Using Rust differential privacy libraries in contracts

darwinzer0 · February 17, 2021, 8:45am

Say I wanted to create a contract that let users submit some private data and then let other users see differentially private summary statistics, like mean and variance across all the users. Could I just hook in the Rust smartnoise library ( GitHub - opendifferentialprivacy/smartnoise-core: Differential privacy validator and runtime )?

It looks like they use openssl for random number generation: smartnoise-core/mod.rs at ae521c801e4369f966a90769db1a852707e18a3a · opendifferentialprivacy/smartnoise-core · GitHub . Does that create issues in terms of deterministic execution? I saw in the texas holdem example that ChaCha20 was used to randomly generate the deck. Would I need to update that fill_bytes function with something similar?

darwinzer0 · February 16, 2021, 10:21pm

I guess maybe a bigger obstacle is dealing with floating point numbers… there’s no solution to include floating point operations in contracts, yet, correct?

darwinzer0 · February 16, 2021, 10:54pm

I suppose one workaround is to use fixed-point arithmetic fixed - Rust . It would be slower but do-able. would mean needing to re-implement a lot more of the smartnoise lib.

reuven · February 17, 2021, 1:18pm

Your conclusions are correct, I’m afraid. And in fact we do use decimal libraries, and only use pseudo-randomness. Another problem with openssl is that it depends on dynamic loading of system libraries, which is just not a thing in our runtime (Wasm inside SGX), and even if it didn’t use dynamic linking, openssl uses a bunch of system components which are not available to contracts.

darwinzer0 · February 17, 2021, 9:06pm

great, thanks for the information!