Privacy Smart Contracts: What can be kept private?

doc · 25 July 2020 06:45

TLDR: Does incognito have a private version of smart contract, and if so, can both the inputs and outputs of that contract be kept private/encrypted?

I have been doing research and development on several distributed computing techniques/technologies, and have been working with some members on my team about looking at a distributed neural network on blockchain.

I have been looking into DeepRing paper and DeepChain paper using federated learning approach.

My specific question is about the privacy smart contract that was developed for Incognito, is there more places I can read about how it brings privacy and what parts are able to be private? I read the following post, but was wondering if there is any other sources I could check out that talk about the overall process and capabilities:

I am specifically looking at what parts can be “shielded” (or private), as I am trying to understand what parts of an ANN/DNN (inputs, outputs, model, weights, etc.) could be kept in a private state. Any direction/guidance on papers/write ups/etc on this topic would be awesome.

Mike_Wagner · 24 July 2020 05:53

The whitepaper is a good place to start, the first few chapter discuss the tech in detail with some linked notes:

Some info on the Bond Smart Contract info here:

Privacy protocols leveraged:

You might also ping @duc for more specific info.

doc · 24 July 2020 06:13

Thanks for following up @Mike_Wagner. From what I am seeing, it looks more like pApps on incognito are only private from the standpoint of what wallet is requesting the smart contract function to be executed… At least that is what I got from this post:

From what I am reading here, it looks like the smart-contracts are still run on Etherum and there is not a specific type of smart contract for incognito that creates an end-to-end privacy smart contract.

I am fairly new to smart-contract programming, so I am not sure if I am missing something, or if there is a way to have a smart contract that exist only on Incognito, and if so… can the inputs and outputs of that contract be kept private? I have looked through the whitepaper as you suggested, but I am not 100% clear on the separation of the two platforms (Eth/Incog) when it comes to dApps, and more specifically pApps compared to currency trading/swapping. Some of the confusion is probably just my naivety on the topic. And i don’t want to go down a long rabbit hole of digging through the code and algorithms, if I am just completely off base and there is no way to gain the level of privacy I am thinking with a pApp on Incognito.

Would appreciate any follow up form @duc or anyone else that has more insight if this is a feasible (or even possible) direction to consider

duc · 27 July 2020 06:58

hey @doc, you’re right, pEthereum doesn’t want to try to build a complete privacy layer on Ethereum smart contract. We only try to help dapp developers who want to bring privacy (or anonymity for more correctly) feature to their users instead. In other words, through pEthereum’s provided functions (eg., shield, deploy, execute, undeploy, unshield), users of an existing/newly created dapp can request the dapp’s functions anonymously.
This is a high level idea of pEthereum, i hope this could answer your question and if you find something that is not clear, feel free to let know, thanks.

doc · 27 July 2020 14:00

hey @duc. Thanks for jumping in conversation.

Is it possible, even if not on current Incognito roadmap, to have a privacy Smart Contract on incognito, where both inputs and outputs are kept encrypted? So everything that is visible on the blockchain is private and encrypted. A simple example that would meet my use case, would be performing a matrix multiplication on an input set of numbers, performing a transform that is saved as the output…

If that is possible for this use case, on the incognito network, is the mathematical operation stored in privacy smart contract performed on validator without every decoding the data set? Something like how a homomorphic database can run queries on the encoded data and return an encrypted result, and the server running query on database never has to decrypt anything?

If that is the case, is making a privacy smart contract system for Incognito more of a research project, where figuring out how to even perform a calculation like that is not known, or is it more that the process is theoretically known, just would take a large effort to build out all the pieces to make it work on chain?

duc · 28 July 2020 03:28

@doc, that is really interesting (and ambitious) idea. But as you could know, building a completely brand new EVM on a blockchain is not trivial, especially privacy supported as a first class citizen in it. This stuff might take ages to build and make it secured. To be honest, we visited the topic sometime in the past and opted for going with pEthereum first as a practical solution for now.

Currently we’re working on something thats more prioritized and probably will get back to the topic at some points in future. Again, really appreciated for your contribution on this area!

doc · 28 July 2020 14:51

@duc Thanks for following up, sounds like it would be more of a research effort than a development effort from your response. If it was more of a resource problem than a “is it even possible” or open research problem, I wanted to think through how I could utilize the resources at my company to help pursue this concept. But going into a long research hole, where the theoretical approach is still unknown, would be hard sell to my partners. If that characterization of the problem is off base, please let me know.

duc · 29 July 2020 04:41

I guess it’s an open research problem when we haven’t had a chance to dive deeply into this area yet. There are a few points for you to explore in case you find it interesting:

Build and integrate an EVM to a sharding blockchain (eg., Incognito chain)
Support primary cryptographic functions on the EVM
…

As I’ve mentioned the core team doesn’t have a plan for these yet (at least in the short term) so perhaps you need to do the research independently but if you have any questions about Incognito chain and its components then everybody in the core team would love to have discussions with you, thanks.

doc · 30 July 2020 04:03

Thanks @duc I reached out to a few of my colleagues at the university and also came across the DERO (https://dero.io/) project. This project is saying in the next few months they will be launching an end to end, fully homomorphic encrypted smart contract on their testnet… so it seems that the concept should be theoretically possible at this point. My area is mostly in distributed computing and machine learning, so the homomorphic encryption is something I only have a cursory knowledge of, but looks like it has progressed quite far since the last that I have looked at it, and NYU MoMA lab has 2 different fully homomorphic encrypted (FHE) virtual machines… so this is looking more like a very intensive development effort, rather than … is it even a possibility (as far as ability to have a FHE executable code).

Horus87 · 21 August 2020 14:02

There is also X-network, they want to create a platform for creating customized privacy sidechains, also with smart contracts. Currently they are working on a new consensus based on delegate proof of stake but using reserve proofs for the voting system, so an early stage. But the aim is to create a platform with many use cases, also for businesses.

doc · 21 August 2020 22:31

That is really interesting… I looked into it a bit, and their FlexPrivacy is really a very cool concept. Incognito is fantastic, but for some business applications the complete privacy is a hinderance, where the receiver does not know who sent them a payment, or tracking of some information that you do want to publicly auditable… The ability to privatize some transactions, but keep other open is really a great concept for some business use cases.