Creating secure obfuscation has proven brutally difficult. An ideal version was shown to be impossible in 2001, sending researchers after the weaker iO target, a roughly two-decade effort plagued by failed attempts. The recent good news is that iO can now be built under reasonable security assumptions.
The downside, however, is that runtimes are, in Buterin’s words, “galactic,” efficient on paper but absurdly slow in practice.
Buterin compared the timing of SNARKs, the zero-knowledge proofs now critical to Ethereum scaling, around 2010, before years of optimization turned them from a curiosity into a working infrastructure. The suggestion is that obfuscation could take the same path from a theoretical advance to a usable tool, even if a single run today would be hopelessly expensive.
Privacy coins like Monero (XMR) already hide things on a live blockchain, so why is Buterin treating this as if it’s unsolved? Because they hide different things. Monero hides transaction data, such as who paid whom and how much, using ring signatures, hidden addresses, and confidential amounts.
Obfuscation in Buterin’s sense hides the logic of the program, the code itself, not the data flowing through it. As he says, iO hides the code, not the data. Monero has been addressing transaction privacy for over a decade, but program obfuscation has never been run in production anywhere, and closing that gap is what their post is about.
