The problem Ethereum Data Protection solves
I cannot request the deletion of sensitive data attributable to me from the Ethereum blockchain. This data may have been submitted maliciously by others, erroneously by me, or no longer serves its purpose (Right To Be Forgotten). This has the consequence that every node operator of the Ethereum blockchain is not compliant with the General Data Protection Regulation of the EU. This is also one of the significant issues in Enterprise adoption of the Ethereum blockchain, as they need a way of protecting their data.
Challenges I ran into
- I got sick during this hackathon and started late, so I could not finish a prototype.
Challenges:
- Building Sybil-resistant governance without an explicit token is challenging, as extending the underlying Ethereum consensus is not trivial. Three possible solutions: tokenise staked eth used in consensus to represent voting weights (requires intermediary staking contract?), airdrop ERC20 tokens with fair distribution, or use some Proof of Personhood protocol
- Voting on proposals without introducing time/epochs is challenging as the voting members might change at any moment. The solution is to count votes from seats and not members, representing each voting seat with an ERC721 token (NFT), so if a new member inherits an NFT that has already voted, this new member cannot vote on this proposal. The governance council is, therefore, represented by a custom voting extension to @openzeppelin/ERC721Enumerable. However, we should look into ERC721Votes and ERC20Votes to see if those could be applicable.
- Deleting data from the blockchain is a potentially controversial topic that ultimately has to be implemented by node developers. The hash of the data must be kept, and compliant nodes should not accept transactions using deleted data. This issue is similar to OFAC-compliant blocks, where this standard would produce GDPR-compliant blocks.
- Requests For Deletion may be sensitive in themselves, making fully on-chain governance impractical as encryption is not a good enough guarantee for sensitive data (https://ieeexplore.ieee.org/document/10087069/). The requirement that sensitive data is only distributed to the members of the council cannot be easily satisfied with current Web3 technologies.