Detailed Plan
Problem Statement (continued):
Many dApps (Decentralised Applications) will require access to the documents signed by the parties in order to proceed further with business process workflows. One of the viable solutions could be to encrypt the entire document with OpenPGP, store it in IPFS in encrypted format, and allow authorized parties to decrypt it. This solution is far from perfect.
What if you want to hide certain information in the document due to privacy concerns, but the rest of the information should be available? Or if you want multiple parties to have different levels of access to various fields depending on their roles in your business process, how would you do that?
In database terms, this type of granular access is called cell-level security, and some high-end business intelligence solutions, such as Microsoft Analysis Services implement it out of the box; however, these products are expensive and centralized. How would you implement cell-level security in a decentralized network of nodes, such as a blockchain?
Most likely you will move out this document verification process to an off-chain API, compromising the immutability and integrity that blockchain offers while also diminishing the level of trust in your DApp.
Describe your solution to the problem (continued):
Logosphere (https://logosphere.io) - a Layer 2 metadata side-chain backed by Fluree - an open source decentralized semantic graph database (funded in Fund 5) will solve that problem once fully integrated.
Fluree implements data centric security at its core through a feature called Smart Functions which conditionally defines who can access or modify data at the cell level. This way, the access rules are baked inside the data itself residing on an immutable ledger.
Smart Functions can reliably evaluate user identity and user data, because of Fluree’s fundamental implementation of cryptographic signatures for all queries and transactions.
In Fluree, an identity is defined by an auth record, which is the central component of data-centric security. Every query and transaction is attributed to a particular auth record which is derived from a user’s private/public key.
Since every query to Fluree is cryptographically signed, therefore all the fields that don’t have permissions to be visible by a particular identity are ignored and are not included in the query results. This is a simple and intuitive way of making sure that some data at the most granular level stays hidden from unauthorized parties, while being visible to the authorized ones without changing anything in the data itself., which is the central component of data-centric security. Every query and transaction is attributed to a particular auth record which is derived from a user’s private/public key.
Since every query to Fluree is cryptographically signed, therefore all the fields that don’t have permissions to be visible by a particular identity are ignored and are not included in the query results. This is a simple and intuitive way of making sure that some data at the most granular level stays hidden from unauthorized parties, while being visible to the authorized ones without changing anything in the data itself.
Deliverables
- Data-centric cell-level security model as a part of Logosphere TypeScript business model generator
- Results of ethical hacking
- Documentation and training materials
Relevant Experience (continued):
Ikigai Team: https://ikigaitech.org/
Michael Yagi: CEO of Ikigai Technologies. Former Senior Software Engineer @ Tableau with experience facilitating integration between different technologies across many different facets in a smooth, seamless fashion. His interest lies in building the bridge between the ocean and the pond (Cardano and “traditional” software engineering).
Dmitri Safine: CTO at Ikigai Technologies: ex-Amazon, previously senior solutions architect with experience in Cloud architecture, Data engineering, R&D and prototyping in Big data and analytics space. He has built numerous data lakes, ETL pipelines, multidimensional cubes and data analysis applications, and is passionate about identifying emerging technologies and composing them into cohesive scalable solutions that solve problems.
Chris Chung: COO at Ikigai Technologies, Executive at Coding Dojo, President of C2 Marketing Solutions and Advisor to multiple start-up companies; Chris comes with an array of knowledge ranging from marketing (his original area of expertise) to business operations. Chris has been featured in 425 Business Magazine and Millennial Magazine for his business accolades and accomplishments.
Manik Jain: Blockchain Developer at Ikigai Technologies. Certified Blockchain Developer with 8 years of Full-stack development experience in Fin-Tech while working globally. As part of the capstone project at Blockchain Development program, Manik had developed a prototype that integrates Cardano & Fluree blockchains to use Cardano provided private-public key pairs to sign and verify Fluree DB transactions. His proposal for Digital Self Sovereign Digital Identity tokens being issued “privately” on the public Ethereum blockchain was highly appreciated by Blockchain Research Institute, Canada and KPMG, Canada. He’s been an active contributor to Open-Zeppelin, that aims to provide standards for Ethereum Smart Contracts; and NFT.Storage that works on top of IPFS for decentralized data storage. Additionally, he has worked for a Canadian Blockchain startup, Eukapay, that aims to accept crypto payments for FIAT CAD. He also has been involved with a real-estate blockchain project based in the US to set up their ICO.
Taylor Yoon: VP of Engineering at Ikigai Technologies. Former Senior Software Engineer @ Tableau, Taylor has been a part of several projects and an expert on full-stack technologies. Taylor is integrating the technology into our dApp and make sure all libraries and APIs are not just functional, but practical and useable for all types of engineers.
[In Progress] Lead Software Engineer: The team is in progress of signing stages of another Lead Software Engineer at a Fortune 200 company with an extensive background in functional programming as well as developing databases.
Ikigai Partners:
Fluree: With our recent partnership with Fluree (https://flur.ee/partners), we have will work with a team of 17 professionals that will be assisting with development and advisory in various capacities.
Defining Success
The development of the cell-level security model will go along with the implementation of the Logosphere ecosystem which will span about 9 months with estimated completion in Q2 2022.
3 months in
- Logosphere cell-level security primer (centralized). This will allow for the off-chain data layer running privately to be sharing data with authorized users. Think of a traditional database running on your local network with cell-level security enabled.
- Engage with Cardano DApp projects to identify use cases for data centric cell-level security
- Capture the most common use cases and generalize them into generic model
- Abstract Fluree Smart Functions as easy to use methods as part of a generated TypeScript business object model
- Test the solution in a centralized architecture of “logos nodes” (cardano + fluree) running locally
6 months in
- Logosphere cell-level security primer (decentralized)
- Deploy the cell-level security primer into the infrastructure of beta-testing SPOs
- Repeat the tests from local settings in decentralized scenario where DApp ledgers are replicated across the network of nodes
- Engage the ethical hacking community trying to break the cell level security and get access to not allowed fields in documents in a test ledger.
9 months in
- Widespread adoption of Logosphere by Cardano DApp community
- The issues identified during the testing are fixed
- The cell-level security solution is considered safe
- Documentation and training materials
Public Launch Date: July, 2022
Budget Breakdown
- Use case discovery ($3,000)
- Development ($17,500)
- Hacking community bounties ($10,000)
- Documentation and training materials ($2,500)
KPIs
- # use cases analyzed
- # participants in beta program
- # tests conducted / succeeded / failed
- # issues identified / resolved
- # adopting DApp projects
- # of decentralized nodes running