You are viewing a single comment's thread from:

RE: Tauchain and the privacy question (benefits of secret contracts and private knowledge)

in #tauchain6 years ago (edited)

Enigma works without any centralized party. It works in one of two ways: 1) TEE which is trusted execution environment. They have a partnership with Intel to implement that and this will allow nodes in the Enigma network to execute encrypted software or work with encrypted data. 2) sMPC is the secure multiparty computation software route of achieving the same outcome. The sMPC route is as decentralized as the hardware route but you have to trust the programmers while with the hardware you have to trust the hardware manufacturers.

There can be hidden bugs in hardware and in software so no method is 100% safe. It is the combination of multiple methods where by a market can form and give different options where we can achieve higher security by diversify of options.

Agoras is the intelligent marketplace to be built using TML(Tauchain). The idea here is Tauchain and in specific Agoras can make use of the trusted execution environment (TEE) in the same way iExec and Enigma plan to do. Simple to implement, and immediately Tauchain will have the same ability to do the secret contracts (private knowledgebases) as Enigma/iExec.

So in Tauchain it's about private knowledge bases. In Enigma it's about secret contracts. In iExec it's about private computation. None of these options rely on a centralized third party to do "decoding" because the decoding takes place in TEE but I can see your point with Enigma. In the initial implementation the centralization could be down to a node or machine somewhere executing the code in the TEE. The thing is none of us will know which computer that is because even the node running the code will not know what it's running or what the data is. So if you have enough nodes it will be unlikely anyone can figure out which piece of code is sent to which node and even if you could it would still be in the TEE so you would have to try to hack the hardware encryption.

Sort:  

I went back and reread the article, I got confused when they explained the hybrid Dapp. I was definitely not thinking in the encryption of Tauchain knowledge.

I think you are suggesting that contributions towards a topic develpment in Tauchain (as well as the Tauchain source code), will be keep secure using TEE (or a mix of TEE and sMPC) I can definitely see the value in such combination, and I hope the parties involved in the project are looking out for the intellectual property of the developers/contributors.

Thank you.

The distinction is between an open knowledge network, a private knowledge network, and a mixed open/private knowledge network. I'm promoting the idea of a mixed open/private knowledge network rather than entirely open or entirely private.

So by private I mean access controlled. This would mean algorithms which are run in such a way that no one can reverse engineer or know the algorithm. This would mean code which can run without the users knowing what the source code is (closed and private). There are pros and cons to this though because while the benefits are clear (intellectual property being an example) there are also risks (malicious code). So there has to be a way for the community to balance out the risk vs reward and for each individual to determine the level of risk they are willing to accept.

For more check out the links to the Enigma forums where the philosophical issues are being discussed.