I was wonder whether anyone implemented or thought of this on Corda in a more decentralised fashion without leaking any private data. In that fashion, we can calculate some aggregated value from all network participants without knowing their private information (i.e. each participant’s individual contribution to that aggregated value) and with the ability to detect / prevent malicious behaviours (i.e. participants not reporting data or reporting fake data). Non-validating notaries or some dedicated nodes could possibly act as "trusted dealers" in these setups.
We’ve done some early thinking, but it’s not currently part of the roadmap.
There are a few ways to do it:
With SGX you can have an enclave that receives Corda encrypted transactions, decrypts them inside the enclave, updates some internal variables, waits to be given another transaction etc. Once the input size goes over an amount that is comfortable from a privacy perspective, the enclave will be willing to reveal the aggregates. From a programming perspective it’s fairly trivial. Someone has to run the enclave, but they don’t have to be trusted, so it can be anyone and in fact just picking a random VM off the cloud is fine, so it can be seen as “decentralised” in a sense.
A big part of the SGX integration design work Andras posted here recently is finding a path towards our end goal that unlocks useful intermediate states. In Japan I mentioned that we want to ship a ‘developer preview’ of the SGX work we’ve done this year with integration into Corda some time next year – this is super vague and for good reasons. It’s cutting edge R&D and we’re an early adopter, so we expect the unexpected.
One of the things we’re producing as part of this work is our JVM-in-SGX, which we need to make Corda more private, but which could also be adapted for other use cases like aggregation. How to productize it and thus enable these other ideas is a topic of much discussion.