Trusted Computing

Trusted computing is not a new idea but it is now a hot topic because of Bitcoin. We now know that we can trust bitcoin's blockchain more than we can trust the banks and the governments. We trust bitcoin's machines to do money storage, transfer and verification procedures because there are thousands of those machines and they all do exactly the same verifications and then vote out the rogue players. But this is not the only possible model of trusted computations and other models, like SNARKs are emerging. We believe that a combination of the blockchain, SNARKs and the verification market will drastically change how we trade and govern.

#Trust in a decentralized market Trusted computing means that we can obtain a proof that hackers did not compromise computations and did not change the data, an increasingly important problem in the age when $1B bank heist across 20 countries and a hundred banks is a reality and a dozen other breaches with hundreds of million of medical and financial records were stolen in the last 2 years.

But it goes further than protecting our machines behind corporate firewalls and home routers. Trusted computing, implemented in software, means we can let an untrusted computer do the computations. That untrusted computer can today be a collective network of competing miners on a blockchain, but soon, it could be just a single machine, e.g. yours, your service provider's, your business partner's, etc. Trusted computations along with the proof-carrying data (blockchains) eliminate the need for a marketplace operators or an agency to serve as a controller and verifier.

The application we are exploring here is the Tradenet - a commercial open environment that allows any person or a group to engage in a safe and self-regulated commerce globally without unnecessarily trusting third parties, such as marketplaces. We often call this environment an un-market, a decentralized marketplace, a Tradenet. Tradenet is a vision shared by our partners at decentral.network and Meeco.

Another application of trusted computing is person's sovereignty over their life choices and their data, a goal pursued by our friends and partners at Meeco. Instead of giving out our data, like we do today with Social networks, Search engines, email, etc., we could allow a fine grained access to questions about our data, like geo-boundaries "are you in the vicinity of ...?", like finance-boundaries - "can you afford a monthly payment of $...", etc.

But the implications of trusted computing are much bigger, extending to fair governance (public and corporate), countering massive surveillance in developed world and the censorship by nation states - our society is about to be transformed.

The breakthrough tech

Zero Knowledge Succinct Non-interactive ARgument of Knowledge (zk-SNARK) is considered the biggest breakthrough in crypto today, as it provides a software solution to trusted computing, or computational integrity. Prior hardware based solutions, like secure elements, trusted zones, etc. were limited and expensive. SNARKs goes further as it provides the proof that certain program was faithfully executed, even on an untrusted computer. This means the proof can be generated in the cloud and verified even on the low-powered mobiles.

Although SNARKs are not yet fast enough for generic programs, they are becoming practical for small, manually optimized programs.

Zerocash is the most mature practical implementation of zk-SNARKS today. It provides a public ledger with the same guarantees as bitcoin without revealing transaction's sender, receiver and the amount of funds.

Transactional stats, oversight, compliance

The most exciting aspects of SNARKS is its ability to provide yes/no answers to questions without revealing the underlying sensitive data.

• securities compliance, e.g. typical public company reporting, like SEC 10K forms providing investors with summaries of company's sales and operations. This voluntary reporting will be especially important for the new assets issued on the blockchain.
• AML compliance, e.g. there were no transactions over $10K during any 10 day period.
• FATCA compliance, e.g. there was a maximum of $20K in funds in US person's foreign account.
• IRS compliance, like a proof of tax-deductible transfer to a non-profit, without revealing the exact non-profit.
• public oversight, e.g. bank or exchange solvency proof.
• creditability, e.g. I can pay this apartment's rent as it is less than 3rd of my income. Similar with loan applications.

Eventually, when SNARKs mature the proofs can get more sophisticated and we will even be able to implement an IRS on a blockchain :-). This unlikely to happen soon in the US, but quite likely in the new free trade zones, that good people at Startup Cities are working on. Startup Cities are putting the whole society's fabric on the blockchain, a dream shared by the Bitnation.

Verification

Trusting code. Trust allows people to connect and participate in commerce and social activities. First time in history we can create a trusted market without a human intermediary. We can now enforce policy, business rules and money dispersement with the help of trusted computing, removing the need to trust individuals, companies and governments. The key element of trusting code is that the proofs of code executions are stored on-chain and verifications can be done by the third-parties.

Trusting endorsements. As with proofs of code execution we now have the ability to express, accumulate and reward trust and keep an irrefutable history of these statements on chain, which provides universal access to the records. The chain, serving as a shared data layer, allows us to create a decentralized verification market where independent actors, individuals and companies can express endorsements and attestations. E.g. one form of attestation is the KYC process. Tradle extends the blockchain to make this market privacy conscious, so that all the transactional data are under the control of their sovereigns. One might say this is no different from trusting a cloud and a SaaS provider. The difference is:

• you are not bound to one trusted party, like in a SaaS app. Here you have a choice which endorsements to trust.
• service provisioning and endorsements are unbundled, so there is less conflict of interest

Endorsements are similar to PGP's web of trust, with many improvements, like objects on-chain and especially Identity on-chain, public signing on-chain, elliptic crypto, etc. PGP was groundbreaking, we need to learn from it and move on

Further development

• extend Zerochash concepts to any transactions, like orders, invoices, shipments, verifications, extending the same privacy guarantees to non-monetary transactions.
• use Zerocash approach for DHT hardening, allowing DHT nodes to protect themselves against sybil attacks, by verifying that the new DHT entry has a corresponding one and only one transaction on the blockchain without revealing which one. The privacy here is important to protect not only encrypted data but also the location of the data. If attacker knew the blockchain transaction, he would be able to target specific data for brute force decryption. In this scenario attacker does not know who the data belongs to and this makes such an attack computationally impossible.
• it may be possible to implement Zerocash on bitcoin, using blockchain + DHT.

Resources

• Scipr - international lab behind SNARKS and its applications, like Zerocash.
• MIT Bitcoin Expo talk by Madars, Zerocash developer and current libsnarks maintainer.
• The transcript of the above talk.
• Geppetto team claims their recent advances are 5 orders of magnitude faster than SNARKs, plus they are using LLVM, which will let a program in any language compile into verifiable programs. No open source code yet, unlike the libsnarks.
• ADSNARK team claims 20x speedup over Pinoccio, the Geppetto's predecessor and shows examples of health trackers, smart metering, financial audits, where service provider can trust computations performed on the data by the user.