I want to talk about a fairly practical use case that @MidnightNetwork is targeting. It is less 'abstract DeFi privacy' than many things commonly seen in crypto. It mainly relates to healthcare and heavily regulated industries.
Imagine a simple situation.
A hospital needs to prove that a patient is eligible to participate in a clinical trial. However, they do not want to send the entire medical record to their partner.
The traditional way is quite tiring.
Must create a data sharing agreement back and forth for a month. Or worse, send raw encrypted data via email. These two methods sometimes still carry the risk of HIPAA violations if the process is done incorrectly.
With ZK proof on Midnight, the logic is slightly different.
Hospitals only need to create a cryptographic proof that the patient meets criteria A, B, and C. The partner receives the proof and verifies it within seconds. The original records remain securely in the hospital system. No one sees them.
A similar case may occur with AI
An AI company can prove that its model is allowed to use dataset X without needing to disclose the content of that dataset.
Or users can verify that their query is not stored to train another model. All this is also done through ZK proofs.
In finance, there are also some quite interesting names.
Oxbridge Re with ticker OXBR on NASDAQ is building tokenized reinsurance securities on Midnight.
MoneyGram is a partner node for the international payment sector.
eToro has also been onboarded.
The noteworthy point is that this is not a small crypto startup, but a listed company and a real financial institution.
But there is a question I think must be raised directly.
Regulatory compliance varies greatly in each region.
HIPAA in the United States.
GDPR in Europe.
PDPA in Southeast Asia.
Each place has its own interpretation of data protection.
Mathematically, ZK proof can prove conditions without disclosing data. But so far, there haven't been many major regulators officially stating that ZK proof can completely replace traditional compliance audit processes.
Selective disclosure looks very appealing in the whitepaper.
But convincing a compliance officer at a hospital in Ohio or a bank in Frankfurt that
“ok, just trust ZK proof instead of our 20-year audit system”
...that story is probably not simple.
The enterprise sales cycle in healthcare is usually measured in years, not months.
That is the hardest part, in my opinion.