Data Privacy in CosmWasm Smart Contracts

[emperorjm]

CosmWasm, by design, allows developers to build interoperable smart contracts, however, smart contract storage on the blockchain is transparent, meaning anyone can view the stored data. While this transparency is acceptable or even desired in many use cases, there are scenarios that require some level of privacy.

Below are some reasons why data privacy might be necessary:

• Confidentiality: Certain smart contract applications may handle sensitive data, such as personal information, private correspondence, or gamified information essential for gameplay, which should remain confidential.
• Regulatory Compliance: With the rise of data protection regulations globally, DApps that process personal data might need to employ encryption to stay compliant.

The Secret Network, for instance, natively supports private smart contracts. In these contracts, the input, output, and state are encrypted using an unforgeable contract encryption key unique to each contract. This offers one solution, but there could be other potential solutions that could be incorporated within the Archway ecosystem. These alternatives could pave the way for the development of unique dapps tailored for use cases demanding privacy on top of Archway.

Now, the central question is: How can we enable data privacy in generic CosmWasm smart contracts, and are there feasible solutions available?

Encryption appears to be the primary tool facilitating privacy. Possible approaches to encrypted storage include:

• Off-chain Encryption: Data is encrypted off-chain before being sent to a smart contract, ensuring that the stored data remains encrypted. The decryption process would also occur off-chain.
• On-chain Encryption: This more intricate method encrypts data within the smart contract before storing. As highlighted by the Secret Network approach, key management from the contract level becomes crucial.

I'd like to initiate a conversation surrounding potential solutions that can facilitate privacy for smart contracts in need of this feature.

[jlm0]

Thanks for opening the discussion! I agree that enabling privacy is critical as there are many important use cases related to gaming or identity that require the ability to keep certain data confidential. However, implementing robust privacy at the smart contract layer within CosmWasm presents some challenges namely:

• Encryption and key management must be handled in the contract logic itself, rather than at the protocol level, which is more complex.
• Performance overhead for encryption/decryption in contracts could be significant in turn leading to higher costs.
• Interoperating between private contract data and public blockchain data requires complex message relaying and proofs.

While off-chain encryption helps provide data privacy by keeping sensitive information encrypted outside the blockchain, this approach essentially shifts trust from the consensus mechanism to the off-chain encryption layer, introducing new risks around key management, availability, auditing, and verification that must be mitigated.

I think there's a reason most leading L1 chains are pursuing rollup-based L2 solutions using advanced cryptography like zero-knowledge proofs to deliver privacy while still benefitting from the security of the underlying transparent blockchain. While some degree of privacy is possible through careful contract-level encryption, native support at the protocol layer via a layered L2 architecture seems to be the most robust approach.

I'm all for privacy and the use cases that become available as a consequence. We should continue exploring creative solutions to enable private use cases on Archway. I'd be all for a private L2 hybrid approach.

[emperorjm]

Thank you, @jlm0 , for your insightful input. If privacy isn't inherently integrated from the outset, off-chain methods appear to be our best option at the moment. This scenario reminds me of how early NFT solutions depended on external storage systems like IPFS but over time CosmWasm chains like Archway offered on-chain NFT data storage options.

You mentioned that "some degree of privacy is possible through careful contract-level encryption", but, is this truly feasible if contract-level key management isn't integrated into the current CosmWasm framework? At present, there's no method for a contract to encrypt data and then securely decrypt that data.

Layer 2 solutions designed with privacy (like ZKP) as a foundational feature might be promising. It might take some time before we see such solutions available for the Archway network and wider Cosmos ecosystem.

[zanicar]

My first response to this is "Distributed Public Ledger", so privacy concerns are one of the biggest hurdles to enable an entire new tranche of applications...

The big issue at this point is that obtaining levels of privacy on blockchain is rather expensive as it typically involves specific hardware requirements. For example, Secret uses a form of "black box computing", a.k.a. Trusted Execution Environments (TEE), that places very specific hardware requirements on validators to support this. It is essentially a combination hardware/software solution and long term sustainability and flexibility are prominent risk factors.

Pure software based solutions in this space remain elusive as even zkSNARKs and even ZK-rollups benefit from advanced hardware due to the complex polynomial mathematics involved (ZK-rollups merely move the requirements to another layer).

Another prominent issue in the space is the concept of Perfect Forward Secrecy that ensures that any future security compromise will not affect any past transactions or state data.

[bowenyou]

We at Fairblock offer a hybrid based approach to privacy using distributed Identity Based Encryption (IBE). At a high level, one is able to encrypt data to a particular ID as well as a specific condition (can be the return value of a function). Once the conditions have been met, a distributed set of keyshare holders are able to aggregate a decryption key.

This approach allows for a type of programmable privacy, in which applications developers have much more freedom and flexibility to incorporate privacy within their applications.

Take a look at some of our articles for more information.

[emperorjm]

Hi @bowenyou. Thanks for joining the discussion. Fairblock looks really intriguing. I see where Fairblock has cryptographic libraries that are compatible with Cosmos applications, both on the frontend level and within the consensus layer. Does this also extend to CosmWasm smart contracts?

[bowenyou]

We plan on supporting CosmWasm smart contracts if there is enough interest from the community. Any Cosmos SDK app-chain that integrates our module should be able to have pre-execution privacy out of the box for all valid messages (transactions). For conditional encryption, there will be a separate module which contains the relevant functionality.