Lyron Co Ting Keh
@lyronctk
Crazy question raised by traitor tracing: How much money would it take to betray your friend? Traitor tracing is the best mitigation we have for server side privacy breaches (the core of the MPC v TEE discussion) MPC == "server that stores your data" is split between 10 people, users are hoping they don't get together to peek TEE == "server that stores your data" is a fancy box that's hard to break in to, users are hoping Google doesn't peek Unclear which one's better. Both are bad for the same reason: peeking historically hasn't been punishable Not good. Crypto rests on bad actors getting punished. It's why staking is so important How to make peeking punishable? For TEEs, there's no active proposal. For MPC, there is, and it's called traitor tracing. Traitor tracing == a way for a someone to prove their friend peeked via math i.e. If me and my buddy peek together. We're both traitors. My buddy can turn on me and slash me to oblivion
2 replies
0 recast
3 reactions
ncitron.eth
@ncitron.eth
I've never understood the interest in this kind of research because collusion can always be done within a TEE (or even in a second layer of MPC) to ensure that no party can whistleblow.
1 reply
0 recast
1 reaction
Lyron Co Ting Keh
@lyronctk
Interesting! Is there an extra step some subset of parties can do to disrupt the tracing algo? Either way, it still seems like a system requiring multiple dishonest parties to break is still strictly better than a system requiring one dishonest party to break
0 reply
0 recast
0 reaction
