Private transfer based application utilizes UTXO under the hood. To perform a withdrawal, the receiver will need to construct the merkle path from all the UTXO notes. Also, to be able to query its current balance, the user will need to have access to all encrypted UTXO and one-by-one decrypt them. Though possible, the UX is heavily compromised as the syncing of UTXO from genesis is a slow process especially when the application has had a long operationg history
We delegate the syncing of all UTXO to a centralized server without sacrificing privacy via a primitive known as Private information retrieval (PIR).
The client is able to send an encrypted query to the server, and the server is able to respond the encrypted result which is only able to to be decrypted by the sender. All these, without the server ever learning about the content of query nor which data among its storage is the result of interest
Additionally, as our transfer protocol will require a form of shared secret between the sender and receiver, this shared secret, normally burdened to be stored by both the sender and receiver as it is unique to each sender, receiver pair. we have came up with a proposed data structure to allow this shared key to be stored in an encrypted manner in a centralized server. Potentially improving the UX of the application user even further.
Lack of full implementation of oblivious transfer library. We got over this by implementing a simple version of oblivious transfer and understand that this portion of the code can easily be swapped out for a production ready, audited version
Tracks Applied (3)
Aleph Zero
Nethermind Research
Technologies used
Discussion