**all answers on how to score services privacy (non-redacted)**:
_Questions to be observed_
- does it has untracebility ? (ie addresses is hidden from public ledger)
- does it has unlinkability? (ie transactions can't be linked between each other)
- does amount of transfer is hidden?
- does IP address of participants hidden?
- is it decentralized and based on opensource technology ?
1) much the users in control of their data disclosure? (Scale 1-10)
2) how well commnity feedback and evaluation is built into product dev? (the less -» the more centralised it is -» the smaller the % of it staying private without the collectiv intelligence. this is like the web3privacynow - platform part actually, for sales but also i found this really relevant.
2/b) is there a community bug / security bounty program / platform?
3) how much transparent disclosure is avaliable on the tech and company - like smart contract audits, security audits,source of financing?
4) how private the tech stack it uses on all layers. from hardware to l3/l4 etc. how well it is disclosed what they built on and where they host stuff, or if the tech is decentralised like nym - is there avaialbe dashboard data about this?
5) product roadmap and release flexibiity - this is harder one, and I'm not sure it makes sense. what i mean is its also important to have a clear vision but at the same time to react to current needs / bugs / fixing vulnerabilities. maybe its redundant with no2 and no2b
1. What are the trust assumptions the user has by using the platform?
2. What and how is user information stored and transmitted?
3. How much PII is it stored/collected?
4. How is information collected + processed + disseminated
5. How completely you can participate with total privacy?
- Time of test and battletested code - (e.g. how BSC had passed the stress time of withdrawals with FTX drama or crypto schemes such as ECDSA with more than 2-3 decades alive)
- Entropy (non-trivial to estimate, different measurements for type of service) some examples: https://arxiv.org/abs/2211.04259 or https://blog.nymtech.net/an-empirical-study-of-privacy-scalability-and-latency-of-nym-mixnet-ff05320fb62d…
- Censorship-resistant (how hard it's for a powerful party to block/censor a given service)
- Precise description of the concrete privacy properties. Privacy is complicated so if they don't say exactly what they protect, then its likely vapor