ZachXBT strikes at KYC: "A useless practice" that only benefits hackers
Renowned on-chain detective ZachXBT has sharply criticized the identity verification (KYC) procedure in the crypto industry, calling it one of the most useless types of data in investigations. Moreover, he threatened that the topic radicalizes him so much that he will start publishing on-chain methods to bypass excessive control.
In his statement, ZachXBT emphasized that KYC benefits exclusively malicious actors. When a company is hacked and its management bears no legal responsibility for the theft of user funds, KYC data becomes a tasty morsel for hackers. The analyst also posed a rhetorical question: why does the state effectively force people to pay $100 on the black market for access to basic privacy?
The dispute erupted after a post by ShapeShift founder Erik Voorhees, who warned that KYC might soon be required even for using a computer. Voorhees highlighted the danger of the spread of mandatory identification on the internet. Cryptographer Matthew Green from Johns Hopkins University also joined the discussion. He pointed out that age verification is rapidly becoming part of every new regulatory proposal, and essentially it is not about age but about personal identification. Under the pretext of protecting minors, in his opinion, an infrastructure is being built that ties a person's real name to their actions online.
Privacy technologies under threat
Green described in detail the scenario of the phased deployment of such a system. First, age verification will be introduced for access to some content, and the initial systems will collect identifying documents, some using privacy-protecting technologies. Then the question will inevitably arise: under what conditions will law enforcement agencies be able to access the collected data, and how can an anonymous action on a site be turned into a real name? This, according to the cryptographer, will require "fine-tuning" privacy technologies so that they store the user's true identity in escrow with every site visit.
Access to such data, as the expert believes, will first be opened by warrant, then by request, and in the long term will be built into mass scanning systems. At the same time, Green emphasized that the stated goals — combating grooming and child sexual abuse material — will not be achieved, since historically these indicators have never decreased from such measures. In my opinion, this is a classic example of regulatory creep, where good intentions become a cover for building a total surveillance system, rather than for real protection of vulnerable groups.