AMA Highlights: Refusing to Run Naked on the Internet, Privacy Construction Should Be Early Rather Than Late

Author: Oasis Chinese

On July 14, 2022, at 19:30, the Oasis Network held a Twitter Space event themed "Refusing to Run Naked on the Internet, Privacy Construction Should Be Early Rather Than Late."

Since the beginning of human self-protection awareness, the exploration of privacy topics has never ceased, especially in today's highly developed technology. It can be said that accelerating the development of privacy technology is an era issue for Web3 to establish its identity.

In this event, we were honored to invite Wang Jialun, CEO of Chain Teahouse, Sputnik, head of the Zero-Knowledge Proof Technology Group of the Tsinghua University Student Blockchain Association (THUBA), and Jian Zhang, Investment Director of SevenX, as guest speakers to discuss privacy-related topics with the host, William, Ecosystem Product Manager for Oasis China.

This article is a review of the highlights of this AMA event, with some content edited.

Self-Introduction Segment

First, let us welcome all the guests and please introduce yourselves.

Wang Jialun:

Hello everyone, I am Wang Jialun, the CEO of the blockchain media Chain Teahouse. Chain Teahouse started around 2018, focusing mainly on the developer ecosystem of blockchain. I am also a Web2 entrepreneur and founded a gaming industry media called Game Teahouse, which has been operating steadily for nearly ten years.

Sputnik:

Hello everyone, I am Sputnik, currently pursuing a PhD in cryptography at Tsinghua University, with some research on blockchain privacy protection technology and zero-knowledge proofs. I serve as the head of the ZK group in our university's blockchain association THUBA, which mainly promotes and exchanges Web3-related knowledge among students. My main responsibility is related to cryptographic technologies and projects.

Jian Zhang:

Hello everyone, I am Jian Zhang, Investment Director at SevenX, primarily investing in DeFi, infrastructure, etc. SevenX Ventures is an Asian investment fund established in 2020, advocating for "immersive investment," providing comprehensive empowerment in financing planning, financial product design, economic systems, marketing, and more for the projects we invest in. We mainly invest in infrastructure, DeFi, NFT, GameFi, Metaverse, Web3, and focus on ecosystems like Arweave, NEAR, and Polkadot. We have raised two funds so far and invested in over 80 projects.

Additionally, we have a FOF fund that invests in other token funds, which has invested in leading industry funds like Gumi Crypto, Lemniscap, and Sparkle Venture.

William:

Thank you to the three guests for your introductions. I would also like to briefly introduce Oasis Network.

Oasis Network officially launched on November 19, 2020, and is the world's first decentralized blockchain network with privacy protection features and scalability. In terms of technological innovation, Oasis Network's unique layered architecture separates smart contracts into consensus and Paratime layers, ensuring absolute security of user privacy information while achieving higher performance and stronger customizability, further unlocking new use cases and applications for blockchain.

At the same time, Oasis Network has innovatively proposed the concept of data tokenization, allowing users to fully control their private data while earning income through sharing their private data, further achieving privacy protection and promoting the construction of a responsible data economy.

Oasis is also supported by a number of well-known industry investors, including Andreessen Horowitz, Polychain, Pantera, Dragonfly, and Binance Labs. With high performance, security, and privacy protection, Oasis will redefine centralized finance and fundamentally change the way open finance operates.

Since its launch, Oasis Network has been deeply involved in the privacy NFT track and has conducted activities such as hackathons, global ambassador recruitment, and the ROSE token blooming plan. Countless industry-leading application developers, blockchain infrastructure teams, and node operators have joined us, making the Oasis Network ecosystem flourish like never before.

Q&A Sharing Segment

Question 1:

When did you first come into contact with the concept of privacy computing, and how do you view the future development prospects of privacy computing?

Wang Jialun:

When Chain Teahouse was just established in 2018, we held a developer salon in Chengdu, where a security technology expert introduced us to the knowledge of privacy computing. At that time, Apple's new privacy protection policy raised great concerns in the casual gaming export circle because the inability to obtain player data would greatly reduce the ability to monetize through advertising, which would have a significant impact on the entire industry.

So, when we heard about privacy computing technology, we realized that there were indeed ways to achieve both privacy protection and the ability to obtain desired data through technology. Therefore, we are very optimistic about the future development of privacy computing. However, currently, whether in Web2 or Web3, actual applications are still very few and are still in the early exploration stage.

Sputnik:

The concept of privacy computing is closely related to my field of study. I started focusing on research related to privacy protection technology on blockchain about two years ago. The first project I encountered was Zcash, a privacy coin project proposed in 2014, which achieved on-chain privacy protection through zero-knowledge proof technology, hiding the three elements of a transaction. After that, I delved into more research on zero-knowledge proofs and cryptographic algorithms related to privacy computing.

Regarding the development prospects of privacy computing, I may take a more technical perspective. I believe that from the current technological development standpoint, there are many algorithms and components, including homomorphic encryption, oblivious transfer, and secret sharing.

Generally speaking, there are two parties involved in zero-knowledge proofs: the prover and the verifier. The prover needs to prove to the verifier that they know a certain secret without revealing any information about the secret.

Homomorphic encryption is essentially data that is usable but not visible. In simple terms, we can perform calculations directly on the encrypted data (i.e., ciphertext), and after calculating the ciphertext, we can decrypt the result, which will be the same as directly calculating the plaintext. This is the concept of homomorphism.

Oblivious transfer is mainly a protocol that protects the privacy of both parties. The sender has multiple secrets, and through communication, the sender and receiver interact, with the receiver choosing a secret value. The final effect is that the sender does not know which secret the receiver chose. For the receiver, they only know which secret they chose and are unaware of the other secrets, making it seem as if the sender has inadvertently transmitted a secret to the receiver.

As you can see, there are already many cryptographic algorithms in the field of privacy computing that can achieve a variety of functions. However, as mentioned earlier, both homomorphic encryption and oblivious transfer have cost issues, so I believe that some theoretical algorithm efficiencies are still some distance from practical applications. However, I think achieving on-chain privacy protection is a development trend.

Jian Zhang:

I have actually been paying attention to the privacy track for a long time. When SevenX was just established in 2020, we invested in Oasis and have since continued to focus on privacy computing, investing in several TEE, ZK-ZK-Rollup, and MPC projects, and have discussed several federated learning projects.

We believe that privacy is an essential component of Web3 and a necessary function of on-chain databases. In the future, on-chain data will achieve privacy layering, with different privacy levels for different user data and varying privacy permissions for different users regarding the same data.

At the same time, I also pay attention to the development of privacy computing in Web2, especially the impact of Apple's support for users to revoke app data authorization and the implementation of GDPR on the privacy industry.

Question 2:

From a media perspective, what is the current landscape of the privacy computing track? Which sectors are thriving, and which sectors are currently lacking?

Wang Jialun:

The development of privacy can be divided into three categories: privacy coins; anonymous protocols; and open public chains like Oasis that directly implement privacy computing, expanding the imagination of privacy development.

The concept of privacy hasn't been very popular, which is understandable because ordinary users do not have a strong perception of privacy and often inadvertently leak their privacy. Many times, people only see telemarketing as a marketing method, and ordinary users do not suffer direct losses.

However, with Apple's support for users to revoke app data authorization and the issuance of policies by various countries, people have begun to study what technologies can comply with regulations, protect privacy, and achieve relatively precise marketing.

From a long-term perspective, I am very optimistic about the development of privacy, but currently, its infrastructure may not be very complete and needs to be gradually cultivated in the market.

Question 3:

It is said that privacy is a necessary infrastructure for the development of Web3. Therefore, I would like to ask Jian Zhang to share with us: In the field of privacy computing, what qualities and competitiveness should projects possess to attract the favor of investment institutions?

Jian Zhang:

Of course, this depends on the stage of the project: different stages have different focal points for investors.

First of all, since privacy computing is a very hardcore and advanced research direction, the technical background of the team is very important. It is best if they have research experience or engineering background in the field of privacy computing, like Professor Song from Oasis. This is a quality we value highly. If the team does not come from a relevant background, it is quite difficult to persuade investors to finance first and then build a technical team.

Secondly, we place great importance on the team's product capabilities. Generally, purely technical teams lack corresponding product members, which can lead to detours or reinventing the wheel when developing products. A good founding team should possess both product and technical capabilities, able to translate technology into applications, and have a deep understanding of the industry. They should also maintain a continuous lead in products or have rapid product iteration capabilities.

Thirdly, we also need to consider commercial capabilities. After having good products and technology, the team should be able to translate products and technology into actual business implementations.

Generally speaking, teams that can meet all three points are already quite rare. As investors, we usually provide more help in terms of business than in product, and more help in product than in technology.

Therefore, for early-stage projects, investors pay more attention to technical and product capabilities, being able to quickly find the right product direction and implement it.

For mid-to-late-stage projects, investors mainly focus on products and business models, what kind of products and services the project provides, whether it can implement the business model, and whether it can establish a competitive moat.

Question 4:

Have you and your blockchain association conducted any research on the blockchain + privacy computing track? Are there any interesting conclusions or results you can share with us?

Sputnik:

Our association has conducted a series of courses on blockchain, some of which are about privacy.

Personally, I focus more on the research of cryptographic technologies. An interesting conclusion I have found is that there are increasingly more scholars in academia paying attention to this field, researching applied algorithms, including Eli Ben-Sasson, co-founder of Zcash and Starkware, who is a renowned computer scientist. Therefore, I believe that the development of this field is an important direction for future Web3 projects.

Question 5:

What do you think will be the first application scenarios for privacy computing? On-chain privacy identity? ProFi or privacy NFT?

As a public chain, what kind of support should we provide for these potential tracks to foster and incubate their rapid development?

Wang Jialun:

The earliest applications should still be in DeFi and trading, including privacy identity as part of this system. However, currently, there is not a strong demand from users to trade on privacy-protecting DEXs, but competition in this field is certainly fierce, from dApp applications on Ethereum to Layer 2, and then to standalone public chains like Oasis.

From the perspective of Oasis's development, it may be more advisable to explore some unique applications that leverage the characteristics of privacy computing, such as privacy social networks, or advertising platforms that have been criticized in the Web2 domain.

Jian Zhang:

PriFi is definitely the first scenario where privacy computing will land. In fact, PriFi has already landed, as everyone is using Tornado Cash for mixing coins. Currently, the essence of blockchain is distributed ledger technology, and the main data recorded on-chain is user assets, whether FT or NFT. The main demands are that quantitative institutions and DeFi whales do not want their addresses and related operations to be tracked; another demand comes from hackers, which still has not been fully met. Therefore, PriFi still has a lot of room for growth.

Regarding NFT privacy, for profile pictures (PFP), users may prefer to publicly hold their addresses. However, for NFTs as assets, there is certainly a demand for privacy.

In the long term, with the development of distributed storage and on-chain databases, the amount of data stored on-chain will increase, and the variety of data will become richer, leading to a greater demand for privacy. As mentioned earlier, privacy should be a necessary function of on-chain databases.

As a public chain, in the short to medium term, Oasis can support user asset-level privacy needs, and in the long term, it can support distributed database projects, providing data privacy services or serving as the computing layer for these databases in the future.

Sputnik:

I believe that on-chain privacy identity has already been realized in Zcash. From this perspective, hiding transaction information seems to be a relatively basic application of privacy protection in blockchain systems.

I think the next development direction should be more complex privacy protection needs, such as privacy protection at the EVM layer, how to protect privacy during contract execution, how to use blockchain systems as the infrastructure for off-chain privacy computing, and how to achieve privacy computing goals through on-chain and off-chain data collaborative interaction, which are important areas of focus.

Question 6:

In the current bear market, privacy leakage issues occur frequently, often directly threatening user asset security. Therefore, I would like to invite everyone to share:

What privacy protection awareness and habits should we establish in our daily operations to avoid leaks and other security issues?

Wang Jialun:

There are several main aspects to security issues: do not authorize unknown applications; do not leak private keys; do not fall for phishing, etc. The core issue I summarize is: control your own greed. Many times, people are lured by temptations, such as airdrops or private placements of popular projects, leading them to actively input private keys or authorize access. There is also a more advanced issue that ordinary users may not encounter: some people disguise themselves as headhunters offering high salaries to recruit developers, and the final offer is a trap.

One last tip: I recommend that everyone always prepare a small test wallet and not keep too many assets in it.

Sputnik:

Haha, I haven't done very well myself, but I would like to add a few points on protecting private keys, as I have examples of CryptoKitties being stolen around me: protect your Metamask mnemonic phrase, protect your wallet private keys, ensure the network environment is secure, and never expose private key information.

Jian Zhang:

Everyone should learn to protect their assets and then protect their data.

First, everyone should protect their private keys. There are many ways to store private keys online, and I won't list them. Then, in daily life, you can try using some key management software, whether it's Chrome's or Apple's built-in key management service, or third-party key management services.

If you can do these two things, your security protection will be quite strong.

On-Site Q&A Segment

What is the status of privacy protection in the wave of Web3 development? How long will it take for this track to have a relatively good development or explosive phase?

Sputnik:

First of all, I believe that privacy protection holds a very important position in the Web3 field. However, I would like to add that privacy is a higher demand built on top of infrastructure. Some functions and applications we are trying to achieve are actually unrelated to privacy protection, but we ultimately need to establish a mechanism for privacy protection. From the perspective of the development of digital currency, the initial Bitcoin did not have privacy functions, but it was still welcomed because it achieved the function of a distributed ledger.

As for how long it will take to explode, I think it is difficult to predict a specific time. However, I believe that from a technical perspective, as I mentioned earlier, some algorithms are becoming increasingly mature, so I believe the time should not be too long, as the demand is already there.

Jian Zhang:

First of all, privacy is definitely an essential part of Web3. However, people are still uncertain about how large this demand is. Web3 must have privacy functions, and different data needs to correspond to different privacy levels. If there are no privacy functions, Web3 cannot realize the vision of returning user data to users.

As for the specific time of the explosion, to be honest, it is quite difficult to judge. I think the explosion of the privacy track may have two evolutionary paths:

The first path is that on-chain infrastructure becomes increasingly mature, and privacy functions are integrated into these infrastructures, leading to a gradual increase in applications with privacy functions.

The second path is that the infrastructure is not yet mature, but applications become popular first, such as Move to Earn's STEPN. Then the applications drive the development of the infrastructure in return.

Wang Jialun:

I think it's quite difficult to say. It's still the question I mentioned earlier: privacy transactions are indeed not such a strong demand for ordinary users. However, in traditional Web2, such as data trading, cross-bank settlements in finance, and genetic data, these are indeed strong demands, but we need to think about how these can be integrated with Web3.

The development of privacy requires the imaginative power of clever entrepreneurs to create applications that can effectively leverage the advantages of privacy computing and are fun and novel. I also hope that Oasis can encourage innovation through hackathons and other activities.

I am a PhD student from THUBA, currently researching biomedical informatics and database-related fields. I learned about Oasis's deep collaboration with Genetica, so I would like to know:

How much of this collaboration has already been implemented? What are the advantages, disadvantages, and challenges of applying privacy + blockchain in this area?

William:

In May 2022, Oasis Labs began a deep collaboration with Genetica to establish the first genomic analysis platform in the Web3 world for large-scale precision medicine development. Genetica will leverage the advantages of Oasis Network to protect 100,000 genomic data records, providing genomic analysis with privacy protection features for precision medicine.

Direct-to-consumer genetic testing services have entered a development bottleneck due to concerns about user privacy violations. To address this issue, allowing consumers to enjoy the benefits of genetic testing without worrying about their genetic data being misused, Genetica has partnered with Oasis Labs:

When users purchase a genetic testing kit and submit samples, their data will be stored on Oasis's Parcel platform with privacy protection. After creating an Oasis account, users can view data usage policies and authorize data, specifying who can see the data, who can use the data, and how the data can be used.

Before Genetica calls data and analysis for use, Parcel will verify whether its use of the data complies with user regulations and authorizations. Additionally, users can view their data usage at any time and revoke permissions, ensuring they have complete control over their genomic data.

At the same time, users can actually receive income from sharing data. If a pharmaceutical company needs to access the Nebula genomic database for research, they need to pay individual users based on the number of calls and the volume of data.

In the initial phase of cooperation, we will protect 100,000 genomic data records. However, due to Oasis Network's layered architecture, which separates smart contracts into consensus and Paratime layers, it not only has a high security factor and strong performance but also possesses high customizability: developers can customize ParaTime to adapt to multifunctional application scenarios, making more data protection completely achievable in the future.

Finally, I want to say that beyond the medical field, privacy protection features can actually stimulate more and more application scenarios, such as privacy identity, privacy NFT, privacy DeFi, and so on. I look forward to Oasis's privacy value proposition serving more users in the future and becoming a gateway for more people to enter the Web3 world.

This is also one of the reasons why Oasis launched a $235 million ecosystem development fund, hackathons, and various funding programs, aiming to attract more developers to develop on the public chain and enable developers to easily develop on the public chain, thereby enriching the ecosystem and providing users with different experiences. I believe this is an important issue that Oasis focuses on for its development.

About Oasis

Oasis Official Website:

https://oasisprotocol.org

Oasis Chinese Telegram Group:

https://t.me/oasisnetworkchina

Oasis Chinese Telegram News Channel:

https://t.me/OasisNetworkCN

Oasis Chinese Discord:

https://discord.com/invite/CadYXg2ATT

Oasis Chinese Medium:

https://medium.com/@oasis_foundation

Oasis Chinese YouTube:

https://youtube.com/channel/UCXgSrMoUlaHFzpCe9eiQ8eA

Oasis Chinese Mirror:

https://mirror.xyz/0x05C56DB6dd123cC434374c72E88C690cE71f30eC