1. 12

  2. 3

    It looks like they’re doing a classic prime accumulator, except the prime isn’t the secret, it’s a salted hash of the secret. Can anyone explain the verification process?

    This blog post is really poorly written imo (unclear/oversimplified) and the code samples don’t help, especially on mobile..

    1. 3

      I don’t know enough crypto to see issues with this, but I looked and this is their only post on crypto in the blog. They also don’t have any other crypto projects on their github. So I’m guessing there are probably really big flaws? Seems weird to say that having studied the alg itself, but “don’t roll your own crypto” is a saying or a reason…

      1. 2

        OP here. The code is a fork of a project from startcoin who do have several other crypto projects on their Github account. What we did was to move the hashing from the server to the client, thereby removing the need to expose the identity of the set members.

        Also, I may not have other crypto projects on my personal blog, but I do work in the Frontiers department in Tradeshift - a fintech with approx. 1200 employees. In the Frontiers department we are focusing on emerging technologies, and we have made some headway in the crypto space.

        That is not to say that there are no flaws, and I would love to hear feedback from external code reviewers.

        1. 1

          Thank you for clarifying!

      2. 2

        “…Given this technology, we now have the ability to anonymously prove memberships of sets in almost any imaginable context. There are obvious use-cases in decentralised authentication, but there may be many more interesting uses for it. ..”

        I agree, I think the business opportunities that this type of approach opens up is enormous, and can easily given an edge/advantage to newcomer companies entering the fields where anonymity (which goes well beyond privacy) is a measurable advantage.

        1. 2

          Private set intersection, and similar secure two-party computation protocols have existed for at least a decade. There is a whole body of research into efficiency optimizations. This is not new, companies just don’t care/aren’t motivated/aren’t incentivized to use it.

          1. 1

            What do you think the reasons why these methods did not make into commercial space, yet?

            At one point in time I was working on privacy preserving health history databases, was looking into using homomorophic encryption and k-anonymization (this was 2008 or around).

            For us, at that time, recepies were not there, integration with existing database technologies were not there, performance-aware libraries were not there …. and we were refused a fed grant, we applied for…