WordPress database error: [Table 'partisia.wp_dms_mapping_values' doesn't exist]SELECT * FROM wp_dms_mapping_values
WordPress database error: [Table 'partisia.wp_dms_mapping_values' doesn't exist]SELECT * FROM `wp_dms_mapping_values` WHERE 1 AND `object_id` = '' AND `object_type` = '' ORDER BY `primary` DESC
Throughout the ages, famous philosophers have grappled with the concept of good governance. From Aristotle, Machiavelli, and Hobbes to Rousseau, Voltaire and Rawls, different perspectives have existed and challenged each other over the ages on the topic. Today, in democratic societies at least, the general consensus is that of a government that is accountable to the people, with checks and balances, the guarantees of fundamental rights, and integrity in how it operates. New technologies, such as blockchain, can aid in the pursuit of good governance — this article outlines a few possible examples of how Partisia Blockchain could help governments innovate and better their governance practices:
Paperwork, licenses and standing in lines — bureaucracy is something that regardless of political affiliation, people love to hate. But the true purpose of bureaucracy (whether well-designed or not) is to ensure due process and guarantee people’s rights. This in essence very noble pursuit can run into a variety of different problems, from potential inefficiency to outright corruption. A public blockchain could help to streamline processes and make them more transparent, paperwork can be filed and traced through different steps on the blockchain, whereas combined with MPC the private information in these processes can be kept secret, or only available to certain parties. In certain countries, where corruption is an issue, the intransparency of bureaucracies can allow for wrongdoing in e.g. bureaucratic processes such as ignoring, changing and/or the outright fabrication of documents. A public blockchain could allow for more trust in bureaucratic institutions, especially if those institutions don’t have control over the nodes that operate the blockchain. This is the principle behind a project called DelNorte.
DelNorte is currently running pilot projects in Latin America creating NFTs out of real estate deeds and adding them to a public blockchain. This is meant to make the bureaucratic process more efficient, give more stability and transparency regarding real estate ownership in the participating countries, circumvent potential corruption and maintain the integrity of the institution. While the government is the door to access to the system, the government does not have control over the blockchain and the listed real estate deed NFTs. Partisia Blockchain is proud to have entered into a partnership with DelNorte, helping them to add privacy and security to their e-government solutions.
Governments provide goods and services to their citizens, from parks, highways and schools to militaries for the national defense. While some governments have more resources than others, many of the goods used to e.g., build and maintain a public highway, need to be contracted to third parties. What is usually the case when a government has to contract such goods or services out, is that they publish a tender for which parties can bid. This ideally leads to many different companies bidding for the contract with the government, attempting to underbid each other and/or outclass each other with the quality of the good/service that they provide.
Nonetheless, public procurement bidding processes are often highly intransparent and even prone to corruption, which cheat the taxpayers out of the best possible deal they could have had. Blockchain technology could also help combat this problem, making the bidding process transparent and establishing trust with the general public. However, a major issue with the transparency of a public blockchain is that it does not allow for the hiding of certain sensitive information e.g., a company’s capabilities, classified technology, etc. that could be part of the bidding process. This is where E-Trusty comes in: E-Trusty is a dApp building on Partisia Blockchain to use the public blockchain to create transparency, while obfuscating sensitive information in the bidding process using MPC. The goal is to create a platform for public procurement that allows for the transparency of seeing multiple bids for a given contract, while using MPC to hide and protect sensitive information.
Multiple central banks around the world are beginning to develop and implement so-called central bank digital currencies (CBDCs). As opposed to digital currencies, such as Bitcoin or Ethereum, these digital currencies are centralized and issued by a national bank. They are pegged to the value of a fiat currency and are meant to be a part of the existing financial system. There is however a major concern regarding CBDCs and that is that due to their centralized structure and control, they could essentially allow for a central bank, and by extension a government, to have complete insight into how people are spending their digital money. Furthermore, it is also feasible to imagine that a government could easily overreach, especially if it were to become corrupt, and easily seize such digital money. There would therefore need to be checks and balances guaranteed in the application of a CBDC. One solution for this problem, could be to use MPC to make the settlements of such a CBDC private. Such a system could also be designed to allow for certain transparency towards a government entity with the sufficient legal justification such as a warrant. The CBDCs settlements would be intransparent to e.g. the national bank or the government, however a court could allow for access to certain transaction data for a judicial institution.
In many places across the world, trust in elections is waning: the intransparency of voting systems, combined with distrust fueled by political rhetoric are a major threat to the integrity of democracies today. The recent coup in Bolivia or the storming of the U.S. Capitol have shown that even an unsubstantiated claim of fraud in an election can lead to political violence or even the overturning of a democratically elected government. E-voting, and particularly blockchain-based e-voting solutions, have attempted to solve this issue. They have however run into a variety of problems: intransparency or too much transparency, hardware and/or software vulnerabilities, among many others. Nonetheless, Partisia Blockchain’s MPC technology could help in solving many of these issues. MPC could be used to assure the privacy of a voter’s ballot, while showing votes being tallied for specific candidates in real-time. The election results could be publicly auditable and contestable and voters could be able to track their own votes. This kind of solution could in theory ensure safe, transparent and auditable elections, while keeping people’s votes secret.
Partisia Blockchain Foundation is dedicated to facilitating innovative solutions to real-life problems. Democratic innovation is one of the fields we are proud to contribute to.
Please contact us, if you have any questions about how our technology could enable better governance or if you think your organization could benefit from our technology.
Contact information: build@partisiablockchain.com
Website • Twitter • Discord • Telegram • LinkedIn • Facebook • Instagram • GitLab • Medium • YouTube
In 2018, the European Union’s General Data Protection Regulation (GDPR) came into effect, causing a wave of changes to terms and conditions in your favorite applications across the globe. GDPR aims to increase people’s control and rights over their own personal information and heavily penalizes companies that infringe on these rights. Infringing on the rights of EU citizens laid out in GDPR could result in a fine of €20 million or 4% of the annual global turnover of an enterprise, so compliance is strongly incentivized. This new regulation is widely considered a major turning point in data protection and privacy rights, starting a policy diffusion of similar data protection laws across the globe. GDPR is law in every member country of the European Union and establishes a “single data market” within the EEA. Similar regulations have also been adopted in California, Chile, Japan, South Africa, Argentina, Turkey and Brazil, among others.
GDPR (as well as many of the similar regulations) involves multiple core tenets, among others setting out the principles for which personal data can be used and processed. Lawful purposes of the use of personal data and the digital rights that citizens have over their personal data. While there are many different compliance aspects of data protection regulations, such as GDPR, here are a few examples of how our technology could help your organization stay compliant:
GDPR requires organizations processing personal data to transform the data in such a way that it cannot be connected to the person it was collected from (pseudonymization). Partisia Blockchain could help an enterprise disassociate a person from their (encrypted) data, assuring such pseudonymization through the use of multiparty computation (MPC) technology. This pseudonymization can also be done in a way to allow for continuous collection of data from the same individual, if required for e.g. a longer-term study.
Furthermore, the concept of MPC also can also aid in maintaining an individual’s control over their data, as e.g. the concept of MPC secret sharing can allow for useful outputs being generated without compromising the underlying data (see Multiparty computation: The beacon of privacy solutions explained). MPC (especially combined with a blockchain) can also therefore increase the security of personal data, as the data and calculations are all run in a decentralized fashion by nodes that are all independent from each other. Partisia Blockchain’s nodes and their operators are all independent, run independent systems and have been vetted for cybersecurity by Partisia Blockchain experts.
Another right laid out by GDPR is the so-called right of access. This is the right of people to be able to see how their data is being processed and with whom it is being shared. The ledger kept on a blockchain could help an organization provide an immutable record to ensure this right. For the same reason, the blockchain could help organizations provide the record of processing activities required for GDPR-compliance under certain circumstances as well. As opposed to some other blockchains, Partisia Blockchain also allows for the possibility of private data to be removed from the record. Essentially meaning that data entered into the blockchain can be erased later on, allowing for compliance with GDPR’s right of erasure (the right for people to have their personal data removed from a database).
Lastly, the geographical location of servers used to process personal data could sometimes mean the difference between compliance and a criminal offense. Partisia Blockchain’s jurisdiction management v1.0 allows organizations’ developers to specify the geographic location of nodes to be used in calculating personal data. This could for example allow for private data from the EU to only be sent to EU-based nodes, ensuring that the integrity of the single data market and the data rights of EU-citizens are not breached.
Partisia Blockchain is committed to empowering others in solving real-world problems using our cutting-edge technology. Data rights and data privacy challenges are two of these problems.
Please contact us, if you have any questions about how our technology could enable data privacy or think we can help your organization in improving its data protection architecture.
Contact information: build@partisiablockchain.com
Website • Twitter • Discord • Telegram • LinkedIn • Facebook • Instagram • GitLab • Medium • YouTube
The point of this document is to provide the shortest (and most intuitive) possible introduction to each of the technologies mentioned in the title. I hope I succeed in this endeavor.
The technologies in this document all — with exception of differential privacy — deal with “secure” computation on data. At a very high level, this means they can be used to perform an arbitrary computation on one or more pieces of data, while keeping this data private.
Secure multiparty computation, which is what we do here at Partisia, is the term for a fairly broad class of protocols that enable two separate entities (called parties) to compute a function, while revealing nothing except the output.
An MPC protocol typically proceeds in three phases: First the inputters secret-share their private inputs. This step can be thought of as each user sending a special type of encryption of their inputs to the nodes doing the computation. The encryption ensures, for example, that at least two out of three nodes are required to recover the input, and thus, we get a security model that relies on non-collusion. It could also be the case that all three nodes must collude to recover the input — in this case, we have a full threshold model (since all servers must collude to break privacy).
The next step involves the nodes (the servers A, B, and C) performing the computation on the encryptions (i.e., secret-shares) received in the input step.
When the nodes finish the computation, they will hold a secret-sharing of the output. Each node’s share is returned to the users, so they can recover the actual output.
As might be inferred from the figures above, MPC works particularly well if the computation nodes are well-connected. Indeed, what makes MPC expensive to run is all the data that the nodes have to send between each other.
MPC have been actively studied in academia since the early 1980s and there are a lot of good resources available to learn more about it:
Fully homomorphic encryption (FHE) solves a very old problem: Can I have my data encrypted and compute on it too? FHE is a tool that allows us to not only store data encrypted on a server, but which allows the server to compute on it as well, without having to decrypt it at any point.
A user encrypts their private data and uploads it to a server. However, unlike a traditional E2EE (End-to-End-Encrypted) scenario, the server can actually perform a computation on the user’s private data — directly on ciphertext. The result can then be decrypted by the user using their private key.
FHE, unlike MPC, relies on clever cryptographic computation, rather than clever cryptographic protocols. On the one hand, this means FHE requires less data to be sent between the server and client compared to MPC. On the other hand, FHE requires a lot of computation to be done by the server.
Practically speaking, FHE is slower than MPC (unless we have an incredibly slow network, or incredibly powerful computers).
Practical FHE is a relatively new technology that only came about in 2009. However, since then it has received quite a bit of interest, especially from “bigger” players like Microsoft or IBM.
Partisia Blockchain supports FHE solutions.
While both MPC and FHE allow us to compute anything, zero-knowledge proof (ZKP) systems allow us to compute proofs. In short, ZKP allows us to compute functions where the output is either “true” or “false”.
ZKPs are incredibly popular in the blockchain space, mainly for their role in “rollups”. The particular type of ZKPs used for rollups are ZK-SNARKs, which are succinct proofs. In a nutshell, a succinct proof is a proof whose size is some fixed (small) constant, and where verification is fast. This makes smart particularly useful for blockchains since the proof and verification are both onchain.
That said, ZK rollups don’t actually use the zero-knowledge property — they only use the soundness and succinctness properties of the proof scheme.
Soundness simply means that it is very difficult to construct a proof that appears valid, but in actuality is not.
ZKPs, like FHE, takes place between a single user and a verifier. The user has a secret and they wish to convince the verifier about some fact concerning this secret, without revealing the secret. ZKPs don’t designate a particular verifier, so anyone can usually check that a proof is correct.
The final private computation technology I will talk about here is trusted execution environments. A trusted execution environment, or TEE, is basically just a piece of hardware that is trusted to do the right thing. If we trust this particular type of hardware, then private computing is clearly doable.
TEEs, being hardware, are tightly connected to some hardware vendor. Often when TEEs are mentioned, what is really meant is something like Intel’s SGX or ARM TrustZone. SGX is the TEE used by Secret Network, for example.
The security model of TEEs is fairly different compared to the other technologies I have written about so far, in that it is a lot more opaque. Vulnerabilities have been demonstrated in different iterations of different TEE products, especially SGX.
Differential privacy is radically different from the previous technologies. (In this discussion I will exclude ZKPs since it does not allow general computations.)
While MPC, TEE and FHE all provide means of computing something on private data, they do not really care about what that something is.
For example, it is possible (albeit pointless) to compute the identity function using both MPC, TEE and FHE.
This is because MPC, TEE and FHE allow us to compute anything. In particular, they allow us to perform computations that are not really private.
At this point, we may ask: Well, why would we perform such a silly computation on private data? For some computations, it might be easy to see that it is not private (in the sense that the original input can easily be inferred from the output). However, there are many computations that are seemingly private, but which can also leak the input if we are not careful. For example, it has been shown that it is possible to extract machine learning models, simply by querying a prediction API. In another example it was shown that it is possible to extract the data that a model was trained on.
These issues all arise because there are no restrictions on the computation that is performed. Differential privacy tries to fix this.
Differential privacy is used to provide a fairly intuitive guarantee. Suppose we are given two databases A and B. The only difference between these two databases, is that a particular entry R exists in A but not in B. Differential privacy now states that, no matter which type of query we make on the database, we will not be able to guess whether we are interacting with A or B.
Naturally, this means that some queries cannot be allowed. For example, it is not possible to obtain differential privacy if one can simply ask “Is record R in the database?”. Generally, differential privacy is obtained by adding noise, or synthetic data, to the database as well as restricting the type of queries that are allowed.
What makes differential privacy different from MPC, TEE and FHE, is that differential privacy makes guarantees about the output of a computation, whereas MPC, TEE and FHE makes guarantees about the process of arriving at that output. In summary:
This also means that differential privacy is not in direct “competition” with MPC, TEE or FHE, but rather complements them.
While each technology has its specific advantages and use cases, it is our feeling that Partisia Blockchain’s MPC, backed by 35 years of research and practical implementation does seem to provide the most overall coverage of all possible scenarios with very little drawback.
Website • Twitter • Discord • Telegram • LinkedIn • Facebook • Instagram • GitLab • Medium • YouTube