filecoin-project / devgrants

👟 Apply for a Filecoin devgrant. Help build the Filecoin ecosystem!
Other
377 stars 308 forks source link

RiMP #1747

Closed f2cf2e10 closed 5 months ago

f2cf2e10 commented 6 months ago

Open Grant Proposal: RiMP

Project Name: RiMP - Rust in Multi Party computation.

Proposal Category: FVM.

Individual or Entity Name: Individuals.

Proposer: f2cf2e10.

Project Repo(s): https://github.com/beroak-com/RImP

(Optional) Filecoin ecosystem affiliations: None.

(Optional) Technical Sponsor: None.

Do you agree to open source all work you do on behalf of this RFP under the MIT/Apache-2 dual-license?: Yes.

Project Summary

This project addresses the essential challenge of balancing privacy and security in digital services that require collaboration among multiple parties within decentralized systems. As an example, consider a consortium of hospitals that need to collaboratively analyze patient data to improve medical research outcomes. Each hospital holds sensitive patient information and is required to comply with strict privacy regulations. Sharing raw data among these institutions would compromise patient privacy and violate regulations. This scenario exemplifies a broader issue in the digital world: how to enable secure and private collaborative analysis of sensitive data across multiple, decentralized entities.

To address this need, the project proposes the utilization of Secure Multiparty Computation (MPC) protocols. These protocols enable multiple parties to jointly compute a function over their inputs while keeping those inputs private. By leveraging MPC, hospitals can collaborate on medical research by performing computations on their collective data without exposing individual patient records. This ensures that the necessary data analysis and processing can occur while maintaining strict confidentiality of the underlying data. The project aims to advance the application of MPC protocols, making them more accessible and efficient for practical use in various industries, including healthcare, finance, online retail and others. The vision is to provide a library with reusable MPC primitives + networking protocols for running multiparty computations. For this proposal, we expect to have a prototype of a single protocol running on IPFS + libP2P.

Additionally, the project emphasizes the importance of decentralization in enhancing privacy and security. Decentralized systems distribute data and computation across multiple nodes, reducing the risk of a single point of failure and minimizing the potential for data breaches. By integrating MPC with decentralized architectures, the project seeks to create robust, secure systems where sensitive data is protected not only by advanced cryptographic techniques but also by the structural advantages of decentralization.

Impact

We believe that, for the Filecoin and IPFS ecosystems, this proposal is particularly valuable as it seeks to enhance the security and privacy of data sharing and processing, which are core functions of these networks. Currently, one of the significant pain points in decentralized systems like Filecoin and IPFS is the difficulty in performing secure computations on shared data without compromising privacy. Users may be reluctant to participate fully in sharing sensible data due to concerns about data breaches and misuse.

We aim to mitigate this concerns by integrating Secure Multiparty Computation (MPC) protocols with these decentralized networks. MPC enables multiple parties to jointly compute functions over their data without revealing the actual data to each other. This is crucial for applications in healthcare, finance, and other sensitive sectors where data privacy is paramount. The benefits of successfully implementing this project are substantial: enhanced user trust, broader adoption of decentralized storage and computation solutions, and the ability to perform complex, privacy-preserving computations on shared data sets. This would empower users to leverage the full potential of Filecoin and IPFS without sacrificing privacy.

The risks for IPFS are relatively low, as this is an additional feature that does not affect the current protocol. However, the potential benefits are immense. Without robust privacy-preserving computation mechanisms, users may continue to be hesitant about sharing data on decentralized platforms, limiting the growth and utility of these ecosystems. Successfully implementing this project would enable secure, collaborative data analysis, especially in sensitive sectors like healthcare and finance. This would be measured by increased user participation, successful deployment of MPC-enhanced applications, and an overall strengthening of data privacy and security in the Filecoin and IPFS ecosystems. Achieving this would position these platforms as leaders in secure, decentralized data management, driving further innovation and adoption.

Outcomes

Adoption, Reach, and Growth Strategies

The target audience for our project includes projects and developers within the IPFS ecosystem such as Iroh, IPVM, Bacalhau, and Filecoin. These projects are focused on decentralized storage, content-addressed execution, and distributed computation, making them ideal candidates for integrating Secure Multiparty Computation (MPC) protocols to enhance privacy and security. This audience represents a significant number of developers and users interested in decentralized technologies, spanning various industries including IoT, healthcare, finance, and distributed computing.

Engaging with this audience involves reaching out to project maintainers, participating in relevant community forums, and presenting our proposal through workshops, webinars, and conferences focused on decentralized technologies. By highlighting the potential benefits of integrating MPC with their projects, we aim to spark interest and collaboration among developers within the IPFS ecosystem.

To onboard new users, we will provide comprehensive documentation, tutorials, and developer guides explaining how to integrate MPC protocols into their projects. Initially, we will target key developers within the ecosystem and collaborate closely with them to onboard the first 10 users. This will involve providing technical support, addressing any implementation challenges, and gathering feedback to iterate and improve the integration process. As adoption grows, we will expand outreach efforts to onboard the next 100 users, leveraging community networks, social media, and developer communities to spread awareness and facilitate adoption of MPC-enhanced applications within the IPFS ecosystem.

Development Roadmap

Milestone 1: Shamir secret sharing

Goal: Implement Shamir Secret Sharing in an Honest Majority Setup with Passive/Semi-Honest Adversaries

Functionality Expected: By the completion of this milestone, we will have a fully functional implementation of Shamir Secret Sharing, a fundamental building block of most MPC protocols. This will include the capability to split a secret into multiple parts, distribute these parts among participants, and then reconstruct the secret only when a predefined number of parts are combined. The system will be designed to handle passive or semi-honest adversaries, ensuring security and privacy under these conditions.

Team and Roles:

Funding Required:

Time to Achieve:

Milestone 2: Libp2p PoC

Goal: Implement a PoC with Distributed Agents on Top of libp2p to Validate the Current Architecture

Functionality Expected: By the end of this milestone, we will have a proof-of-concept (PoC) implementation in which peers communicate and collaborate over a libp2p network. Each peer will run an application (containerized) that will handle both communication and coordination between peers to execute the weighted sum of private numbers. This will validate the current architecture's ability to support decentralized communication and coordination among agents to accomplish the desired computation. The PoC will demonstrate basic network connectivity, message passing, and basic consensus among distributed agents.

Team and Roles:

Funding Required:

Time to Achieve:

Milestone 3: Validate with Iroh

Goal: Implement on Top of Iroh and Further Validate Architecture

Functionality Expected: This milestone involves implementing the system on top of Iroh to further validate the architecture. Iroh, as a robust and scalable data protocol, will be used to enhance the data storage, retrieval, and management capabilities of our system. By the end of this milestone, the system will support more complex interactions and demonstrate improved performance and scalability.

Team and Roles:

Funding Required:

Time to Achieve:

Total Budget Requested

Milestone # Description Deliverables Completion Date Funding
1 Shamir secret sharing Architecture, Shamir secret sharing functionalities and unit tests 2024.07.31 $ 19,040
2 Libp2p PoC A validated use case using distributed agents leveraging Libp2p 2024.09.15 $ 14,280
3 Validate with Iroh Further testing of the architecture on top of Iroh 2024.10.30 $ 14,280

Total budget:$ 47,600

Maintenance and Upgrade Plans

Short term: Community engagement and roadmap

Goal: Blog Posts, Engagement with Iroh Team, Roadmap, Protocols with Malicious Adversaries, CI/CD, Testing, Documentation

Focus: Focus on community engagement, detailed planning, and enhancing the system to handle more challenging scenarios. We will produce blog posts to share progress and insights, actively engage with the Iroh team for feedback and collaboration, and create a detailed roadmap for future steps. Additionally we will establish a CI/CD pipeline, develop unit tests, and create comprehensive documentation to support ongoing development and maintenance.

Activities:

Mid/Long term: New protocols

Goal: Implement Protocols with Malicious Adversaries

Focus: Focus on adding further protocols that handle more challenging scenarios. We will implement protocols to handle malicious adversaries and a dishonest majority that were specified in the roadmap and further validate the architecture and refactor the code base whenever needed.

Activities:

Team

Team Members

A. Bertolace

A. Carvalho

Team Member LinkedIn Profiles

LinkedIn AB

LinkedIn AC

Team Website

https://www.beroak.com

Relevant Experience

Our team members have close ties with prestigious academic institutions:

In addition to our academic pursuits, both team members possess extensive professional experience. With over 20 years of working experience in software development and quantitative/numerical development, we bring a wealth of practical knowledge to this project.

In addition, we have worked on open source projects, such as:

Our previous involvement with relevant projects and organizations, along with our academic and professional backgrounds, positions us well to contribute effectively to the success of this endeavor.

Team code repositories

https://github.com/orgs/beroak-com/repositories

Additional Information

ErinOCon commented 5 months ago

Hi @f2cf2e10, thank you for your time with this proposal and for your patience with our review. Unfortunately, we will not be moving forward with a grant at this time. To contact our team with inquiries regarding our review or grants program, please send an email to grants@fil.org.

Wishing you the best as you continue building!

f2cf2e10 commented 5 months ago

@ErinOCon, thank you for looking into our proposal. We will reach out to the team via email to get your feedback. Much appreciated.