The problem Alfred Goes to Work solves

Alicia joined the Opolis employment commons so that she would have access to the kinds of benefits you usually get from an employer.

• Has life and disability insurance through Opolis
• Wants to create a letter to her family they can access if she becomes incapacitated
  • Describes Opolis and contains information about the disability policies
• Wants the parts of the letter that contain sensitive information to only be available after she dies
  • Describes Opolis, the benefits, and how to access her account
• Opolis also wants to know if she dies
  • They need to stop her benefits and put her account in an inactive status

How does Alfred help?

• Using the Opolis API, Alfred dApp grabs the appropriate details from Opolis API and fills in templates for the letter.
• Alicia also provides the contact information (and public keys) of her brother Billy
• Alicia encrypts the parts of the letter that Billy can access at any time with her ‘incapacitated’ key.
• She encrypts the sensitive data with her ‘death’ key.
• Each of the encrypted blobs are stored on Textile.
• Re-encryption keys are generated and registered with Alfred dApp, stored off-chain
• Alfred smart contract tracks all components of Alicia’s document and tracks her status

What happens when Alicia is disabled?

• Billy notifies Alfred that Alicia is incapacited
• Using the re-encryption key provided by Alicia, Alfred grants permission to the appropriate files using NuCypher
• Billy grabs the documents from NuCypher and files claims with the disability insurance providers
• When Alicia recovers, she resets her status from ‘incapacitated’ to ‘normal’

What happens if Alicia dies?

• Alfred detects Alicia’s death with Endowl’s Life Event Monitor
• Opolis is notified and sets Alicia’s account to inactive
• Billy requests Alicia’s letter about her Opolis life insurance
• Using the re-encryption key provided by Alicia, Alfred grants permission to the appropriate files us

Challenges we ran into

NuCypher Ursulas don't have the ability to check on-chain state. Ideally, an Ursula could be directed to check Alice's death oracle prior to re-keying data that should only be available to Bob after Alice dies. This helps to mitigate the trust that Alice has to grant Alfred/Endowl that her data will only be revealed at the appropriate time.

We also encountered an bug in NuCypher when Alfred tried to re-encrypt a message by using a re-encryption key created by Alice. The Ursula threw an exception and it would not work as expected. After much discussion with the Nucypher team, we decided to implement a 'stub' to emulate the desied behavior from Nucypher. When this bug is fixed, we intend to use Nucypher in the Endowl system.