I have studied Enigma and some of Guy’s papers, unfortunately I didn’t have time to build something on Enigma TestNet. I am working on a project that has privacy concerns. Although it is not possible to summarize the whole on-going project here, i can go ahead and simplify the flow.
Personas:
Alice => User in the system
- is customer of BobCo
BobCo(Bob’s Co-operation) => Third Party Authority
- BobCo has some information about Alice
What should be done ?
- BobCo will encrypt the data about Alice
- BobCo will send encrypted data to a decentralized storage like IPFS, Swarm, Storj
- Response from Storage systems will be references to encrypted files.
- These references will be stored whether in Public chain or Enigma Chain(because corresponding file is encrypted)
- Later on, Enigma fetches data from decentralized storage and decrypts the data. It makes computations over the data without the allowing the workers to directly see into the data.
Is it possible within Enigma to create a compound identity like in Guy’s paper (Decentralizing Identity)? You may think that Alice has a compound-identity(CI) with BobCo and this CI includes a shared key. Therefore, both Alice and BobCo can access the same data. In this case, if the data is encrypted using this shared key, is it possible to decrypt it and make calculations over it?
My solution for this problem does not sound sufficient for me. What I have done is creating a new Public Key pair and encrypt the data with public key while private key is transferred to Enigma’s secret contract. In this case, Alice can access her data and I can compute over encrypted data because the private key is stored in the secret contract(corresponding field of Alice). I am not sure if it works. If it’s not what’s the reason behind this?
I am open to new ideas and discussions. I would also be grateful if you offer some more readings to me.
Thanks,