There have been a lot of very interesting developments in the crypto space over the past few years. Satoshi’s blockchain notwithstanding, perhaps the first major innovation since blind zero-knowledge proof is: Fully homomorphic encryption, a technology that allows you to upload data to a server in an encrypted format, and then the server can perform calculations and send back the results without you having any idea what the data is. In 2013, we saw the beginning. Concise computational integrity and privacy (SCIP) is a toolkit pioneered by Israel’s Eli ben Sasson that allows you to cryptographically prove that you performed some calculation and obtained a certain result. On a more mundane note, we now sponge function, an innovation that substantially simplifies the chaos of previous hash functions, stream ciphers, and pseudo-random number generators into a single, beautiful structure. But most recently, another major development has occurred in the crypto space, the applications of which are potentially very wide-ranging both in the cryptocurrency space and in software as a whole. obfuscation.
The idea behind obfuscation is old, and cryptographers have been trying to solve this problem for many years. The problem behind obfuscation is: Is it possible to somehow encrypt a program to create another program that does the same thing but is completely opaque, with no way to understand what’s going on inside? The most obvious use case is proprietary software. If you have a program that incorporates a high-level algorithm, and you want to allow users to use your program on specific inputs without being able to reverse engineer the algorithm, the only way to do that is as follows: Obfuscate your code. Proprietary software is obviously unpopular in the tech community, so this idea didn’t get much attention. The problem is further complicated by the fact that every time the company tries to implement an obfuscation plan, it quickly fails. . Five years ago, researchers put what may seem like the final nail in the coffin. That is, it is impossible to ‘black box’ any program, a mathematical proof that uses arguments vaguely similar to those used to show the impossibility of the halting problem.
But at the same time, the cryptocurrency community began to follow a different path. Understanding that the ideal “black box” of complete obfuscation will never be achieved, researchers have instead aimed for a weaker goal: indistinguishability obfuscation. The definition of an indistinguishable obfuscator is: If there are two programs A and B that compute the same function, then an effective indistinguishable obfuscator O is given There is no (computationally feasible) way to determine which of Y comes from A and which one comes from B. In theory, this is the best anyone can do. If there is a better obfuscator P, then indistinguishability If you put A and P(A) through an obfuscator O, there is no way to distinguish between O(A) and O(P(A)). Adding a P cannot hide information about the inner workings of the program that O does not hide. Creating such an obfuscation device is a problem that many cryptographers have been thinking about for the past five years. And in 2013, UCLA cryptographer Amit Sahai, homomorphic encryption pioneer Craig Gentry, and several other researchers I figured out what to do.
Does an indistinguishable obfuscator actually hide personal data inside a program? To see what the answer is, consider the following: Assume your secret password is bobalot_13048 and the SHA256 of your password starts with 00b9bbe6345de82f. Now let’s configure two programs. A outputs 00b9bbe6345de82f while B actually stores bobalot_13048 internally and when run, it computes SHA256 (bobalot_13048) and returns the first 16 hexadecimal digits of the output. According to the indistinguishability property, O(A) and O(B) are indistinguishable. If there is a way to extract bobalot_13048 from B, then you can extract bobalot_13048 from A. This essentially means you can break SHA256 (or any hash function extension for that matter). Since this is impossible according to standard assumptions, the obfuscator should also make it impossible to discover bobalot_13048 in B. So you can be sure that Sahai’s obfuscator actually obfuscates.
So what’s the point?
In many ways, code obfuscation is one of the holy grails of encryption. To understand why, consider how easily almost any other primitive can be implemented using it. Do you want public key encryption? Construct a decryptor with an embedded secret key using a symmetric key encryption scheme. Obfuscate it and publish it to the web. Now you have a public key. Do you want a signature? Public key cryptography provides this easily. Do you want fully homomorphic encryption? We construct a program that takes two numbers as input, decrypts them, adds the result, and encrypts it, obfuscating the program. Do the same for multiplication, send both programs to the server, and the server replaces the adder and multiplier with their corresponding codes and performs the calculation.
But beyond that, obfuscation is powerful in another key way and has profound consequences, especially in the cryptocurrency and cryptocurrency space. Decentralized Autonomous Organization: Personal data can now be included in publicly executed contracts. On the second generation blockchain Ethereum, it is possible to run so-called “autonomous agents” (or “decentralized autonomous organizations” if the agents primarily act as a voting system among human actors) whose code runs and has authority entirely on the blockchain. Maintain currency balances and transfer transactions within the Ethereum system. For example, you might have a contract with a non-profit organization that involves currency balances and have a rule that says funds can be withdrawn or spent once 67% of the organization’s members agree on the amount to be sent and the destination.
Unlike Bitcoin’s vaguely similar multi-signature feature, the rules can be very flexible. For example, you could allow withdrawals of up to 1% per day with just 33% consent, or you could make your organization a for-profit company where you can trade your shares and shareholders automatically. Receive dividends. Until now, it has been thought that such contracts are fundamentally limited. This may only have an effect within the Ethereum network, possibly other systems that are intentionally set up to listen to the Ethereum network. But obfuscation has new possibilities.
Consider the simplest case. An obfuscated Ethereum contract can contain a private key to an address inside the Bitcoin network, and when the terms of the contract are met, that private key can be used to sign a Bitcoin transaction. So, as long as the Ethereum blockchain exists, you can effectively use Ethereum as a kind of controller for the money that exists inside Bitcoin. But from there, things get more interesting. Now let’s say you want a decentralized organization to control your bank accounts. Using an obfuscated contract, you can have the contract hold your login details for your bank account website, and you can have the contract perform a full HTTPS session with the bank, log in, and then authorize a specific transfer. You’ll need some users to act as intermediaries sending packets between the bank and the contract, but this is a role that isn’t completely trusted, like your internet service provider, and anyone can do it trivially and be rewarded for the work. . Autonomous agents can now have social networking accounts, accounts on virtual private servers, perform more computations than can be done on blockchains, and do almost anything that regular humans or proprietary servers can do. there is.
from now on
So we can see that in the next few years decentralized autonomous organizations will potentially become much more powerful than they are today. But what will be the result? The hope is that developed countries will drastically reduce the cost of starting a new business, organization or partnership and provide the tools to create organizations that are much more difficult to corrupt. In most cases, organizations are bound by rules that are in reality little more than a gentleman’s agreement, and once some of the organization’s members gain a certain level of power, they have the ability to twist any interpretation in their favor.
Until now, the only partial solution has been to codify certain rules into contracts and laws. Although this solution has advantages, it also has weaknesses. That’s because there are a lot of laws and they’re very complicated to navigate without (often very expensive) help. professional. With DAO, you now have another alternative as well. The goal is to create an organization whose bylaws are 100% clear and embedded in a mathematical code. Of course, there are many things whose definitions are too vague to be defined mathematically. In such a case we would still need some intermediaries, but their role would potentially be reduced to a commodity-like function limited by contracts rather than full control of everything.
But in developing countries the situation will be much more serious. Developed countries sometimes have access to anti-corruption legal systems, but their main problem is simply that they are too biased towards lawyers and are too outdated, bureaucratic and inefficient. Developing countries, on the other hand, are plagued by, at best, completely corrupt legal systems and, at worst, active conspiracies to plunder their own subjects. There, almost all business is a gentleman’s agreement, and at every step there is an opportunity for people to betray each other. The mathematically encoded organizational bylaws that a DAO might have are not a simple alternative. They could potentially be the first legal system that exists to actually help people. Arbitrators can develop a reputation online, just like the organization itself. Ultimately, perhaps blockchain voting will be pioneered in the following ways: Bit Congress, may form the basis of a new experimental government. If Africa can make the leap from word of mouth straight to mobile phones, why not jump from tribal legal systems with local government interference straight to DAOs?
Of course, many people will be concerned about the risks of having their funds moved by entities they cannot control. This is because the potential for criminal activity using this type of power is quite high. But you can make two simple rebuttals to this. First, although these decentralized autonomous organizations are impossible to close, it is very easy to monitor and track every step. You can detect when one of these entities is making a transaction, you can easily see what the balance and relationships are, and by voting on the blockchain you can gather a lot of information about the organizational structure. . Like Bitcoin, DAOs may be too transparent to be practical for many underground circles. FINCEN Directed by Jennifer Shasky as Calvary recently said, “Cash is probably still the best medium for money laundering.” Second, ultimately a DAO cannot do anything that a regular organization cannot do. They are simply a set of voting rules for governing ownership of digital assets by a group of humans or other human-controlled agents. Even if a DAO can’t be shut down, its members can end up running a plain old organization offline.
Whatever the dominant application of this new technology, one thing is becoming increasingly clear: Cryptography and distributed consensus will make the world much more interesting.