An assessment of Secret Network’s privacy preserving properties
Public permissionless distributed ledgers can enable unprecedented freedoms but they can, at the same time, be tools for surveillance and totalitarian control. Secret Network could provide efficient technological solutions (filling in the gaps) to the end of protecting and advancing the public value of privacy that permissionless public blockchains evade by design.
1. Introduction to the Secret Network: Privacy is a fundamental Human Right
Privacy is a fundamental human right recognized in the UN Declaration of Human Rights of 1948, the International Convenant on Civil and Political Rights of 1966 and in many other international and regional treaties.
Generally speaking, privacy is the right to be free from interference or intrusion.
Information privacy (more specifically) addresses the right to have control over how our personal information is collected and used.
It is important to draw this distinction so that we better understand what it means to transact on a blockchain and why:
- privacy is important on public permissionless distributed ledgers (blockchains);
- how public permissionless blockchains evade privacy by design and
- how we could fix this major flaw.
Why do we need privacy?
Privacy underpins human dignity and key values such as the freedom of association and the freedom of speech. It has become one of the most important human rights issues of the modern age.
Information Privacy is equally important because — among others — :
Privacy protects information that we do not want shared publicly (such as health, personal finances).
Privacy may protect our physical safety (provided e.g. that our real time location data remains private, or that a malevolent actor does not know how much money we have/own).
There are endless examples of why privacy is important and there is a growing importance, diversity and complexity of this fundamental right in the light of big data, IoT, AI & DLT (blockchains).
Why do we need privacy on Blockchains?
Misconceptions about our right to privacy
There are various misconceptions about our fundamental right to privacy, some times (perhaps) due to a lack of understanding how fundamental a value it is to human societies. Some claim that since they have got nothing to hide, they are OK with surrendering their privacy rights to AI, big data companies or the government. Some claim that protecting our privacy on each device we interact with, is impossible. Others go on to claim that encryption gives wrong-doers or terrorists an invisibility cloak.
Let us now pause for a second and think. Is it really worthy sacrificing a fundamental human right over the above misconceptions and concerns?
All of misconceptions mentioned above, seem to ignore the scope of legitimate uses where the protection of our privacy is quintessential to our happiness and well being.
Misconceptions about public permissionless blockchains: A cautionary note
Apart from our misconceptions on our right to privacy and why privacy is important to us, there are also misconceptions about distributed ledger technologies and public permissionless blockchains in particular.
Users seem to deify blockchain and the evident revolution that started by Satoshi Nakamoto and Bitcoin back in 2008.
Distributed ledgers do not only enable freedoms; they could (at the other end of the scope) become an Orwellian dystopia coming true, whereby important aspects of our personal and economic lives (if not all of them) are being tracked (by the government or better say everyone). The state of euphoria this revolution has brought to blockchain fanatics, could suddenly turn to a state of perpetual unhappiness/misery as blockchain offers the perfect tool for surveillance to the hands of everyone, not just governments.
Public permissionless blockchains offer free (as in free beer) surveillance by design.
An avid rights’ activist and inspiring legal scholar, Lawrence Lessig, has argued that we will need to define what are the proper ways in which data can be used and what are the improper ways in which data can be used and, in turn, develop the infrastructure for this conversation.
In the light of blockchain technology and public, permissionless blockchains (distributed ledgers) in particular, there is no switch between proper and improper uses, data is accessible by everyone. Whereas you can argue that you — at least — remain pseudonymous, de-anonymizing your BTC address may be easier than you think.
Which in turn creates the imminent need for technologies and blockchains like the Secret Network (or more importantly Monero) to step in. It is an encouraging thought that there are networks like the Secret Network, already building the infrastructure that will try and reclaim privacy while interacting, transacting on Public Permissionless Distributed Ledgers.
There are myriads of reasons why this should be the case as indicated above and as it will be further analyzed in the following section of this chapter.
Why do we need privacy preserving blockchains? Secret Network’s claim.
Secret Network claims to be the first blockchain with privacy-preserving smart contracts. Thus, applications built on the Secret Network can utilize encrypted data without revealing it to anyone, including the very nodes securing the network. This, in turn, allows developers to build powerful, permissionless, privacy-preserving applications — Secret Apps.
Public permissionless blockchains fail to protect privacy by default, by design i.e. through an architectural feature that one may consider as a “flaw”. This means that all the data used in smart contracts is exposed to everyone. On public permissionless blockchains you are not anonymous, you are at best pseudonymous and everyone can still track your activities.
This constitutes a paradox, as unprecedented surveillance could be effected through the implementation of a technology (blockchain, distributed ledger technology) that was originally meant to enhance (not limit) freedoms. In this sense, it appears public blockchains suffer from a severe flaw. For example, public addresses on public blockchains can be tracked by everyone and there is no such notion as the right to be forgotten years down the road. All your activities are publicly accessible..perpetually.
Blockchain technologies could enable unprecedented freedoms but they could, at the same time, be tools of surveillance and totalitarian control.
All balances, transfers, and smart contracts (and when these contracts execute), are publicly available on blockchains like Ethereum while you can track all Bitcoin addresses. If someone knows your public key, they can see all of your activity on a public blockchain. This feature limits the ability for certain industries and entities to leverage the power of public permissionless blockchains.
Think of this in real world terms: How would you feel if anyone could see when you visited the online store and bought porn, when you went to the coffee shop, when you dined at X restaurant or your balances in the bank, contracts you signed and with whom etc? The architectural design of public permissionless blockchains exacerbates the above, so anyone with your public address could see and track the above perpetually.
For blockchain technology to achieve global adoption and thrive, users and organizations need control over how their data is used — they can’t and shouldn’t expose it to everyone.
Secret Network solves the problem of the lack of privacy on public distributed ledgers, helping to secure and scale the decentralized web. Secret Network’s technology could be implemented on myriads of legitimate use cases. After all, healthcare, traditional finance, and banking industries would all require some sort of privacy layer in order to be able to leverage blockchain technology in a compliant way. More so, users would demand it.
DeFi too, could be largely benefited from the privacy preserving properties of the Secret Network and privacy preserving blockchains of this kind.
For example, if you tried to take a loan from a traditional banking institution, the bank would screen you to see if you qualify for the loan, after you gave your permission to them. This same process exists in DeFi, but with two key differences: the information gathered during the screening process is shared with the entire blockchain instead of being shared with a single institution. Second, anyone can screen your e.g. balances, at any given time, without your permission.
Had these DeFi contracts existed as Secret Contracts, these screening processes could exist in a Trusted Execution Environment (TEE), which would — in turn — allow these contracts to perform their functions without any data having to be publicly released, not even to the very nodes executing the contract. Imagine the potential and possibilities for on-boarding more real world users had this been the norm.
Please note that some of the problems above could be solved through implementing permissioned public blockchain solutions or private blockchains. Still as far as public permissionless chains are concerned (such as Bitcoin, Ethereum etc.), all information is publicly available.
2. Overview of Privacy Preserving Technologies Implemented by the Secret Network
The following layers are already being implemented on the Secret Network :
This main net upgrade that took place on September 15th, 2020, makes the Secret Network a blockchain running live smart contracts with encrypted inputs, outputs, and state. That is possible because every node operator validating the network activity uses a secure enclave — the same type of technology securing your fingerprint on your smartphone. You can think of Secret Network as combining the programmability of Ethereum with the privacy of Zcash. This capability for “programmable privacy” now allows developers to begin building their own permissionless and privacy-preserving “Secret Apps.”
secretSCRT (sSCRT) is already live on the Secret Network’s main net: Combining the programmability of ERC-20s with the privacy of Zcash or Monero, “Secret Tokens” according to Secret Network’s claim unlock important use cases and create new value. The first Secret Token is now live on Secret Network’s mainnet, it is called “SecretSCRT” (sSCRT) and it is the first implementation of the SNIP-20 standard!
sSCRT is a fungible Secret Token that is backed by SCRT, the native currency of Secret Network. It allows you to deposit X amount of SCRT (which is not private by itself) and obtain an equal (X) amount of secretSCRT (sSCRT), the wrapped privacy token.
You can now mint sSCRT through a GUI on Keplr wallet.
Adoption will be key and it remains to be seen whether that will be the case.
A new bridge connecting Ethereum and Secret Network, is currently live on testnet; it will soon be arriving to mainnet (on December 14th, 2020) and it is one of the most anticipated layers built on top of the Secret Network. It is being developed by the developers behind the Enigma Project.
This is the most important update since the Secret Network’s mainnet upgrade that made Secret Network the first public blockchain with full smart contract privacy on mainnet. The goal of the bridge is to provide privacy to assets from blockchain ecosystems, including Ethereum. According to the claim by the Secret Network’s teams and developers they have built “a simple way to create synthetic (wrapped) ETH and ERC-20 tokens on Secret Network that can be used with full privacy, at lower cost” compared to Ethereum’s exorbitant fees.
PLEASE NOTE: However it is important to note that these tokens cannot be used on the Ethereum ecosystem.Why does this matter?
How does it work?
To illustrate, here’s an example of what a user interaction with the bridge would look like:
1) Alice sends 10 ETH to an Ethereum lock contract and provides her Secret Network address.
2) Multisig committee watches this event and sends a mint request of 10 secretETH to the address Alice provided in step 1. The Secret Network then mints these wrapped tokens accordingly.
3) Alice can now transact with secretETH on Secret Network and utilize her secretETH in the native Secret DeFi ecosystem.
4) When she wishes to move back to Ethereum, Alice burns her secretETH and provides an ETH address to receive back her ETH.
5) Multisig committee creates a TX on Ethereum that instructs the Ethereum Bridge smart contract to move ETH to Alice’s address in step 4.
This process can be replicated for any amount and for any ERC-20 token.
PLEASE NOTE: Still, there are superior solutions to Secret Network’s bridge such as Althea’s Peggy bridge. Secret Network’s bridge relies on a Multisig Committee signing the transactions unlike with Althea’s Peggy Bridge whereby validators of the network sign transactions (thus running a risk of slashing if they maliciously sign a transaction). For more information on IBC and bridges see the article below:
Inter-Blockchain Communication Protocol (IBC): The TCP/IP Protocol of Blockchains, Bridges & Trends
This post explores the breakthrough innovation that the forthcoming Stargate upgrade brings to the Cøsmos ecosystem &…
4. Interoperability with the Cosmos Network ⚛️ ecosystem
The Secret Network being a Cosmos SDK/Tendermint Core project will be interoperable with the rest of the Cosmos ecosystem especially after the implementation of the Inter Blockchain Communication Protocol (IBC) confirmed to be going live via the Stargate upgrade of the Cosmos Hub by the end of 2020.
5. Interoperability with heterogeneous blockchains through Cosmos’ IBC
Again the anticipated Stargate upgrade on the Cosmos Hub will not only bring further interoperability with Cosmos projects, but more so, will enable interoperability with heterogeneous blockchains such as BTC.
Post IBC protocol’s implementation, sky is the limit!
Cosmos Network and Zaki Manian, have stated that the Stargate upgrade will soon be shipping (estimated 1st quarter 2021), implementing — among others — the Inter-Blockchain Communication Protocol (IBC ) which will revolutionize the space and change what we knew about blockchains. Heterogeneous blockchains will not be siloed spaces unable to communicate with each other anymore as the IBC is a fundamental blockchain interoperability protocol that handles reliable transport, authentication, and ordering of data across blockchains.
You can draw an analogy here and claim that IBC will be to blockchains, what the TCP/IP Protocol is to the Internet, namely a transport protocol that is blockchain agnostic
According to the claims from Cosmos Network:
The protocols that power the Internet are great for information transfer, but they were never designed for money and other digital assets. Enter the Inter-Blockchain Communication (IBC) protocol. The proposed IBC standard provides the foundation for a new token economy, permitting anyone around the world to accomplish quick and secure exchanges.
Now the global economy can connect to the blockchain, and through IBC parties on existing blockchains will be able to interact and exchange with each other across heterogeneous chains.
The Secret Network’s privacy enabling properties could further increase the value of an ecosystem of inter-connected/inter-operable blockchains.
Again adoption will be key and it remains to be seen how Secret Network will impact the Cosmos ecosystem.
6. Tendermint Consensus Byzantine Fault Tolerance (BFT) delegated Proof-of-Stake (POS)
For more information of the staking mechanism see my article here: https://johnniecosmos.medium.com/what-you-need-to-know-when-staking-on-the-cosmos-ecosystem-e6fc13a1b0e3
Apart from the above technologies and layers being built on top of the Secret Network, the teams participating in the growth of the Secret Network’s ecosystem, are deliberating over the implementation of the following:
One of the things we’ve been discussing that would likely have a lot of impact, is re-using the Secret Network infrastructure to provide secure, secret oracle functionality — to both Secret Network and potentially other networks as well through future bridges (e.g., IBC).
The general method of enabling oracle functionality, and also to make them secret — i.e., allowing you to stream confidential data from web2 endpoints, such as databases, and feed them into secret contracts, is by leveraging TEEs in much the same way as they are leveraged in secret contracts. Specifically, we would use an idea similar to the one presented in the original Town Crier 4 paper, where the TEE acts as a trusted bridge, which opens up a TLS connection with some web2 service, pulls data from it, and then creates and signs a transaction directly from the TEE that includes that data as an input to some secret contract (or a smart contract if this is bridged to another chain). Given the confidentiality and correctness properties of TEEs (and assuming a proper attestation is attached), one can be sure that data hasn’t been tampered with en-route.
The one (not so small) issue with this approach as it applies to Secret Network directly is that Secret Network is a replicated state machine (all blockchains are), which means, all nodes replicate computations and reach consensus on them, which implies these computations need to be deterministic. Reaching an external source of data from many different nodes at approximately the same time could lead to non-deterministic results and impair consensus. It’s also not very efficient (to say the least).
How do we solve this? There are two ways basically:
- On-chain: There needs to be some deterministic process in which validators choose a single validator that would serve as the Oracle for a given block, or a given transaction. Ideally, Oracle calls would be called in the beginning of the block (and therefore need to be known a-priori). The most natural choice would be to have the current leader/block proposer do this part. Then, oracle results could be sent as inputs to the contracts that need them.
This approach is the cleanest, but is also quite complicated and we haven’t considered all factors here.
2. Off-chain — basically, take Secret Network and run it on a single node — this would constitute a single oracle. This oracle can directly interact with web2 services, but because it’s really running on a single node, there are no issues of non-determinism. From a single oracle, we can expand to a marketplace of incentivized oracles. We need to have a secret contract that manages oracle registration and other details. Users or other contracts can use these oracles directly off-chain, while paying them in SCRT for their work. There are more details to consider here as well, but this general approach does seem more attainable.
Secret NFTs are non-fungible tokens with programmable privacy features that live on Secret Network. These unique items can be used for a variety of purposes, but generally, Secret Network’s team believes that tokens ought to be private if they represent our personal goods and experiences. Secret NFTs are perfect for these types of use cases.
Secret NFTs can have an impact on many industries: art, science, entertainment, business, politics etc. For a detailed overview of the initiative please visit: https://scrt.network/blog/secret-nfts/
9. Secret AMM
Being able to exchange assets easily, securely, and privately is not only essential to blockchains — it’s essential to global business.
At around the same time of the Ethereum Bridge going live, Secret Network will enable an AMM platform facilitating token trades.
It remains to be seen how impactful will the Secret AMM be upon release.
This article is a work in progress. More information will be added as Secret Network goes forward and advances. Being a young network, community and developers are still exploring options for use-cases and growth of the network. Its impact or claimed properties will have to be tested before we can safely conclude how successful Secret Network will be.