Security Implementations
Our system is designed with a layered security approach to protect sensitive user data and ensure that only authorized parties can access or process this information. Here’s how security is maintained throughout the workflow:
Data Encryption and Key Management
Asymmetric Encryption: Each stakeholder (User, Dapp, TEC, etc.) uses a unique private/public key pair.
User Keys: The user's private key is generated and stored only on their device, while the public key is shared with the network. This ensures that any data meant for the user can only be decrypted on their device
Dapp Keys: The Dapp's private and public keys are used for signing requests and encrypting final computed results, ensuring that only the intended Dapp can decrypt the data.
TEC Keys: TEC employs a key pair (with additional mechanisms from Lit Protocol) to encrypt and decrypt data securely during computation. This means even when data is in transit or being processed, it remains inaccessible to unauthorized entities.
Token Encryption: OAuth tokens from Twitter are encrypted immediately upon retrieval using TEC’s public key, ensuring that tokens are never exposed in plaintext.
Secure Multiparty Computation (MPC)
Lit Protocol Integration: The TEC leverages secure multiparty computation (MPC) through Lit Protocol to validate decryption requests. This ensures that no single party has full control over the decryption process.
Validation of Requests: Decryption keys and parameters are only released if a valid, authorized request is made, preventing unauthorized data access.
Distributed Trust: The MPC approach means that sensitive operations are split across multiple nodes, reducing the risk of a single point of compromise.
Data Handling and Storage
Minimization of Data Exposure:
No Raw Data Sharing: The Dapp receives only the computed result from the secure computation; raw user data (such as tweets or Twitter IDs) is never shared directly with the Dapp.
Ephemeral Tokens: Sensitive tokens are encrypted, stored securely, and accessed only for the duration of the computation, reducing the risk of misuse.
Secure Storage with ESS: Encrypted data is stored on a third-party service (e.g., AWS) but is only accessible through secure pointers maintained by ESS.
Data at Rest: All stored data is encrypted, ensuring that even if storage is compromised, the data remains inaccessible without the proper decryption keys.
Pointer and Parameter Storage: ESS securely stores pointers, ensuring that even when data is retrieved, only authorized processes can decrypt it.
Access Control and Authorization
Permission-Based Data Access:
User Authorization: Users must explicitly grant permissions for their data to be accessed and processed. This is achieved through a secure OAuth flow, where the user’s consent is mandatory.
Scoped Data Requests: The system is designed so that the Dapp can only request the final computed results rather than direct access to raw data, ensuring that user privacy is maintained.
Verification of Real Users:
Key Generation on First Signup: Every new user generates a private/public key pair upon joining the Intract Protocol, ensuring that each entity in the system is uniquely identified.
Digital Signatures: All transactions and data exchanges are signed using the respective stakeholder’s private key, which verifies the authenticity of the request and ensures that only real, authorized parties can initiate secure data processing.
End-to-End Data Integrity
Data Integrity Checks: Throughout the data processing workflow, integrity checks (e.g., cryptographic hashes) are employed to ensure that data has not been tampered with during transit or storage.
Audit Trails: Every key transaction—from OAuth token generation to final result delivery—is logged. These audit trails help in identifying and mitigating potential security incidents and ensuring compliance with data protection standards.
This multi-layered security design guarantees that sensitive user data remains secure at every stage of the workflow, and that only verified and authorized entities can access or process the data.
Last updated