The Quest for Privacy-preserving Ledgers: Why Game-Theory trumps Trusted-Execution hardware on all fronts

Cryptography and Consensus Algorithms aside, almost all blockchains share one crucial trait: they all prevent cheating by forcing all network participants to be completely transparent. A transaction can only be considered as valid if everyone knows about it and if it is coherent with the record of all previous transactions.

This universal principle of transparency was introduced by Bitcoin as an ingeniously elegant solution to the Double Spending Problem and sits at the foundations of blockchain technology ever since. The pseudonymous character of blockchain accounts mitigates the accompanying loss of secrecy which, in the case of monetary transactions, is a small fee to pay for the privilege of accessing a completely permissionless and secure payment system.

When it comes to more elaborate use cases for blockchain technology, such as smart contracts and decentralized applications, things begin to look quite different.

Privacy can be kind of important

Smart contracts are essentially programs. While designed to control funds, smart contracts can potentially execute any kind of code and serve as the basis for decentralized applications, or dApps. The radical transparency inherent to blockchains, however, limits the kinds of useful applications that can be built with them.

Qlear’s game contracts are one excellent example. Running game logics on smart contracts without adding an additional layer of privacy would disclose everyone’s game moves and secrets to everyone else, which of course would be intolerable. But there are many more examples in which lack of privacy prevents developers from building applications that are completely distributed and autonomous. In most cases, centralized servers are called to the rescue in order to fill the gap and maintain privacy.

Other, decentralized, solutions are already being worked on, and Qlear is at the forefront of this research and development effort. As we have elaborated in previous blog posts, Qlear preserves full privacy by utilizing a Multi-Party Computation approach. In contrast to alternative propositions, Qlear's MPC is secured on a purely game-theoretical basis. How that's done, and why this is important is explained below.

Addressing the Challenges

Multi-Party Computation, or MPC, allows a network of participants to perform joint calculations over their inputs while keeping both the inputs, as well as their outputs private. However, MPC as a distributed computation technology has only a limited native fault tolerance. Naively implemented, MPC networks are relatively easy to attack, especially in a completely distributed and anonymous environment.

An attacker could, for example, feed the network with intentionally false inputs or return manipulated results over computation tasks they’ve been assigned. Below a certain threshold, cryptography alone can weed out such attacks. However, in the case that an attacker controls multiple MPC nodes, things become unstable pretty quickly.   

This attack vector is a special case of what’s often called the “Nothing-at-Stake Problem”, where malicious or damaging behavior doesn’t come at a cost. Even if some resilience exists in the network, since “Nothing is at Stake”, the smallest loophole can and will be blown up to the proportions of a comfortable hallway.              

Many of our colleagues in the blockchain industry seek to address this problem while relying on specialized, supposedly incorruptible hardware. Hardware of this kind, such as Intel's Software Guard Extensions (SGX), lives in specially secured enclaves of a node’s machine, out of the reach of regular code. Relying on SGX, nodes cannot fake or tamper with calculation results and are physically forced to play ball, if you will.

The Big However    

While SGX and similar solutions close the lid on many attack vectors, they are extremely far from being perfect.  

Earlier this summer, a group of researches published their findings on an SGX-specific vulnerability known as Forshadow, which allows attackers to extract information from the supposedly untouchable enclave. Given the widespread use of SGX-enabled devices, the revelation of “Foreshadow” caused shock waves across the entire tech sector.

While the dismay is understandable, the surprise is less so. It should be obvious that any human-made hardware solution is, or eventually will be attackable by humans. Trusting a single piece of hardware, manufactured by a multi-national entity with monopoly status, to secure networks that may handle millions of dollars is a textbook example of a “Single Point of Failure” and as such is something the decentralization movement should steer away from.  

Security concerns aside, putting your trust in specific kinds of hardware also shrinks the number of potential network participants. Before joining an MPC network as a node, one would first have to acquire the right kind of equipment, posing unnecessary barriers to entry.

In Math we Trust  

A more elegant solution to the so-called “Nothing-at-Stake” problem is, well, putting something at stake. This is a solution borrowed from the blockchain industry itself, especially from Proof-of-Stake algorithms such as Casper.

In a PoS environment, malevolent or damaging behavior is rendered punishable by requiring participants to submit a security deposit, or stake, in order to participate in the network. This results in two separate security layers. For one, operating a node is not a cost-free operation, and hence prevents Sybil-attacks in which one attacker controls numerous entities that flood the system. Secondly, the moment malicious behavior is detected, the security deposit can be confiscated, rendering attack attempts costly and economically unattractive.

Qlear imports this rationale from PoS blockchains and implements it on its MPC network. On Qlear, all MPC nodes are required to deposit a stake, which naturally limits the number of nodes one single entity can operate. From that point on, the overall behavior of nodes is immutably tracked and recorded on the blockchain, which allows the network to spot potential attackers, penalize them, and discard their corrupted contributions. This way, Qlear’s Plasma Network, the Ethereum Blockchain, and Qlear’s MPC network, are combined into one unified array, preserving both privacy and immutability.       

Utilizing this approach, Qlear’s MPC is secured by game-theoretical principals, rather than by a specific kind of hardware. These game theoretical principals are essentially the same that secure Bitcoin’s and other Cryptocurrency’s multi-billion market capitalizations. Besides being proven to be secure, they also allow for permissionless participation and remove the need to trust manufacturers, operators, or any other kind of entity.

If you want to learn more about Multi-Party Computation networks, and on how Qlear preserves privacy on the blockchain, you can do so here.

For more insights and updates, subscribe to our newsletter, join the conversation on Discord, and follow us on Twitter.

Warm regards,

The Qlear Team.