种源Corda的隐私丢失 [英] Privacy loss in Provenance Corda

问题描述

在闭环网络中，当各方转移资产时，与之关联的交易也将被共享。因此，另一方将了解我过去与该资产进行的交易的所有信息，尤其是在现金或证券的情况下。这实际上是一个隐私问题。另外，由于它是一个专用网络，几年后，网络中的每个人都可能基于其交互来了解其他所有节点的过去交易（即使不是全部）。

In a closed loop network, when parties transfer assets, the transactions associated with that are also shared. So the otherparty would get to know everything about my past transactions with that asset especially in the case of cash or securities. This actually is a privacy concern. Also, since it is a private network, after few years everyone in the network might get know the past transactions(most if not all) of every other node based on their interaction.

此问题的处理方式或解决方法？
您如何将隐私的这一方面与其他平台进行比较？

How this issue handled or is there a workaround for this? How do you compare this aspect of privacy with other platforms?

推荐答案

解决这些隐私问题的多种技术在Corda 技术白皮书的第15部分中进行了讨论，即：

A number of techniques to address these privacy concerns are discussed in section 15 of the Corda technical whitepaper, namely:

• 交易剥离


• 机密公共密钥


• 图形修剪


• 安全硬件


• 混合网络


• 零知识证明

• Transaction tear-offs
• Confidential public keys
• Graph pruning
• Secure hardware
• Mix networks
• Zero knowledge proofs

其中，交易剥离已被实施，并用于公证和预言等案件。但是，以目前的形式，它们不能解决通过事务解析来查找数据的问题。

Of these, transaction tear-offs are already implemented and used for cases such as notarisation and oracles. However, in their current form, they do not address the issue of finding out data via transaction resolution.

机密公钥也已经实现。它们允许将一次密钥用于每笔交易，因此无法根据所使用的密钥来关联交易。这意味着您可以在不知道参与交易的各方身份的情况下验证交易链。

Confidential public keys are also already implemented. They allow one-time keys to be used for each transaction, so that transactions can't be correlated based on the keys used. This means that you can verify a chain of transactions without knowing the identities of the parties involved in the chain.

图修剪，有时也称为链切割，已被支持，并且已在某些R3成员的项目中使用。受信任的中央方（例如，货币发行人）将以非原子方式重新发行资产，以缩短交易链。

Graph pruning, or "chain snipping" as it's sometimes known, is already supported, and is used in some of the R3 members' projects. A trusted central party (e.g. the issuer of a currency) will re-issue the assets in a non-atomic way to shorten the transaction chain.

安全的硬件隐私层也正在以SGX的形式实施。 R3与Intel达成了使用其飞地的协议。当前的计划是在软件区域内进行事务解析，以使用户在事务解析期间完全看不到任何数据。

A secure hardware privacy layer is being implemented in the form of SGX as well. R3 has an agreement with Intel to use their enclaves. The current plan is for transaction resolution to occur within software enclaves, so that no data at all is seen by the user during transaction resolution.

我的理解是零知识证明对于Corda使用的复杂交易而言，它们仍然太慢而无法实现，但是它们可能会在将来成为可行的技术。我不知道使用混合网络来保护隐私。

My understanding is that zero knowledge proofs are still too slow to be feasible for the complex transaction used by Corda, but they may become a feasible technique in the future. I am not aware of any usage of mix networks for privacy.

Corda架构的好处之一是这些隐私技术可以相互叠加。例如，密钥随机化，图修剪和安全硬件技术是兼容的，并且可以同时使用以实现更大的隐私。

One of the benefits of Corda's architecture is that these privacy techniques can be layered on top of each other. For example, key randomisation, graph pruning and secure hardware techniques are compatible and can all be used simultaneously to achieve greater privacy.

这篇关于种源Corda的隐私丢失的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！