Atman Project
Empowering Trust in the Digital Age: A Protocol for Uncompromised Content Provenance, Authenticity, and Lifecycle Control
Created on 2nd March 2024
•
Atman Project
Empowering Trust in the Digital Age: A Protocol for Uncompromised Content Provenance, Authenticity, and Lifecycle Control
The problem Atman Project solves
Summary:
The Atman Project is a decentralized protocol enhancing web trust and privacy by certifying digital content's provenance, authenticity, and lifecycle. It empowers content creators and consumers, allowing data issuers to control their data lifecycle, specify permissions, and ensure interoperability. The protocol addresses misinformation and centralized control, making compliance with regulations like GDPR intrinsic to the web's infrastructure.
Context: The Digital Dilemma
- Web's immense influence on communication and content consumption.
- Misleading online information impacts critical decision-making.
Problem: Eroding Trust and Centralized Control
- Reliance on big tech for centralized authenticity management.
- Generative AI has made it possible to create high-fidelity content at a low cost.
- Need for reliable verification of digital content's provenance and authenticity.
Solution: Decentralized Empowerment, Enhanced Privacy, and Interoperability
- Technical standards for certifying content's source, history, and lifecycle.
- Enables data issuers, individuals or organizations, to control their data lifecycle.
- Allows specifying fine-grained permissions for verifiable and revocable access.
- Makes compliance with regulations like GDPR intrinsic to the web's infrastructure.
- Fosters interoperability, ensuring data accessibility across platforms and services.
Challenges we ran into
Ethereum Wallet as Key Manager:
Our goal was for the Ethereum wallet to serve not just for signatures but also to generate re-encryption keys for PRE. Yet, Ethereum's private keys are incompatible with PRE directly.
WebAssembly and Extension Security:
We attempted to integrate the Barreto-Naehrig curve key into the wallet extension, but browser security policies prevented importing WebAssembly code into the extension, which was crucial for this task.
This limitation also impacted our original plan to adopt the C2PA specification to describe the detailed content manifest that includes data provenance, modification history, and cryptographic proofs. Currently, the most C2PA implementations don't fully work on the web environment.
Identity Verification via Smart Contract:
Implementing a smart contract to validate control over the Barreto-Naehrig private key was hindered by the lack of a Solidity-compatible implementation. The potential of using WebAssembly for on-chain logic is promising but currently unrealized.
Current Workaround:
We store the private key on the client side as a provisional step. Our vision is for wallets to evolve into universal key managers, securely housing various key types.
The hurdles we faced point towards the need for advancements in wallet capabilities and blockchain technology to enhance identity verification and data security.
Tracks Applied (1)
Identity, Privacy & Security Track
Cheer Project
Cheering for a project means supporting a project you like with as little as 0.0025 ETH. Right now, you can Cheer using ETH on Arbitrum, Optimism and Base.