Exposed Data¶
Storing personally identifiable information (PII) on-chain can expose users to several risks and, from a legal perspective, lead to non-compliance with stringent data protection regulations.
Public Accessibility¶
When data is stored on-chain, it becomes part of an immutable ledger accessible by anyone. Anyone with knowledge of a blockchain explorer can retrieve and analyze this information. This universal access is one of the fundamental characteristics of public blockchains, intended to ensure transparency and trustworthiness. However, this same transparency can become problematic when sensitive data is involved.
Storing PII or artifacts tracing back to PII on-chain can enable malicious actors to de-pseudonymize users. An attacker can deduce their real-world identities by correlating users' Ethereum addresses with their on-chain data. The seemingly anonymous nature of blockchain can give users a false sense of security. Still, with sufficient on-chain data, their pseudonymity can be easily compromised.
Data Protection Compliance¶
The inherent public nature of on-chain data storage may violate data protection regulations. For instance, the General Data Protection Regulation (GDPR) in the European Union requires that personal data be processed securely and protected against unauthorized or unlawful processing. Storing PII on-chain can be interpreted as a breach of such requirements, leading to potential legal repercussions for projects or organizations.
Technical Data Artifacts¶
Beyond traditional PII like names and addresses, even technical artifacts like IP or email addresses pose a significant risk when stored on-chain. This information can give attackers insights into the off-chain infrastructure associated with a project or its users.
Consider, for example, a DAO where every participant must run a node. When signing up, they must enter their email address into a smart contract. In that case, this exposes their personal email and might hint at where and how the system's off-chain components are hosted. Such information can be a treasure trove for attackers planning targeted phishing or infrastructure attacks.