I asked Sonnet why should or shouldn’t trust a PACT, For what that is worth:
Reasons to Trust It
The privacy is in the math, not in promises.
Unlike a privacy policy, which is a legal document you have to sue someone to enforce, cryptographic unlinkability is enforced by mathematics. If the blind signature scheme is correct, physically connecting your identity to your token redemption is computationally infeasible - not just forbidden by terms of service.
Separation of knowledge is structural.
The design deliberately splits what each party knows so that no single organization - not even Cloudflare - can see the full picture. This is called the “need to know” principle enforced by protocol design rather than policy.
It is open and being standardized.
This is going through the W3C and IETF - public standards bodies where cryptographers around the world can review, attack, and critique the design. Contrast this with Google’s Web Environment Integrity proposal, which was designed unilaterally and killed by public backlash.
MPC prevents any single party from aggregating data.
When sites want to measure “how good are our Anchors?” they use Multiparty Computation (MPC) - a technique where multiple parties each hold a piece of encrypted data, compute a result together, and none of them ever sees anyone else’s raw data.
Reasons to Be Cautious
Collusion is still theoretically possible.
The system’s privacy guarantees break down if the organizations involved secretly cooperate. The architecture tries to make this structurally unlikely (different companies with competing interests), but it cannot make it mathematically impossible.
The Anchor becomes a new gatekeeper.
If most Anchors are big tech companies, and you don’t have accounts with them, you may find yourself unable to pass PACT checks - effectively locked out of parts of the web. This is exactly the criticism leveled at the old Apple PAT system.
It is still in design phase.
The technical details of PACTs are still being finalized. 3 The devil is always in the implementation details.
It does seem worth looking into the setup of this, as I admit too a healthy amount of skepticism, but a bunch of people gave it some thought and some of the choices don’t look like money grubbing corporate ones.
I asked Sonnet why should or shouldn’t trust a PACT, For what that is worth:
It does seem worth looking into the setup of this, as I admit too a healthy amount of skepticism, but a bunch of people gave it some thought and some of the choices don’t look like money grubbing corporate ones.
It’s not, if we wanted AI’s opinion we could ask ourselves. Please delete