under government surveillance. All of that is like practically impossible to do with Concordium, right?
[00:17:44] Rather than put it on top as an application layer, because of all of these possibilities, where, you know, you could have surveillance, or you could have abuse. So really to prevent those two cases, and to make sure the user has control over their own privacy, this architectural decision was taken. I understand that.
[00:18:06] So say there is the need for surveillance, or there has been abuse with your chain, is the reveal of the privacy, is that user controlled, or is it automatically system controlled? Yeah, so we believe in a concept of selective disclosure.
[00:18:32] Like, you know, are you solving for privacy, or are you redefining it within a regulation mindset? I think it's a false binary, if you ask my view. I think the whole industry has spent almost 10 years arguing that privacy meant anonymity. That's why you have, you know, tornado cash being sanctioned, or the Bitcoin maxi narrative that mostly serves money launderers. I think real privacy is very much about user control.
[00:19:01] It's about selective disclosure, right? Can I prove I'm above 18, go to that pub, without showing my license, right? Can I prove that I live in UK without exposing my address, which is on my license? Can I prove that I have a credit history without revealing what it is? That's what zero knowledge proofs do. That's, to me, it isn't redefinition. I think that is a technical definition of privacy, right?
[00:19:30] Like, you know, we all live in homes, we have curtains, we control when do we draw them, or when we close them, we allow people in our house through our gates, or our doors. But we make those decisions, right? Like, so I think, in my view, right, like, you know, if people ask that, is compliant privacy a betrayal?
[00:19:53] I'd say the betrayal was probably a decade ago, calling it anonymity as privacy, and pretending both of these are the same word. I think they're completely different. We do believe in the value of privacy and the rule of law. So please help me understand this, because I, too, am one of the people who have condensed the two terms meaning the same thing. The difference between privacy and anonymity is what?
[00:20:19] So think about privacy as something where you're in control, you make a decision, who do you want to show who you are, what elements of what you want to show who you are, and it can be verified, right? So I can tell you, I'm above 18.
[00:20:45] But in anonymity, there's no way to verify it. While in privacy, there is a way to verify it, right? So that, I think, is the primary difference. Second, I think privacy is not about hiding something. It's about having that choice where you're in control, right? I might want to be sharing more with you, but I don't want somebody else to be hearing this, right?
[00:21:14] But I also want to make sure that, you know, whatever I'm saying, you know, okay, I went to this college. I lived here. Can you verify it? In complete anonymity, you can't. In privacy, you can absolutely. Absolutely. So that's kind of like how I think those two definitions are quite different versus, you know, them being the same.
[00:21:35] I don't think privacy is equal to anonymity, even though I think the broader misunderstanding that these two are the same is quite there across our industry, unfortunately. So basically, privacy exists until it doesn't. Yeah. Yeah. Yeah.
[00:21:56] And also, I think, you know, anonymity is something where things can be betrayed, right? It can be leveraged, right? Complete anonymity can also allow you to do things which are great for bad actors. Privacy would not, right? Right. And I think, I'm sure we're all in this industry to make sure it scales to the real world.
[00:22:23] So all the ethos of privacy without the surveillance, right? Like, and I think this is also another debate. I think the idea you can scale blockchains to real world use cases, financial payments, verification, doing every other thing that we want to do without a centralized infrastructure can only scale with privacy. Because that's one of the principles, which was kind of part of the original thinking.
[00:22:53] It kind of went into and became anonymity, which has been leveraged many, many times, unfortunately, which has also given our industry a bad reputation. And I think, you know, one thing which we need to fix, all of us, I guess, in the industry is a brand problem that Web3 has, right? Because once we fix the brand problem, I guess the technology is so good, right? And there are so many unsolved problems in the world which exist, which blockchains can effectively and easily solve.
[00:23:23] We just do not get that adoption because, you know, everybody's kind of like, okay, we're not sure, right? Particularly when you speak to anybody in the Web2 world. So you, I want to touch on two things you just talked about. First is the scaling issue. You know, my question is there is, are you onboarding institutions into crypto or are you reshaping crypto to fit institutions?
[00:23:53] Yeah, I don't think it's either or. I think it's both, right? Right. One, if you think about it, it's quite evident that the agent AI is real, right? It's no longer a demo version, the real version, right? You know, agents can, you know, have wallets. They can sign transactions. They can pay for things.
[00:24:21] But one of the things which is holding a lot of institutions, whether it's in crypto industry or outside, is this idea that how do we connect it to a human identity? Who's accountable when agent transact, right? Like, that's a question, right? Like, no serious institution will be putting a lot of money behind it unless there is accountability, right? Like, so that's one thing.
[00:24:48] Second thing which has happened is the regulations have caught up and they've created some sort of a, I would argue, a verification problem on the Internet. You need to verify because the world lives on the Internet today, right? COPPA in the US, Online Safety Act. Stable coins, I think, crossed probably, I don't know, the number keeps changing, hundreds of billions of dollars.
[00:25:11] But when you look deeply on stable coin transaction volume, you do realize only 1% to 2% of that is used in payments, right? Because payments really require identity infrastructure, big 10, right?
[00:25:27] Now, when you add these two forces, you create a reason where actually it doesn't matter whether you're in the world of blockchains and crypto or whether you're an institution. Agentic economy applies for both. One could argue, blockchain infrastructure is much, much more suited for it because of the way it is constructed.
[00:25:53] Fast, efficient, you know, relatively easy to scale up, scale down, no centralized point of failure. So for us, that's kind of the principle we've been going on. And our kind of choice of partners, the ones we are working with, has been a mix. So, for example, X402, which is Linux Foundations, kind of like runs it now, but Coinbase, Cloudflare, both Web3 and Web2 companies.
[00:26:21] Now, we're integrating with them, right? To make sure the connection works. Then we've got a wallet like Bitcoin.com, which is, I think, close to 80 million wallets, similar ledger. They're actually natively integrating Concordium as a chain, not to have the tokens only, but to allow for these wallets to use verification and payments with that identity layer for their users, right?
[00:26:51] And I think if you think about it, like that's very, very powerful. Like, so if you're a wallet user of Bitcoin.com, you don't have to go anywhere. You just go and say you want to go and buy or pay your rent, right? Your ID is within your wallet through Concordium, but, you know, it just proves who you are. It doesn't show who you are, right?
[00:27:17] And then you can make stable coin payments through Concordium Reels, right? So it's verified access and verified payments. And the same thing applies to agents. We're also extended the identity, which the humans have also to agents. So any agent, whether you're on Solana, whether you're on Ethereum, you can actually call on to Concordium and get the verification with the human identity, right?
[00:27:43] Like you can go make payments, you know, agent to agent, agent to human. All of that is possible. So for us, I think the agentic economy actually has been pretty, pretty good. You know, you're onboarding institutions and you're helping them reshape. Where's like, doesn't that present a conflict at some point? And how would you resolve that conflict? I don't see that as conflict.
[00:28:11] I mean, being a platform, to me, it's a flywheel, right? You know, you have to have these. Let's take an example, right? So we've got a MICA compliant stable coin issuer called Stabler, which is stether backed. That is issuing natively in Concordium on the protocol, right? So they're stable coins natively on Concordium.
[00:28:34] Then you've got Bitcoin.com, which is a wallet, which can use this as a token for payments, right? Like natively. And the user wants to probably pay using stable coins, cheaper, faster, easier. Merchant doesn't even have to pay the two and a half, three percent as a fees to MasterCard. There is instant settlement. So it's a win-win for everyone.
[00:29:00] So the user goes, uses their Bitcoin wallet, uses a Stabler, stable coin, which then connects that, yes, this person is verified and this person has the money which belongs to this person, right? Doesn't matter who this person is, right? They don't need to know that, right? So that goes. The merchant is satisfied. They can prove to the regulator that we did an age verification. We did a compliance check. It's cheaper, faster settlement is instant.
[00:29:28] So for us, actually, it's not a conflict. It's actually a very good thing that we can provide a platform which allows merchants, which allows regulators, which allows stable coin issuers, and which allows for wallet providers to actually become a use case which helps everyone. And we at the bottom infrastructure powers this. That makes sense from a surface standpoint to me. I still have a problem here.
[00:29:57] It's, you have two priorities, right? You have privacy and you have compliance, right? When there's a clash between privacy and compliance, which one does Concordium choose? Yeah. So I guess, I guess the question we're really asking is like, you know, does compliant privacy still preserve the ethos of crypto?
[00:30:25] Is that what I think is the question? Because I don't think there's a choice. I think that's kind of where one should think about. So, you know, let's go back, right? Let's look at the ethos. I think the ethos of crypto was that no government should know that I exist, right? That was the original ethos. To me, I think the battle was lost the moment crypto touched fear trails.
[00:30:55] Lost in 2014, not in 2024, right? So one pretending otherwise is a little bit theatrical, right? The ethos of crypto was that I own my data. I disclose what I choose. No third party gets to surveil me, you know, by default. To me, then compliance and privacy aren't at odds. Compliant privacy actually delivers that. It's the only way the ethos survives in the real world, right?
[00:31:24] So to me, self-sovereignty is very much around I having control rather than nobody know I exist. Particularly, I have a strong belief that privacy is the one which will allow us to get to the original ethos of crypto. Also, beyond actually finding real world applicability. But I think the agentic economy makes it even more real, right?
[00:31:51] And I think that's what I'm very, very excited about. Like, you know, today that, you know, the things that we've been building, particularly at Concordium, the agentic economy sort of brings that front and center. Because one, accountability. An agent transacts, something goes wrong, who do you sue, right? Who do you charge back, right? Without the identity that I try to provenance, the entire thing kind of fails. Second, eligibility, right?
[00:32:21] You know, an agent buys an age-restricted goods or it books my travel. Who should be? And maybe I'm not allowed to travel. I don't know, right? Or it accesses financial products. Without identity, you're creating sort of a compliance black hole, right? It's like, you know, you're kind of agreeing to something which should not be allowed. And thirdly, I think the whole point of, you know, permissionless, right?
[00:32:47] Like, if you think about it, the concept was trust at scale, right? You know, once, you know, it wasn't about like, you know, you don't have permission or you don't need permission. It was that, you know, the trust would operate at scale. So I think, in my view, in the next 12 months, there'll be more agents doing transactions than humans. And they'll be doing faster, you know.
[00:33:12] You can't have humans verify each one of them as what exists in Web2 world today, right? So trust either has to be engineered in the system or the system doesn't function. I don't think there's a middle path. This is where the choice needs to be made, right? So, which is why we keep saying either identity has to be solved by protocol layer or every agent gets some sort of a centralized verification API,
[00:33:42] stripe identity, persona identity, which is kind of like anti the crypto ethos, right? Like that's where actually completely dies. So our model where actually it's decentralized today, like probably not completely decentralized, it's federated. So we've got a multiple ID providers, user has a choice which one to go with. They don't connect anything back to the chain. Concordium doesn't have anything to do with it. Concordium doesn't see it.
[00:34:12] But they are really good at doing ID verification. That's why they are a part of this whole infrastructure. Then there are privacy guardians who are really good at protecting citizens. And there is a Swiss code, which has the highest bar. We might agree with or disagree. Is that a good bar enough? But it's the highest bar of privacy standards in the whole world. And then, you know, that's pretty cool, right? Like if I think about it, that's brilliant.
[00:34:39] So we are very, very excited actually about the time now. So what does Cypherpunk agree with you when you say that you're using the agentic AI economy to bring back the original ethos of crypto? Yes, I would say so. The Cypherpunk belief was not about hiding. It was having control, right? Like, you know, I have control. I decide. Zero knowledge proofs, selective disclosure.
[00:35:10] We have this fantastic technologies which exist today, which actually allows us to deliver on those Cypherpunk beliefs, you know, which had been coined many, many years back. So if Concordium succeeds globally, right? What disappears from this space? Is it permissionless systems? Is it anonymous usage? What stays and what goes?
[00:35:36] I hope this camp in the world of crypto, which is only here for speculation, disappears. Because we will bring real world usage to blockchains and take blockchains to its original purpose. So I think that's something which I hope.
[00:35:58] And I hope the second group, which is really into crypto as builders and have been building the infrastructure for years, because they don't believe in speculation. They actually believe in the original promise of the blockchain. They will scale. And we will see a lot more user institutional adoption of this technology. Not just Concordium. I think to me, like blockchains overall.
[00:36:25] And we actually would see users getting control of their data. Because today's, if you think about the internet today, is absolutely massively, you know, sort of controlled by a few organizations and few governments for that matter. So, you know, users will get self-control and things would be cheaper, faster and better. Right?
[00:36:46] Like, you know, I don't have to wait for Fiat Reels to send money from London to India to my dad, which takes five days. And, you know, for every $1,000 I send, you know, the traditional bank would charge $44. It is instant settlement, matter of minutes through stable coins. But they're all verified. Right? So, you know, off ramps are easy. You can use those into payments. You can pay for your rent. You can pay for your coffee.
[00:37:15] You can do whatever you want. Because we all operate within an infrastructure and a technology which has identity on its core. I have one final question. Say tomorrow. It's a hypothetical, too. Say tomorrow. Regulators put the clamp down globally. And they demanded full visibility, right? Does your system bend or break? We don't control the system.
[00:37:45] So, I guess, you know, it doesn't really matter. The system is designed so that there is no central authority of it. We have a governance community, you know, which defines many of these things. ID providers are decentralized. Privacy guardians are decentralized. So, you know, I don't think we have any role to play over there in terms of making that decision whether we bend or break.
[00:38:12] To me, it's very much in the user control. Varun said, no one controls identity on Concordium. But what we actually heard was something else. A system of identity providers, privacy guardians, and ultimately a court process that can connect a wallet to a person. That's not no control.
[00:38:41] That's structured control. And to be fair, that might be exactly, exactly what makes it work in the real world. But let's not pretend the trade-off does not exist because this is where crypto is heading.
[00:38:59] Not pure anonymity, not full decentralization, but systems that decide when privacy holds and when it doesn't. That's the real conversation. That's the real conversation.


