Question about work on Privacy of Contracts

I was going through the whitepaper (I’ve read it in segments, but only recently read the whole thing in one sitting - typical, lol) and had a question with regards to section 5.1 Privacy of Contracts under 5. Future Work. I’ve attached an image so people don’t need to go digging for it.

A question I had briefly thinking about this issue is how something as simple as a screenshot could be accounted for (if at all). I’m sure this is something the team has thought much about already, but I’m curious.

Of course, if there is sensitive information screenshotted and later spread that can be traced back to a particular juror then there are simple remedies. However, there are no shortage of ways to anonymously distribute information so I doubt we’d see a situation this simple.

I could imagine a situation in which a user’s doxx may be revealed in information relevant to the case (i.e., information that can’t simply be redacted when presenting evidence to jurors). If there is sensitive information that the user doesn’t want disclosed (information about their personal life, finances, business, etc.) a juror could use this material as blackmail to extract value from the victim in a way that doesn’t tie him back to any particular juror.

I know of programs like Honorlock that are used in school that disable certain functions of the computer by only allowing you to view content in a certain, monitored window (excuse the poor explanation). Perhaps something analogous could be a potential solution that can be implemented in certain cases by specifying it in the smart contract. I don’t think people (particularly the type of people active and interested in blockchain technology) would be very receptive to this solution though.

I’m interested on the community’s thoughts. There’s a good chance I’m overlooking something that makes this entirely a non-issue. Looking forward to the responses, thanks.

privacyOfContracts1002×532 93.3 KB

This is a very challenging problem, and it is likely that only partial and/or somewhat imperfect approaches will be available to deal with it. Ultimately, if information needs to be seen by the jurors for them to be able to competently rule on a case, it is difficult to get strong privacy guarantees on that information, as the jurors are after all pseudo-anonymous, crowdsourced people. Indeed, if you appeal a case enough times, a large proportion of the community will ultimately see the evidence for that case.

So far, in our research, the kinds of approaches we have mostly thought about have been case-specific ways of minimizing the information that needs to be shared with jurors and/or disassociating from parties. For example, one could imagine a flight insurance smart contract that offers refunds when flights are cancelled. Then if there is a dispute over whether someone is due a refund under this insurance, the question posed to the Kleros jurors could just be “Was Fight X cancelled?” without indicating who the party claiming the refund is, and hence not revealing her intended flight plans. Then, if the jurors rule that the flight was cancelled, the party can issue a zero-knowledge proof against the ruling to have her refund issued to her in a privacy-preserving way to an address that is never publicly linked to the case.

Conceivably, one could somehow have some percentage of fake disputes with fake evidence. Then to the degree that whether the ruling is actually executed in a way that has non-zero financial implications by the arbitrable contract is hidden using zero-knowledge tools similar to those of the flight insurance example, it would be unclear which cases where real. One could imagine that this could create some level of deniability for the evidence in the real disputes; however, in practice, the limited benefits of such a scheme would probably not outweigh its costs and complications.

I am also skeptical that people in the blockchain space would be receptive to using Honorlock-type programs to serve as jurors. In any event, it would be hard to enforce this, as Kleros is a protocol to which one clan plug in different front-ends, so even if some front-end incorporated this, it seems that jurors can get around it by using different front-ends.

I am also interested in hearing people’s thoughts.

I think privacy is extremely important to maximize as much as possible on Kleros. In the airplane ticket example, limiting who can see information to only Kleros jurors using a hash is a very good idea. I think the risk is acceptable here, for Kleros jurors to see necessary information. When you buy an airline ticket, many people who work with the airline and regulatory agencies and third party services can see who you are and where and when you are going. There is always the possibility of leaks, but that’s true in any system when humans have access to information. Kleros jurors should have a vested interest in keeping evidence private. Id be more worried about information being discussed during the case on Kleros jury chats, and non jurors seeing it. The parties supplying the evidence should be advised based on what their specific case is what information is necessary and what isnt as well.