Tech spike: Decentralized storing private keys for url encrypt/decrypt

[alexcos20]

Problem to solve: we don't want OPF to have to run a (centralized) provider that is holding custody of the keys that encrypt/decrypt each url for Ocean Market.

The Q in the tech spike is to see if we can solve this by somehow storing the secret (private key) on-chain. We don't want to run our own network. If there's a third-party network that interfaces well, that's fine (ideally interfaces with Eth mainnet, but perhaps also via JS in browser.)

Possible tools:

• nucypher. Uses proxy re-encryption.
• keep.network (used for TBTC). Uses MPC. Details & comparison to nucypher
• enigma / Secret Network ?
• enzypt.io?

And maybe there are other ways to solve this problem. E.g. are some of the recent ZK tools, Optimistic tools, or more general blockchain privacy tools useful here?

---

If we can't find a simple/fast solution in the near term, then here's a path forward for V3.0:

• In Ocean Market, ensure there's an option for people to provide an endpoint of the Provider. (Therefore they can retain decentralization.)
• In Ocean Market, if the user chooses to use the OPF-run Provider, set the expectation that this Provider will only be run until some specific cut-off date (e.g. Dec 31, 2021). This ensures that OPF is not bound to some weird long-term commitment that it didn't mean to make.

This "path forward" is now an issue, here.

[trentmc]

Key info about Keep, from the FAQ on reddit:

-- What is the Keep network?

By creating a bridge between the public blockchain and private data, contracts can harness the full power of blockchain technology, without compromising on reliability or transparency. Keep is that privacy layer. We use keeps, or private enclaves, to securely encrypt and store private data. Off-chain keeps will be protected using secure multiparty computation (sMPC), generating, securing, storing, encrypting and transmitting data across many individuals.

Keep provides the first production-ready sMPC system for distribution on the public Ethereum blockchain.

With this system, each individual is given access to a small portion of a secret which is encrypted. To gain or share access to that secret, the outputs are reported back from all the individuals and decrypted to reveal the secret. Keep is Ethereum’s first private computer, able to store and compute data hidden even from itself. This unique approach allows for the safe transfer of information from one party to another on the public blockchain without each individual needing to be online, providing a superior solution to current hash-reveal solutions, private blockchains, and zero-knowledge proofs alone.

You can learn more about using Keep in the real world by reading this article https://blog.keep.network/dapps-daos-and-apartment-hunting-everyday-blockchain-privacy-solutions-2a836c663f12

[0x3bfc]

okay, i will list all of them here in a new thread giving the pros and cons for each one. But for the first cut, most of them won't work without an off-chain service.

[trentmc]

But for the first cut, most of them won't work without an off-chain service.

It's ok for there to be an off-chain service.

Our status quo right now is an off-chain service, that (a) OPF has custody risk (b) is centralized. (For the "convenient" use case.)

So any off-chain service that some other entity is taking custody, and focused on taking custody, is probably better. Better yet is if it's many entities (decentralized).

[0x3bfc]

https://github.com/oceanprotocol/tech-spikes/tree/master/25-decentralized-re-encryption#conculsion

[ssallam]

It seems like Nucypher is the only option from that list.

[trentmc]

This tech spike is complete.

Notes:

• We had a meeting last week among Alex, Samer, Ahmed and Trent to discuss
• None of these options is fast enough for V3.0 timeframe
• NuCypher is the most realistic option for sometime post V3.0 (not necessarily V3.1)

[trentmc]

Here's the follow-up tech spike.