Note: If you’re not familiar with Chainlink, make sure to go through my previous article first: “Chainlink: A Fundamental Analysis.”
Before we start, here are some key terms to know:
- Blockchains are essentially very secure, distributed, and decentralized databases.
- Smart contracts are lines of code that automatically execute a function when given an input — just like a vending machine.
- Chainlink is a form of digital infrastructure that secures data transmission.
Smart contracts, such as high-value smart derivatives, need real-world data from off-chain sources in order to execute. They need a software agent called an oracle to fetch said data, parse it, and feed it to contracts on the blockchain. Chainlink is a decentralized oracle network that eliminates any single point of failure in a smart contract by allowing multiple independent oracles to feed data into these contracts. For a more in-depth look at how the network works, check out my other article: “An In-Depth Look at the LINK Token.”
A few years ago, Chainlink acquired Town Crier, which allows oracles to use trusted execution environments (TEEs) like Intel SGX, to minimize attack vectors that could be exploited on the oracle hardware itself. This greatly enhances privacy, reduces the amount of resources needed for on-chain computation, and ensures that the data being relayed by oracles is secure and tamper-proof. However, the main issue with using Town Crier is that TEEs are vulnerable to side-channel attacks and more recent attacks such as Foreshadow.
Presumably, to address these concerns, Chainlink recently acquired DECO (short for Decentralized Oracle), the first privacy-preserving oracle solution that does not require the use of trusted hardware or server-side modifications. DECO utilizes existing Transport Layer Security (TLS) schemes that allow oracles to participate in a TLS session while only gaining access to the exact data that it’s trying to verify, through the use of zero-knowledge proofs and multi-party computation. For those who are unaware, TLS is a protocol that encrypts internet traffic of all types, the most common being web traffic. When your browser is connected through TLS, the URL in your address starts with “https.”
Almost everything we do on the internet relies on strong encryption methods. Nobody would store their credit card information online if that data was being sent to the server in plaintext, making it easy for third parties to steal. Protocols such as TLS allow data to be transferred over the internet in a private and confidential way, allowing users to trust that their data will not be snooped on. E-commerce and the boom of the internet really took off once these encryption methods became widespread, allowing both institutions and individuals to trust that their private data, such as bank account information, would be protected while on the internet. Currently, the blockchain space has many similarities to the internet before widespread encryption protocols, but privacy-preserving solutions like DECO and Mixicles are paving the way for new exciting applications which can only be built with strong privacy guarantees.
To give an example of how DECO works in the real world, imagine a situation where Alice, a university student, wants to open a bank account. First, she needs to prove to the bank that she is over the age of 18, which is the required age to open a new bank account. She could send the bank a picture of herself with documentation such as her driver’s license to prove her age, but this would be easy to fake using deep fake technology. She could also use third-party API access via OAuth tokens to prove her age to the bank, but these tokens reveal user identifiers which would not preserve her privacy.
Using DECO, she could instead use the credentials in existing systems, such as her university website, to prove to the bank that she meets the age requirements, all in an anonymous manner. She can also provide this proof of age to any third party, such as a hospital seeking consent for a medical test or a state agency issuing a license. DECO is the first system that allows this type of exchange to occur, where users can turn any web-based legacy credential into an anonymous credential without any need for trusted hardware or server-side support.
In order for widespread adoption of decentralized applications to take place, there needs to be an easy way to produce decentralized identities for each person in the world. Such a task can only be possible with techniques that preserve the privacy of each person when interacting with these decentralized systems. Using DECO, verifying the identity of each person, while making sure that their data is not being leaked to oracles or blockchains themselves, allows for a plethora of new applications to be built on these distributed networks. A very interesting decentralized identity system with legacy compatibility, sybil-resistance, and accountability called CanDID utilizes DECO to port identities and credentials securely from existing web services.
In the future, users won’t be logging in with their usernames and passwords; instead they will use their public/private key pairs tied to their decentralized identities. The user experience for these sites will be just like using centralized sites, the only difference being that they are using distributed networks as the back end. If a user wants to buy something with their bank account using a decentralized application, they will have to prove whether they have the off-chain funds to pay for it, which can now be done using DECO without compromising any information.
Blockchain addresses can be simplified with decentralized identities as they can be turned into human-readable names in ways that are verifiable by DECO. Chainlink has already been working on human-readable Ethereum names and Twitter handles being added to blockchain addresses. This can only be expanded upon with DECO, as private information can finally be used on blockchains without compromising the privacy of the underlying data.
With the newfound ability of users to have complete autonomy over their data, they can choose exactly what they want to be verified. If an institution requires an age of a user, why do they need to know their address too? This is the way it works currently when a user provides their driver’s license or identification card, giving up a bunch of private information that is not related to what is being verified. With new applications enabled by DECO, users will be able to choose exactly what data they will provide, enhancing their overall privacy.
For example, DECO can remove the ability for websites to price discriminate. This type of discrimination occurs when identical goods and services are sold at different prices by the same provider. Online websites adjust prices based on certain information they gather through consumer tracking, such as customer zip codes. DECO can provide privacy to users by hiding sensitive information, such as their address, to prevent this from occurring.
Another exciting application for DECO is the creation of confidentiality-preserving Decentralized Finance (DeFi) instruments. Governments have a lot of regulatory concerns pertaining to the lack of privacy on public blockchains, and rightly so. With DECO, information can be verified by oracles off-chain without ever needing to publicly display that information. Mixicles previously showed how oracles can enhance the privacy of on-chain smart contracts by obfuscating its outputs. However, a basic Mixicle implementation reveals the details of the underlying financial instrument to the oracles dealing with the contract. By taking advantage of DECO, the execution of these types of contracts can be done without revealing its details to the oracles involved.
Utilizing privacy-preserving methods like DECO, blockchains will be able to handle private data without revealing them to the public, unlocking the true potential of blockchain technology, just like widespread encryption protocols allowed the internet to go from sending e-mails to a phantasmagoria of new applications.
Follow me on Twitter: @kwsantiago
Feel free to tip me: 0xC408105508BA51bACC5Bb3Ea1D13dA3206618858
This article is for information purposes only. None of what was stated in this article should be construed as financial advice.