<pre>
  W3P: 3
  Title: Privacy features audit concept for security audit organizations & whitehackers (research)
  Status: preparation
  Type: Research
  Created: 2023-10-01
</pre>
## Contents
- [Context](#Context)
- [Privacy features to audit](#Privacy-features)
- [Additional](#Additional)

# Context 

Research on how private web3-solutions are used within the Ukrainian-Russian war (with a focus on privacy-protecting currencies like Zcash). It covers both free & occupied Ukrainian territory & Russia. Where even a "like, share or tweet" is enough for prosecution. Meaning that privacy is the way for freedom of speech protection.

# Privacy features

| Feature  | Observation | 
| Selected privacy technology maturity | latest, old etc |
| Selected privacy technology delivery | state of the privacy tech: test-net, poor code execution etc |
| Default privacy | enabled, not |
| Privacy policies (data collection policies) | what data is collected & why; marking non-essential data collection practices |
| Non-consent data collection practices | IP, wallet, balance etc |
| Anonymous set | data "profile" service reveal about you |
| Third-party privacy tech maturity | If service is a part of ecosystem - security audit company comments on core tech privacy (Ethereum, Waku) |
| Traceability | How traceable are transactions |

# Additional

| Feature  | Observation  | 
| Privacy risk | low, medium, high |