SafeTrace: Privacy-Preserving Contact Tracing for COVID-19

Enigma community,

As we face the COVID-19 pandemic together as a society, our team at Enigma has been developing a platform called SafeTrace to facilitate privacy-preserving contact tracing — and now, we’re looking for collaborators. SafeTrace lets users share sensitive location and health data with other users and officials, without compromising the privacy of that data.

Why are we building SafeTrace?
In response to COVID-19, countries such as China, South Korea and Israel have implemented intrusive tactics for data collection. While collecting individual location data can help us curtail this pandemic, enabling correlation of private health records (COVID-19 test results) with location data introduces unnecessary risks.

The good news: we can do better . It is possible to leverage the power of highly detailed, accurate and widespread data to fight viral infections, without putting individuals at risk by exposing this sensitive data.

What is SafeTrace?
SafeTrace is a privacy-preserving data sharing and analytics platform. This service enables users to safely and privately share location data and their infection status. The objective of this tool is to help track social infection vectors.

Drawing on some parts of our existing code-base, we have constructed a privacy-preserving database and a querying tool that runs inside a Trusted Execution Environment (Intel SGX) that is hosted on IBM Cloud. This database takes in user location history and user infection status. Then, within a secure enclave, that data is decrypted and compared with the reports from all other users. This analysis can return two types of output:

  1. A “local view,” which is an individual report showing users where and when they’ve overlapped with individuals who have since tested positive

  2. A “global view” heat map that can help us better understand and curtail the spread of disease caused by COVID-19.

Our goal for SafeTrace is to create a standardized, privacy preserving database and querying tool for all COVID-19 location reporting initiatives that are currently taking place. This is essentially a “privacy preserving database-as-a-service”.

How can you help?
This is an open-source passion project by the Enigma development team to aid with efforts in addressing the COVID-19 pandemic. All of the work we do is open source under the MIT license. We are bringing our expertise to build a privacy-preserving database that can be used by all. However, there are a lot of areas where we still need help.

  • Epidemiologists / public health experts:
    We need to solicit feedback on how this data is most actionable both for individuals and also the society at large. The goal of individual reporting is to assess situations of close proximity to high risk individuals. This enables us to take better measures. We need feedback to understand what distance and time difference should trigger a high risk scenario (i.e 2 individuals within 10ft in a 1 day window can infect one another). We also would welcome feedback on our approach to global view visualizer. Please see issues X and Y that explain these asks in more detail.
  • Rust programmers, developers and engineers with Intel SGX experience:
    Enigma team is currently volunteering to lead this part. We would always welcome more hands
  • Mapping/visualization and experience working with Google Location data:
    We are using Google Maps APIs for the web portal we are building. Help is required to visualize outputs of privacy preserving computations in the Global View. For more information please see this issue
  • Notification / alert system:
    We would like individuals who opt in to receive emails (or other forms of notification like text) if they are found to be in a high risk area. We need help implementing the notification system. For more information please see this issue
  • Data privacy experts:
    To identify data leakage concerns and mitigations
    Front-end design and development:
    We need help with full-stack web development. Please see our current wireframes (WIP)
  • Devops:
    We encourage help in managing the overall development of this open project
  • Volunteers to provide sample data:
    Our proposal only provides value if volunteers participate. We welcome everyone who’s tested for Covid-19 to share their location history in a privacy preserving manner when we have an initial prototype

If you are interested in getting involved, we encourage contributors to visit CONTRIBUTE.MD and open issues in our repo with questions and contributions.

1 Like

Data privacy person here. (i could also learn rust)

1 Like

Hi I’m a cryptographer with experience in MPC and would love to get in touch with someone working on this project! I’ve spent the last few days working with a similar effort which, amazingly, decided on the same name (we’re I’ve talked to some other people in my community thinking about and writing up documents outlining similar ventures. It could be quite interesting/beneficial to compare notes or combine forces in some way?


Hey @superarius – Nice to meet you and thanks for reaching out, it will be great if we can collaborate somehow. @guy also has a background in MPC research!

we can coordinate scheduling if you email and !

Also in touch with Seha from your team. Let’s chat asap :slight_smile:

1 Like

Healthcare professional. Very familiar with CDC’s guidance/recommendations specific to COVID-19. Willing to evaluate/contribute to app’s clinical information.


Hey @BMK,

Feedback would be extremely appreciated. Currently there are a couple of github repos where we are soliciting feedback if you’d like to contribute.

We are planning to track symptoms in the future iterations of the project. Currently this is what we plan to ask user for symptoms

We need help classifying reported symptoms as high / medium / low risk if possible. Here’s an issue that discusses that -

Thanks and looking forward to collaborating!

1 Like

Shouldn’t be a problem. I’ll pop-in from time-to-time over the next few days. Message me if questions arise. BTW, I’m new to GitHub.