Guy Zyskind: Secret Network – Bringing Privacy to Blockchain - podcast episode cover

Guy Zyskind: Secret Network – Bringing Privacy to Blockchain

Jan 09, 20221 hr 2 minEp. 425
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Formerly Enigma, Secret Network is a blockchain-based, open-source protocol built using the Cosmos SDK. It uses Trusted Execution Environments on nodes to marry privacy-by-default with smart contracts.

We welcomed Guy Zyskind, Founder & CEO of Secret Network, back on the show to chat about the progression of the project into the new protocol and why this is now built on Cosmos, advantages and drawbacks in using Trusted Execution Environments and SGX technology over cryptography only, and why people might want to keep NFTs private.

Topics covered in this episode:

  • Guy's background and how he got into crypto
  • How Enigma/Secret Network evolved
  • Why the Switch to Cosmos?
  • Trusted Execution Environment and SGX
  • The levels of privacy within the network
  • Why CosmWasm?
  • The future of SGX computation
  • Secret contracts interacting with other IBC enabled chains
  • The types of applications running on Secret today
  • NFTs on Secret

Episode links:

Sponsors:

  • ParaSwap: ParaSwap aggregates all major DEXs and makes sure you beat the market price at every single swap and with the lowest slippage - paraswap.io/epicenter
  • Chorus One: Chorus One runs validators on cutting edge Proof of Stake networks such as Cosmos, Solana, Celo, Polkadot and Oasis. - https://epicenter.rocks/chorusone

This episode is hosted by Sunny Aggarwal & Friederike Ernst. Show notes and listening options: epicenter.tv/425

Transcript

This is epicenter episode. 425 with guest Guy is a skinned. Welcome to epicenter the show which talks about the Technologies projects and people driving decentralisation and the blockchain revolution. I'm Sonia Agarwal. And I'm here with Frederick Ernst.

And today, we're talking with guys just skinned, who is the founder of secret Network, which is a, well, not really a new but it's actually a quite a, you know, Around for a long time actually, and we actually had guy on what maybe four years

ago. I think 2018 and back, then the project was called Enigma. And so since then it's gone through a number of evolutions and became what it is today, called secret network, but still focus on the same mission of bringing private smart Contracting to the Crypt averse. So what we'll talk a lot about with guy about secret network, but first we'd like to tell you a little bit about us. Sponsors for the week. First one says, para Swap.

And with Power Swap, you can beat the market price every single block, it's fast and highly liquid and just launched their version 5, which has a new contract and new apis. It has a more modular infrastructure with it, which is more gas friendly and now supports free approvals using a theorem permit messages. They also recently added support for Avalanche polygons and PSC and you can always use Periscope with your Ledger device right in their life. Go to Paris op dot IO and get started.

Are your crypto assets sitting idle in your wallet. Start earning rewards and contribute to the network security by staking. With course one ass, taking provider, securing over five billion dollars in assets. Over 25, decentralized networks, including Solana Cosmos a theorem and secret Network interested in running.

Your own branded nodes. The manage white label note as a service offering leverages choruses ones highly available and proven infrastructure, enabling you to participate directly in decentralized Networks. If you have been a loyal Solana delegator with course one, make sure you check your wallets in the first-ever major nft drop by any. Validator course, one will be

dropping over. 3,600 exclusive enter keys to its Salon Adela Gators, according to their delegation profile in December 20 21, but if you missed out on this airdrop, don't worry, you can still participate in the upcoming airdrops for Cosmos change by simply delegating the chorus 1 notes head over now to Coruscant. To begin your stating Journey. So guys, welcome back onto the show, you know, as I mentioned, you've bet you were here long time ago back in 2018.

And so, you know, hopefully, we've gained a few listeners in that time. And so maybe for like, any of the newer listeners who maybe didn't listen to the previous episode, you know, can you can maybe start off with telling us a little bit about your background and how you got involved in crypto? Sure. So first of all, thank you for having me. Again. It has been a long time. So I'm excited to be here. Epicenter is always been my

favorite podcast about myself. I've been in the crypto space for you know, six since 2013, 2014 depends on how you count 2014 is really worried. When I dived in. I started, I started grad school at MIT and there was just before I started grad school. There was this.

MIT Bitcoin hackathon, which will build a cool product for this is like pre cerium even and we want that hackathon and that got me kind of like excited and I like what we can do with this technology and I went to my professor and tell them. Look, I wanna I want to focus like my research, my work on this like emerging technology. So, you know, fast forward in. It beat. I very quickly became Stood in, you know, how how blockchain can have inherent privacy.

Not just in the transactional sense, not just be like the Z cash or Minerva way or transferring assets with privacy. But if we're thinking about blockchain is like, you know, these these more involved like replicated State machines more involved decentralized Cloud computers. Then show leaders need to be a way to handle sensitive data in those. Web 30 applications. So I focus on that. I focus my entire research on it.

I wrote a few papers. They got a bunch of citations pretty, pretty substantial citations. And that kind of led to the illegal project, which I spun out as a company, 2016. And then in 2017, we did within Nico and we started building that Network 2017 we did. And And token sale for enigma with the idea of building a network, not necessarily blockchain, but a network that allows it to run privacy-preserving computations and you know somewhere between 20 around 2019.

We kind of realize that it's not working the best way that was about the same time that Cosmos was about. I think either just released her there is decay. I was about to release the res Decay. I was really fascinated. I was actually very fascinated by ten American senses. And then I looked into the SDK and said wow, this is this is like much better.

Like we should be using that and then we pretty much a scratch everything and then it's kind of like the between end of 2019 and 2020. Just like rebuild our architecture around Cosmos SDK. And every 2020 released, you know, secret Network, we use a different brand to kind of distinguish. It, it had a new coin called secret. And then in September 2020, we actually launched like the, the, the Privacy capability. So basically, in secret Network you have the ability to run

encrypted smart contracts. We're both the inputs, the inputs, the the contract State and the outputs are many decrypted and you can basically build end-to-end decentralized applications with privacy and the network has been growing substantially sense. I think one of the bigger Cosmos that changed today and yeah, that's that's kind of like the history from 2014 to 2020. Thank you.

That was very comprehensive and I'd like to dig into the switch to Cosmos. So basically, you said that the cosmos SDK was just a lot better than your previous technologies. That can you kind of expand on that a little bit. Yeah, I mean look our core offering our core capabilities is like how do we build privacy into smart contracts and pre Cosmos like like, you know, there was an option to four key

Theory or more do that. But that really didn't that didn't really work well and we didn't want to do it.

So we started building our own P2P stack, are on some, some kind of consensus a, it wasn't really consensus because We were relying on the female form for consensus, but we spent like I think 80% of our development are testing like building that infrastructure that, you know, it was just a waste of time like like that's not what we're going to focus on and then Cosmos gave a great SDK truth be told at the time. I think it improved today. But anytime the SDK was great.

The documentation was horrible, so it took us longer to get Like fully on board than working with Kosmos, then we could have have like today but still like all the parts are there and instead of like focusing on building the P2P live and a consensus little, we have that forgiven and we can just focus on the other aspects of our technical stack. So, how whether the reactions from the community, when you rebranded and switch, Tex Tex? So people were confused. We were selling ourselves for a

long time as an l23. Fiery. Mm is an L2 to other other changes. Like, at that time, people did not believe in it in a cross chain world. Like, everything was like, it is smart content. That relates to Smart. Contracts was like, no, no, no, everything has to be on the etherium, like, what are you guys doing? So, we got mixed reviews, but we didn't care. Not that much. I mean, it's always better to get good feedback. But like we just knew this was the, this was the right approach.

And I think, you know, in the test of time, it's pretty proven that this was the the right course of action. We've looking back. Is there anything you would have changed and how you how that process went? There's one element, which I think the jury is still out on. So, at that time, cause them wasn't was just started on, it

was still a prototype as well. We've actually helped cause and wasn't quite a bit like one of our team members became a cult contributor to cousin was them and I think there was a big question like whether we are doubling down on closing walls and webassembly or focusing, Evm, which is kind of what if Mars is now trying to do. My gut feeling, is that, you know, we made the right call. I do think that during the cousin was a webassembly fruit, is the better approach.

I feel that that's what caused Moses is, consolidating around. So I think it was the right decision, but I'm still not sure. I think we'll know that in a year or two. Would it be possible, you know, to like first you could Network to support multiple VMS in the future or is you know, is the goal really do? Like focus on like, you know, you lose composability benefits and stuff. Like if you start to do that.

Yeah, it gets complicated. You most likely lose composability and we're not 100% sure like it. Maybe it's a matter of effort. So supporting multiple VMS is a lot of effort once you stuck with one. Now we can do it. But you know, we are still is fairly small team in terms of the developers. Not the Apple system is big one in terms of code developers will still small. So nacho that's like where we want to put our effort in. Maybe. And in that case. Yes, we start to run run across

problems, like composability. Other types of like Integrations. Yeah, it becomes there will be trade-offs for sure. So guys, I'm let's talk about the secret Network. So that is, if I understand correctly and there's currently 50 nodes. So, basically, how is it determined? How many nodes can participate, 70? Sorry. Okay, and why is there an exact number? Right. So we initially we set it to 50 notes. The reason was that, you know, in our Network, one thing.

I didn't mention that, you know, this is One requirement for rounding. The validate, only secret Network that other networks don't need, and that is you have to use sgx. We use secure enclaves to achieve privacy that combined with like security and encryption protocols. And there is Some some costs associated to it. So like, you know, if you run it without sgx, it's not like orders. It's not like, you know multiple times faster, but you do get

some some speed reduction. And so we thought that starting with like, you know, 50 nodes basically smaller than I think the 100 or 150 that cause most shows and other changes chose. We felt that was the right number. It wasn't an issue until like the last six. Also in around six months ago, when the network was starting to grow really fast. Like we got, a lot of people want to become validators and that's why there was a network vote to increase that to 70 reasons.

So you're right was 50, but recently, it was increased to 72 to a vote. And I do think we will, I think we'll extend it over time. We've also a lot of our work for the next scene is around improving. Like the vam and like, you know, making that work faster and I think as we do it, I will be easier to grow the number of nodes guy. I think probably about more than 50% of the listenership familiar with what s GX is, but maybe for the rest. Can you in a nutshell, explain

what? A trusted, execution environment is and what kind of trusted execution environment sgx is Sure. So I trusted execution environment basically is, is kind of like a segregated piece in like your process or your memory, which basically is complete like completely walled out for anything else happening in that system and no one can probe into it. Not even the person owning that physical machine. It's essentially a generalized how it will let you know.

How do wallet. Is essentially a piece of Hardware where it allows you to run one computation which is to sign from the actions, but but you can't probe into that wallet and actually extract the sensitive data, which is the private key. So sgx works very similarly, but it allows you to run any kind of computation and then any data that you push into that Enclave into that trusted execution. Environment can't actually be seen. By anyone not even the validator running the running the machine

just one quick note. There are different kinds of, you know, trusted execution, environments, pretty much any big vendor today, like like the that's building processors has a version of it. So arm has a version. Intel has a version It's called sgx. That's what we're using right now and AMD has its own version. How does the network know whether the notes? Trust execution? Environment is legitimate. Right. So that's one of the first things that we did. We build a registration

protocol. So that that's where we kind of diverge from like normal Cosmos. So when you add your when you join us a new validator in our Network, essentially you need to go through a registration process before you can start to validate blocks. So what you would do is you would run some code that we wrote inside of your trust and execution environment. And that code basically says, it

generates like a keeper, right? A private and public key people and then The Enclave signs it it's a process called remodeled remote at the station. And then like the the remote at the station, the signature over the generations. Public key that blob of information is the posted on chain as a proof that you're running, a genuine Enclave. So, essentially sgx and other systems. They basically allow you to verify externally that a computation has happened inside of The Enclave.

It, you know, with correspond to a specific. Perfect piece of code and it read correctly, any train on a genuine enclave. And now that's been put on chain. Everyone can validate that, you know, that new validator is running a secure Enclave. They generated this keeping inside of The Enclave.

So the private key and the well, the public is interested, but the private key that was generated never left The Enclave. Okay, and now The validator can basically take that information take that the the publicly know that this was done in a, genuine enclave, and encrypted and crypt some kind of surgery, shared seed shared, see that all validators share and put them Krypton seed on the on the blockchain. Now the validator, that's right.

Registered can complete the registration by taking that encrypted seed because we know that the private key for that only leaves in the Arc Length. We know that the validator can actually the crib that's it and see it. They pull the pull it inside of their enclave and they decrypted their and now it's you know, it's an ongoing process and in you validate or that comes in both for the process and you get into a system that the base, Sid. Is shared by all enclaves. They've been vetted.

And now and now using that seed, you can derive new keys that again, only the and playful can actually use to decrypt stuff and I would formation coming from the outside. You can use, you can use using those keys again, all of them returned to the base entropy from that seed, you can use it from the outside to encrypt stuff and then send it to the Doris enclaves. I hope that's not too dense. I don't know if if anything is confusing. I mean it feel free to ask for clarifications.

I think I just follow up on this. So just does this process. I mean, it sounds like magic little bit. So this is p. This is process actually work without relying on the excitation of Intel whichever chip manufacturer you're using. So basically can the secure Enclave prove that it's not being watched or how exactly to you come by that at the station. So the initial legislation part does rely on intelligence. It's called Intel is V. I can't remember the Intel

service verification. I can remember the acronym, but it does rely on 'i'll tell to basically. Say look, we have like that signature that remote at the station, which is essentially signature is from a genuine Enclave that, you know, we manufactured. Now, I do believe that in the next version of sgx, which we are working on, including there's flexibility that, like there's ways to do it without without actually going remotely

to endure servers. We have not implemented that yet, but if As it does exist, that said the process that we are generating that we're generating, you know, a private key and a public key pill instead of The Enclave does mean that we only have to do it once for every validator and then that point the network can really kind of like self manage yourself sovereign. Quick. Can I follow up again on the sgx?

So basically, if I have a consumer notebook, what that typically have an SG H, XO, what I have to buy a special computer to actually have that included. It used to be the case. That is actually that is actually something that, you know, our network has an infrastructure committee, which basically checks like at all times like water. Disappointed, hard words, and what you need?

I think to be fair, like we can talk philosophically if that's the right direction, but to be fair, it seems that a lot of alligators are becoming more professionals. So they're running they're not running notebooks. Anyway, they're running. You know, serious server infrastructure, again a philosophical question, but it used to be the case that like any notebook would actually have sgx support. But if they do, I think in the latest chips have decided to only do that only enable that in

servers. So the answer is no no longer or at least new notebooks to not support it. X as far as I know, but again, I think it's less of a problem because everyone in our sister in our Network are like most professional validators that are running servers. Anyway. Do you know what caused Intel to, like sort of reverse Direction on that? So we have pretty good ties with you tell. I've asked that I didn't get like a fully clear answer.

Like I think that's that's something that's very internal important for them. But my thinking is that you know, they want to focus on high like using sgx and I'm Cliff and confidential Computing in very, very high loads and that works better with servers like they want companies to provide their services. Protected by things like sgx and

enclaves less. So, originally originally the idea of putting hgx, as far as I know with every computer was so that, you know, let's say there's the you down like a company gives you an agent software that you run locally not on the server and that agent, you know, would run inside of an autoclave locally. So you is the end user and the customer are comfortable that you're soft.

Hasn't been tampered with. I think that that didn't become like, that didn't pan out as a good business Direction, and it was just costing them more money than it was, you know, giving them. Also has a little bit of a DRM solution. I remember that was sort of, like, one of the things that they were pitching early on. So only the validators need a, you know, so then I guess it's

like different classes of users. So to use secret Network, you know, I don't need to have a xgx in my own computer to just be a client, but so it gets because one is would if I just want to run a full node, not As a non validator, do I still need an SG x + 2? What kind of? How does the security model change throughout when you're not running? If you know, if you don't have an SG X in your your rely relying on about it? Like so I guess, you know, one on one side.

I feel like, you know, maybe you can even improve the like client security model from normal because you can rely on certain aspects of the sgx to prove that. But on the other hand, how do ya? I guess I'm more interesting. Is, how does the Privacy model

change then? I mean, first of all, this was mostly for Simplicity like we thought about doing like a hybrid model, willful notes don't I like somewhere between a light client and a full node and don't actually have to run as GX. It was too complicated. I mean, it's all we can do it again. It's a cost-benefit analysis. And so, so for now, even for notes, need to run. Is she ex obviously end users and clients like they don't. To, they don't need to involve.

You can check out the how the like client would work because I know this has been a big issue in many privacy coins like in Z cash, especially where you can't, you know, there is no light client that exists for seek out. So is there a like client that exists for secret? Not really, but like, you know when it comes to let specific things. So like like there's a concept of you in keys and pretty much anything that's encrypted.

Like you can give a viewing key for example, to capital L. And then like, you know, they can they can get like read-only access to like important information. So that's usually the way that we do be solving. But no, there's no proper light client yet. Yeah, so then back to the previous question.

So like what does. So, how do I like what kind of privacy guarantees do I get when I request a when I try to use secret Network, like, does the validator that I'm sending my transaction, the validators, I'm carrying information from. Can they learn about like my data? No, they the valid ID is for sure. Can't, you know, there's such a lemon? Formation and sacred itself. The coin is is not private. So there's such an information from that like in many systems.

But now when you when you send your information to a validator and then when it's, you know, Ron and edit your blog like Dave puts the state and the outputs, they're encrypted. They're only being decrypted instead of The Enclave. So like you'd like there's there's there's nothing that yumi's end and we basically for correctness like we We'll take all of the benefits of tender me.

Because because of the key sharing process that I because of what I said in the beginning, when you register you get a randomly generated seed, but then that's it is used to pseudorandomly and deterministically. Generate like the same set of keys for all nodes for all computations for everything that's going on. So consensus doesn't break like all.

All validators. Even if they don't see what they computed, the end of the day, like the blocks that are producing the the from the transactions, the outputs, like all of them are the same. I guess my question is but if I'm querying data of from the blockchain, so if I'm so, you know, you mentioned this viewing Keys. Like so if I'm asking a, you know, I'm querying a note saying, hey, I want to know what my balance in my account. Is, who can anyone see that? I guess, two things one.

Can they see that? I'm asking for a balance and from what token. And then to can, they actually see the balance of Itself. No, yeah, so let's say the example of asking for query for like a token balance. So they would see that the certain secret wallet and they can see the address of the secret wallet is querying for a balanced. They will not see. They will know which token their current because each token is its own like contract. But a, they would not be.

They would not know that you're craving for a token that we just know that. That you're interacting with the token contract from this secret address, and then the query would basically, you know, which would pull the your balance from the state, the validator won't see it. Because like that part happens inside of The Enclave. Then before releasing it outside of the autoclave. I mean, there's there's kind of like for each for each query or

each transaction. There's kind of like, derived key between the user The Enclave that only the article itself can can see and the user can see. So what happens is the Alchemy of uses that to encrypt the query result inside of the are clave for the user and then release that. So only the user, can client-side the privileged information, the, the the other part is that there's there's a very key. So you can you can share a view

in Key subject. For example, another selfies could, you know, could Could get some kind of read only access and can also be creeped, the information from a query but those are the only parties that can actually see the results. Either the user or whomever they gave if you in key to. Does that make sense. Thank you. That's super interesting. Yeah, it makes total sense. I imagine, I imagine there are particular challenges to building the user experience building, you know, as Fully

private chain. What are those? So the there are actually several challenges both from a developer and and any user from user perspective. Right? Like whenever you're doing something, you first have to give a view and key permission for the wallet. Like let's say there's a new token. So now there's a lot of Click where you need to create a view in Key for that new token. And then, you know, let your wallet or the application. Use it in some, in some way, usually your wallet.

Just like another click people are not often used to it because it's like only a secret Network, pretty much, that's something that we're working on. And recently, we've enabled the ability to use permits. I'm actually not even the best person to explain those like that is even still new to me, but they make the process much easier. It's much more automated. Basically. It's like you don't have to create a purely. It's much more automated in that sense.

So, that's one challenge. The other challenge that this creates is in many cases. You know, let's say there is a big nft drop, right? And everyone are coming at the same time and they want to meet their entities. Well, they first have to like, create viewing keys to see those. Again. This is mostly solved with permits.

But if you're not using permits, then that that creates like a lot of transactions immediately on the And we have seen that create some let's say difficult stress on the network that another Network. You don't see because you don't have that functionality. So that's like another challenge and the third challenge is you know, a lot of like if you look at Tara another and other networks, a lot of them, they cached information. So, you know, let's say your

interact with the contract. And there's a lot of the same qualities. There's mostly reads just a few rides, so they would cash it. Honestly on the centralized server to kind of reduce the load, the query load from the network but here because every user have access to only like what robe like they're over information. No one can see the fool like the full state it and usually each user just queries their own row. You get a lot of again, a lot of

queries. Which you cannot cash and that creates making optimization really, really, really hard. I don't think there's a perfect solution that we are doing. We're doing quite a lot of work than to improve. But that's I think that's part of the cost of, you know, riding with privacy enabled. How about from the developer standpoint of view? Like can I you know, so, you know as as we mentioned cause and walls.

Mm is like, you know, becoming sort of the standard across many Cosmos changes like especially like Tara. Can I just go take a Tara contract and just one click redeploy it on to secret Network or is there sort of additional hurdles that we developers have to like go through in order to make their contracts design working with the Privacy models? Very few. Hell that is most of them are just like, because of, like, echo system tools. So, you know, Tara. Is there a JS?

We have secant years, but it's pretty much the same thing. We've done it. Other people have done it. It's really simple. It's simpler than most people think. I think that's the biggest benefit that you know, we're all we're all converging to the same. Like, you know model with cousin was in words like very, very easy to cross.

Deploy, and actually one of our things that we want to do in Key one is we want to give a very, very easy guide on if you deploy your app on Tara, here's how to convert it to secretly. Like, you know, five minutes. Do I what about like for like, how do I Define this like viewing restrictions? Right? Because you know on I'm sure on most cause I'm awesome contracts. Anyone can just query any part of a contract here.

Obviously, I have to add additional restrictions to say, you know, if you're trying to carry this balance, you actually have to be the owner of this balance. So are there like additional sort of? I guess in the view from the read functions of the contract. I just have to add more a little bit more, restrictions there, or is there anything more complicated than that?

I mean, that's again. If you want privacy if you want to do a lot more selective access control stuff like that, it is that you need to it. That is up to you. I mean technically you don't have to do them, it would work without it. But if you if you want to use these functionalities, then you have to make slight changes. Yes, but again, they're not big. They're usually not big. Can I when using secret? Can I do?

I do all contracts have to execute inside the SG X. So let's say there's some things that are just like, you know, you know because obviously and I can maybe one thing before like regarding that is like how does computation, you know, expensiveness work, and relative compared to something, you know that, you know, if all the cause I know one of the big issues with got issues but you know, one of the restrictions that GX is you have like You know, it's definitely slower than running

on our normals on a normal CPU. You can't do like can you do like hyper that you know multi-threading and like you have lesser RAM and stuff. So what can you tell us a little bit about some of the restrictions that are developers? Might have there. Sure, so it's single-threaded but I think most executions in Cosmos closing was a war Central thread. Until recently. We are working right now on adding multi-threaded support like that's actually almost

done. So we are going to support multi threading it as she acts, it wasn't trivial but that's one of the optimizations we're doing the the memory issue. There's enough memory, but In many cases because of the way she acts works, then you know, you have, you have a lot of like cache misses and, you know, if you if you if you don't like, you know, efficiently load information inside of the enclave and outside, then that could take a really long time.

I think in our profile and we saw that like, you know, every time we open it on Cliff, we loaded the, we reloaded the contract that is taken in some cases. I think like the majority. You of time, spent in running the execution. So yes, the the considerations Derek's not review. We are slowly improving these resolving these amazing and I think we're in a much better position. The Slowdown is not that bad today, but it's going to really improve in the next year.

That's, that's one thing, the other thing, which is slightly in issue is, you know, because of because of age, like fgx doesn't Force Security reasons. It doesn't allow you to use like standard libraries and stuff like that. And so like using something like was mail, which is the go to, I guess, interpreter or just-in-time compiler for running wasn't code. And that's what I think cause that's what cause there was a muse, is natively like we

couldn't use that not easily. So we replace that that took a lot of effort, but we replace Tweed was me, which is more like a pure interpreter and that works but that is much slower than was Mill as well. So again, one of our, one of our things on the to-do list is to go back. Read the great was male in a way that is supported by GX. So can I then like so then that case, like if there is, can I ought to have certain contracts not run in the sgx.

We're like, let's say there is just, you know, heavy computation functions that, you know, I have no reason to keep private. Can I reduce my gas costs by writing those not in the sgx? Not right now, but that's a fantastic idea from a scalability perspective than here. Right? Where would you place like the limit of where like sgx computation can go? Like, you know, you know, we have a spectrum, you know, like, you know, like okay, how do you think it will? Is sgx computation today?

Like is it can you do more than you can in DVM or you know, kick it ever get to Native Cosmopolitan scale or Like even Solana style scale. Where do you see? Like the limits are good? Or, you know, assuming you can get all these optimizations you want. Where do you think it will end up Landing? Yeah. I think that won't be an issue. I think these are engineering challenges and I think at the end of the day to slow down, there will be slow down.

It won't be meaningful. I think the one place was I'm not sure he's wherever in cases where you need to access. You know, let's say are raised. Information. Like, you know, you want to access like like you want to run through all of the users at the same time that that might be the only place where I think it's going to be problematic at the end. But everything else I think is, you know, we can resolve it in, we will resolve it. So, secret network is IBC and able, right.

So basically, how does how does the secret part work across different Cosmo space blockchain? So can you kind of, can any IBC, enabled blockchain, query smart contract? So what, what, how does it work? So, right now, we kind of did what Tara did and I think most chains. Sorry. I don't know if you remember, but you and your co-founder with us, Moses, you gave us the tip to do these. We we only enabled like, you know, sending native Native assets on IBC right now between chain, two chain.

We do not support calling one contract on our chain. And on another, I beseech, a that is Something that's going to happen in. Let's say IB C 2.0 upgrade upgrade which is going to happen sometime in 2022. But so far what you can do is you can transfer assets, and you can also do something which we are doing. Like for example, you can take osmo or atom or luna or you see.

And you can turn something to our chain and then via ABC and then you can wrap them as as as Can and that token gives you privacy? So for example, if you want to trade your awesome or privately, then you can move it to secret Network rapid. We actually have a UI to do, very simply and then you can transact with it. You can, you know, split it different wallets. You can edit to secret swab, which is our mmm, and trade their preferred to something else.

And then you can, you know, exit back in line. You can be unwrapped it and exit bed for IBC to whatever. So changing IBC that you want. So those are the capabilities that are enabled right now. And I was wondering. So can you use the sgx to do multi-party computation? I mean multiple, I mean technically what we're doing is multi-party computation, but we are using this GX. If the question is whether we can do multiply the computation, like it's pure cryptographic form.

Then I would say that's that's a very different implementation. We can do it. It can use sgx to simplify something. So some element of hgx can you know, make the NPC protocols that you use simpler? Because you know, you can trial if you if you take An assumption. For example, that is GX, you know, can protect correctness and and you know, whoever's running the code inside of an autoclave will not break

protocol. So you can use more like, what we know is semi, but honest but curious protocols, which basically assume participant will try to link data, but they will not change your protocol. So again s GX can help us in developing like these kind of Solutions in a much simpler and more scalable way. Way, but you know, they're they're they're another tool. They're not like it's not that

you get F PC for free. It's still a very complicated thing to do and you know, we talked about scalability so much. I think MPC for general-purpose computations. Unfortunately the the cost reduction, the, the sort of the the cost increase at the speed, reduction would be so heavy that I doubt that a developer would

Use that unfortunately today. So, yeah, you know, I think one of the interesting things that I, you know, how what I see secret network is doing in, a lot of ways is, you know, I think the sgx as a computer system like, you know, it provides you basically like high levels of, you know, safety and privacy but on its own, it never, it doesn't provide like

this. And so one of the things I see it as, you know, I picked secret Network ads, when I explain it to people, there's like, I call it like, it's like a Date sgx, right? Where it adds liveness to, to the to the sgx platform. And like so, you know, one thing

is like, could we start to? We also use it for things like being a custodian for example, so, you know, I think, like, for example, I know the Avalanche Bridge with the area was basically running on a single sgx right now, which is kind of crazy to me. But like, you know, partially, it's kind of crazy mostly because, you know, if If it's a single sgx, you know, it could have a lot of liveness issues. We're like sure entrust, the sgx a safety properties.

But if that machine breaks down like we're in for a lot of trouble. Right. And so like, could we use the secret Network as a distributed custodian? And that sort of way, I think we can, and we actually have some G that are, you know, taking the direction. We have it available core developer called the soft. He just meant an interesting tweet about how like dolls can now control like, you know, private keys inside of the of their contracts.

And then we die PC and other things like essentially like do stuff on other chains through the Dow, be cut because it controls, you know, the The key is in is live - live. This is pretty much guaranteed. So by the way, I like your Peach. I'm gonna I'm gonna, I'm gonna steal that if that's okay. So, here is a. So, here's the other part that it about, you know, the big

question I have for sgx. And so, you know, you know, you know, we've worked a lot on like, front-running resistance related things and like mempool privacy, and I know that's like something that the sgx also, you know, Secret at work provides in a lot of ways, but for me, one of the biggest concerns I've had with, like, the sgx is, you know, we see that like there seem to be on a semi-regular basis, like, Law judge found in the sgx and and the sgx and like people are able to find

vulnerabilities. And you know, in my opinion, how I see it is like right now the the value in finding a vulnerability that you know, there isn't even that high of a benefit right now. It's been mostly like, you know, just academic research teams that have been finding these vulnerabilities, but you know, as there's more, and more

economic value that's happening. And, you know, if you can extract Mev by breaking the security model, Hell of an sgx and extract billions of dollars of Mev that that's essentially a billion dollar bounty on Breaking the sgx. And is that like do you think that that's the X can sustain that level of security budget? I mean, I guess it's, you know, I'm speaking from a position. I do believe that's the case. I do believe for many, many use cases.

That's definitely the case. I like the idea that secret network is, the biggest honey pot for testing secure enclaves at scale. So far. We didn't have problems. And, you know, any time there's a flaw, we immediately patch it. And Through a network upgrade, you know, you make sure that everyone is patched. We have a very, very strict about it even stricter than most other players. I've seen using a, she acts but I guess it's to be seen from my perspective.

Look, as you know, my background is in cryptography and PC. Like I'm very, very much excited in the future to include other kinds of technologies that are you know, more cryptographic in

nature. Into secret Network. At this point, like I'm more concerned that you know, developers would not be willing to take the slow down and the cost increase of using protocol for graphic Technologies and many of them have other other issues and constraints that people often Overlook when they when they present them. So it was it's a it's a balancing act like we do. Feel. This is the best solution for

the problem right now. We like the idea that it allows us to check, you know things at scale with high value and then you know over time hopefully that will help us to make our system Enclave sgx specifically enclaves in general more and more robust. But at the end of the day like if the technology allows it, The users and developers demanded like I would be super excited to look again at MPC and even homomorphic encryption Solutions at least to, you know, to some

aspects. And some use cases that are being built on our Network. And I really want to talk about the ecosystem. But now I have to follow up again. Damn, you sonny. And so, basically, if I'm a node in the network, and I am, how would I, how would I know? How would I find out about the fact that some sgx was compromised or is being viewed by something? That's not the sgx. I mean, so basically, how, how would I catch on?

I mean, how is there like I say I can read The coal mine somewhere because basically with a lot of the shielded protocols, there's no way to actually do check sums, right? The ones there's one stirs. So first of all, I don't want to say that most vulnerabilities, you know, their academic research has and they are way way way overblown.

There's been very few of them. Especially the ones in the early days which which were I think devastating and easy to exploit Not even or not easy, but like, you know possible to exploit not in the laboratory setting. But putting that aside, you know, once there's what is there's you know, and as GX issue, then we can trigger. How'd folk. We can ask everyone to re-register, you know, the relationship protocol that we mention, we can trigger.

How it for about or post second Enclave, update. And then everyone has to re-register every out for the, that happens. Everyone has to go through the registration protocol again. And at that point, if they are now running the fully patched, you know, version of DirectX interval feel well and software, then they won't be able to register. So that's and that's how people know like, you know, there's a half of kids network it. Yeah. At so.

But that's only if it if it's brought to your attention, right? That there is a vulnerability in the sgx. So basically how would I how would you find out that there's a vulnerability? If it's not, you know, someone, you know, white or gray hair to kind of makes this publicly available information. It's your question. If someone were to fight, affordability, it's a blackhead. They don't disclose these. If there isn't the way of it, we're not aware of it.

Then what happened could that could have This their service. Yes. I mean, I there's no there's no way to protect against that, you know, very much like with the Z cash. Like, you know, publication there was a math, equation devil and you could have done like pretty like you could leak the keys, if I remember correctly. And if someone had found it and not disclose it and someone did then they could exploit it. So, there's no way we would do

with that in that situation. Okay, there's no way to know. Okay, quit. So, let's move onto to the ecosystem. So, tell us about the kind of applications that are currently running on secret Network. Yeah, that I'm pretty excited about. We have a few dex's that our FrontRunner resistant, the during fairly. Okay, not. That is great as Moses, but they are used. I'm an avid user of the, the fraud is this resistance is really cool. The Privacy aspect is really

cool. We have over 100 million, a fake of assets. Maybe maybe even I mean maybe more depends how you count. In our Network that if either or originated by projects your network, or we've been brought for me cereal because we have any Syrian believe, somebody smart chain because we're everybody small chain and from other IBC, they put networks. So a lot of use cases around

around that. Then there's we've released the secret 10ft standard which basically allows you to You know, launched a nasty and it's the collections and it's the the part of me, the secret ft is that, you know, you can Define private metadata such as Ali. The owner can actually see the data and that owner can give viewing access to other parties.

If so, they choose and where you know, there's a there's a big World published that we announced yesterday with credit Tarantino that there's an auction for him. His original screenplay of Pulp Fiction, which is something that no one has ever seen. It's like in his hand, right? There's a lot of things and details about the, the original

script notes to himself. Like, markups markdowns, like like, you know, comments stuff that hasn't been in the in the final movie and understand that is been something that he kept private for 25 years and now we sell in those a secret. And if T's and essentially that's going to be in an auction in two. Weeks and only the people who buy it would be able to see it and then, you know, they can decide if they want to if they want to give access to other

people or not. So that's that's another use case. There's just a slew like so many and a few use cases right now. There's a Marketplace called stash that launched a month ago. And there's been I think like to thousands of nft drops and there's a new one every day and each one of the views like the the Privacy aspect. It's in very, very interested ways.

There are a few games building on our Network and I think what we can provide those other networks can provide is a we can allow you to build your games with like he did he did this game State unchanged. So for example, if you do poker you can do it fully or chain because you can keep the cards themselves, you know, private for it, each participant until the right moment. So we see a lot of that.

And we actually seen there are two defy use cases or those private lead coming out this month by a company called Sienna and other. There is shade which is going to be the first privacy-preserving, stable coin algorithmic stable quality. It's kind of a mix between a little boost, a cow Reserve currency and a fully pegs privacy-preserving, stable coin and They're a bit more lofty ideas that I think are just going to be, they're going to

take time to be adopted. But I'm really excited about them. There's data V, which is the data is secured in a Marketplace for all kinds of like use cases. There's a doctor tried to work on put in some form of medical data on the blockchain and Allah. We like Physicians to look into that. Is a company building credit score solution so that you know privacy-preserving credit score is so, you know, you could do maybe like stuff like other collateralized loads on the

blockchain. So a lot of things are like being built right now. Yeah, I think that's really cool. You know, I think well, you know, a lot of these use cases, makes a lot of sense. What one thing. I do want to ask those like, you know, for the end of T is it seems like, you know, and at least from my social networks and stuff, you know, I've seen a lot of people are pretty excited about like the nfc's happening on secret Network. What wider?

And of key is really want that much privacy, you know, it seems that usually FPS are mostly about status signaling and I want people to know that I own the the hey check out and look at Michael. You know vanity is what is sort of what's driving the user demand behind like private and of Teas. Well, first of all, you can do really interesting things that you can do it. Like we're just scratching the surface. So like, you know, there's like the there, they're like now

redacted drops. They'll you know, you see you can brag that you have data Steve see through the watermark or low resolution or part of it is redacted. Just like a redacted Club, but I think the eyes are redacted, stuff like that, but then the full picture you see for yourself. There were secret pods were like, you know, the background was what? Only the order could see, there's a secret skulls, which created a really interesting economic dynamics.

That idea, was that you meet or excavate a skull and that has its base properties. That's visible. But now you have several times. Will you can reveal traits like one by one that created in interesting? Economic Dynamic where people were like, okay, maybe the things that are worth the most you just say lead a fully heated scallop with all the traits. Still hit it. Oh baby, I reveal like one trait, you know, kind of like in

blackjack. I got like a really, really rare trade, but maybe the other words are like, you know, they're crap, but it's not really worth that much. So, that is an interesting game theory. Do I sell it down or do I keep opening the hopefully really decrease the value farther. So there's a lot of interesting things. You can do that. You can't do it. Nobody lefties. And if you want status, The gear you can, you can't reveal a portion or low resolution version or you can reveal the

whole thing. That's five. There's a dust collection which it does reveal the whole thing. But then the private better data is you aided, your telegram ahead and that is you to a secret chat but no one else can know about obviated to. So, you know, it's it's, it's an interesting experiment. I feel and with credit Tarantino, I can tell you 100%. He's been Approach. But a lot of Ft companies and providers and he said no to all of them because he said, what is the point of me upload?

These something that is already public and then everyone can see it and download it. And then why would anyone buy that? If they can already get like, you know, get a copy of it and the idea of like keeping it a secret until the first person buys it that really clicked with him and we got that feedback from better. Of Artie's said Thursday, that we talked to.

So apparently there's a need. So Gaia, thank you so much for coming on. Where can people learn about secret Network and find the Dachshund? Find the grant program and so on. Right. So if you go to secret, does that work? That's scrt that Network?

You should be able to find pretty much everything that you know, you need and then you can find, there's the ad, secret Network, a Twitter and we have a Discord and you can follow me at Ed guys's gy Z Ys on Twitter. And if you want to apply for a grant, You know, just hit me up on Twitter personally or come to all this code come to the dev Channel or the general Channel. Say, hey, we have granted, you have want to talk about it and either myself or one of the team members will talk to you.

Perfect. Thank you guy. Thank you very much. Thank you for joining us on this week's episode. We release new episodes every week. You can find And subscribe to the show on iTunes Spotify, YouTube SoundCloud or wherever you listen to podcast. And if you have a Google home or Alexa device, you can tell it to listen to the latest episode of

the epicenter podcast. Go to epicenter dot TV /, subscribe for a full list of places where you can watch and listen, while you're there, be sure to sign up for the newsletter. So you get new episodes in your inbox as they're released. If you want to interact with us guests or other podcast listeners, you can follow Oh us on Twitter, and please leave us a review on iTunes. It helps people find the show, and we're always happy to read

them. But thanks so much and we look forward to being back next week.

Transcript source: Provided by creator in RSS feed: download file
For the best experience, listen in Metacast app for iOS or Android