Private Set Intersection

boris · February 21, 2022, 6:12am

Private set intersection is a secure multiparty computation cryptographic technique[1] that allows two parties holding sets to compare encrypted versions of these sets in order to compute the intersection. In this scenario, neither party reveals anything to the counterparty except for the elements in the intersection.

Other variants of this exist, such as the server-client scenario, in which only the client learns the intersection of her set with the set of the server, without the server learning intersection of his set with the clients. [2]

via WIkipedia https://en.wikipedia.org/wiki/Private_set_intersection

boris · February 21, 2022, 6:18am

I was reading this tweet about smart contracts, especially malicious ones:

twitter.com

Alex 🥳

@alexcusack

When you authorize a third party app to your GitHub account it tells you how many users it has as a heuristic for trust We should be doing the same thing with self custody wallets — show total call count for a given function, # of wallets using a contract, etc. Good heuristics twitter.com/twobitidiot/st…

Ryan Selkis 📖 🖊🔑 @twobitidiot

OpenSea didn’t get hacked. Users learned a valuable lesson about self-custody and digital signatures. One that will be helpful if they ever need to secure digital assets and exit a hostile country. Self-custody and anti-phishing infrastructure is also due for a massive upgrade.

4:56 AM - 21 Feb 2022 37 2

This made me think that having a social graph of users you trust, and then be able to do a private set intersection with the contract that shows something like “Bob trusts Alice, and Alice gave approval to this contract 2 years ago, along with 45,678 other users” would likely be very useful.

I think this can be built out of contact lists / pet names, not necessarily “trust” relationships even.

“Bob has an account labeled Alice in his contact list, and the Alice account gave approval”

expede · February 22, 2022, 7:25pm

Two thoughts:

GossipSub has a live trust mechanism built in
Someone we know is working on this problem in a user messaging context, will DM you (not sure if public)

_sj · March 15, 2022, 9:07pm

TrustRank ideas are solid but implementations rarely reach critical mass.
Implied-trust from follower-maps has promise for bootstrapping.

“caredrop” substitute for “airdrop” as a way to bootstrap from feed/timeline scraping?

boris · March 15, 2022, 9:16pm

Definitely for bootstrapping, but more so from the perspective of any app developer and any user.

So the app dev (meaning: not just blockchain dapps) can build an app where the user can trustlessly / privately discover existing connections without the anti-pattern of “upload your address book to our centralized servers”.