Recap | Bibox × Phala AMA

Image for post
Image for post

# 1. Could you please say hi to Bibox community and briefly introduce yourself and the project you are responsible for running?

Phala dedicates itself to release computing powers in TEEs to serve other blockchains of Polkadot and other ecosystem products such as DeFi. We hope the value of privacy protection could be extended to “confidentiality protection”, using our tech to protect all data from leak and breach.

As we know, on all blockchains, for now, data and information are completely transparent. And Phala aims to create a confidential smart contract that could process general-purpose computing with Turing completeness.

# 2. Alright, now let’s dive into Phala Network. As a privacy-preserving protocol for data-protection and blockchain smart contracts, how does Phala team value privacy? Do all have the right to privacy? Some may even say “we either have privacy or we do not at all.” Do you agree with that?

We all heard about Murphy’s Law: no matter how small the chance is, where there is the chance, it’s gonna happen. No matter how small the chance our data to be sold, when it happened and were revealed, we can’t do anything and don’t get any payment.

This is why we built Phala Network — to eradicate the sin of data collection and data hosting. Data is asset. It should be protected and succeeded, instead of being stolen, spread, and sold.

During Feb 2020, the Chinese-version Twitter — Weibo — leaked 50 million user data, and was demonstrated that all the data was traded in darknet. I investigated this breaking news by disguising myself as a spy to record how they trade data like milk and eggs. I also got revenged by them after I published my investigation report:

I totally agree with the idea. I know in Europe people value privacy so much that they consider it as part of human rights. European friends here must be familiar with the GDRP — General Data Protection Regulation. Also, California legislated CCPA — California Consumer Privacy Act — which is now officially effective.

The reason why privacy (or confidential info) is so hard to be fully isolated is it’s so convenient to transfer it to anywhere you want. And they are not separated — only 1 single line of phone number or IP address would restore a whole database about the real you: who you are, where you live, and what you like. The moment we click “I Agree”, we not only hand in the so-called “necessary” data, but a virtual online-living you. Here lies the paradox: we have to, at most of the time, willingly sacrifice ourselves to trade for online facilities and services.

It seems like sophistry as you claim “we either have privacy or we do not at all”. The truth is all we lack is THE technology. If there were no such tech, it’s philosophy; if there is (like what Phala do), it’s a NEED to be satisfied.

The area where Phala is developing is actually a trend and getting mature day by day.

- Data management should be trustless, which means, never be passed by a living human. Once it’s transferred and processed by someone, there is a chance to leak. We should not hand in any line of our data to centralized companies.
- Blockchain make it possible to be “trustless”. But blockchain itself is too transparent to host confidential information.
- TEE technology is applied more frequently in data protection. Yer one single TEE is vulnerable against attack and hard to provide utility.
- Phala combined confidentiality and utility together by TEE-blockchain hybrid structure.

# 3. Can we talk about this tweet? It is pretty eyes-grabbing; I know I pretty much give up on my data privacy every time I click that shinny “Agree”. Nobody is surprised to know I hold a fatalistic view of this phenomenon and that is why I am very interested in your promotion tweet. Can you talk more about how Phala can help us on this issue?

LOL, thank you for following. This was our stall in Hangzhou International Blockchain week. We decided to present an interactive lesson instead of selling ourselves like others do.

The stall was designed to enlighten the passersby about how many unreasonable terms were written in User Agreements. People can vote “I don’t want to agree” on the screen aside and see the rank of “trustless apps”.

Image for post
Image for post

We all know this world is built on data, as lots of companies are built on data. But how do they collect data?

- You click “I Agree”
- Your behavior recorded by SDKs and reported the devs
- Your behavior viewed and analyzed by staff
- Staff improve app according to your behavior

But after all this, your data is expired. They can decide how to deal with your data as they wish, and this is literally written the “Privacy Protocols”.

We want to make this world a better place through SDKs. Now please allow me to introduce — Web3 Analytics.

You may ask: how is it different from other analytic tools? how is it possible to analyze without collecting data?

You may regard it as a black box where all the magic happens. All data transmission and computation will be processed ONLY in TEE and by TEE — TEE is a completely safe and isolated hardware area within CPU. Even the manufacturers themselves won’t know the key of TEE.

In the traditional way, your data is collected only after a single click. But in W3A, every authorization for every different reason would have to be approved by yourself. You can cancel your authorization whenever and wherever you want. At the same time, you will receive PHA as the return of providing your treacherous personal data.

For example, if I want to know how much you spent on drink consuming last month, in the traditional way, I have to first collect what you drink every day and how much you paid. But in W3A, all that mentioned above will only be known by the TEE running in YOUR COMPUTER, and it would output a result to me saying “Ok he/she spent $237 on soft drinks.”

# 4. Speaking of confidential data, I know Phala technology applies TEE (Trusted Execution Environment) where data can be run privately and safely. Can you explain this to our communities in plain language?

Actually every one of us owns a “blackbox” in our hands. Our phones, where your fingerprint is stored. The whole verification process can not be affected by any other 3rd party. In the end, your phone will send a message to the system indicating “it’s you” or “it’s not you”. That’s it. FaceID works the same way.

Image for post
Image for post

But a “blackbox” alone won’t provide more confidential value to various use cases. Thus Phala decided to connect the “black boxes” together and build a “blackbox network” to realize larger-scale data protection.

Image for post
Image for post

# 5. We see Phala is listed on Web3 Accepted Grant Applications lists. Can you share with us how Web3 helps you in developing your product?

For instance, one of the core parts in Phala Network is to establish the trust between the blockchain and the pRuntime in TEE. Therefore the pRuntime needs to validate the blocks and derived messages from the blockchain in TEE, which means we need to build a Substrate light validation client in the TEE.

Unlike simple blockchains such as Bitcoin, validating blocks with Substrate’s advanced consensus algorithm, Grandpa over Babe, is way more challenging. It’s the engineers from Substrate Builder Program that offered us great help: code samples, and a few code triaging sessions from the beginning. Without the support from Parity and W3F, we could not imagine it can be built within just three weeks.

Phala will, in the near future, run as the parachain of Polkadot and the infrastructure of blockchain confidentiality to provide data protection service with contract-level parallel computing performance.

# 6. Now let’s talk about Token Economics. Can you share a bit more about the design philosophy? I bet it was debated fiercely before the PHA token economics was rolled out.

But we designed it like this because:

1. We want more miners to provide their TEE devices;
2. Based on reason 1, we hope this network to be as stable and secure as possible so it’s impossible for hackers to identify which single one TEE should be attacked;
3. It’s possible to adjust the quality and requirement of computing power.

Phala would be featured by private computing power and data dealings. And PHA will capture the value of any behavior related to:

1. Deals of Data Authorization: between analysts and data providers;
2. Resource of Trusted Computing: e.g., trusted computing power, on-chain stats, off-chain storage, etc.;

PHA would be necessary if you participated in:

1. NPoS Staking: a must to participate in Phala on-chain governance;
2. Community Building.

And there will be 3 waves of PHA Airdrop. The first and second ones are for Polkadot ecosystem; the third wave would be for a decentralized storage ecosystem. Wave I has ended on July 15. It is estimated that on Aug 15, there would be 200+ addresses proportionally sharing 27 million PHA. The next wave would be in 2021 :).

Image for post
Image for post

# 7. Phala testnet “Rorschach” will be launched on July 20 with 100,000+ $PHA distributed to node runners and all participants! PLEASE let us know how to run the node.

1. PoC-1: private asset coining and private transfer;
2. PoC-2 (Rorschach): Gatekeepers, NPoS Staking, nodes, governance, dark asset wallet;
3. PoC-3: TEE mining (coming soon at the end of August!)
4. PoC-4: official public testing of W3A

Phala mainnet will be after a canary launch like Kusama.

Ok now if you are really interested us, PLEASE DON’T MISS the Testnet Rorschach Incentive Program. We prepared over 100,000 PHA for all participants. It’s simple, easy, and fun :)

Image for post
Image for post

BTW, there is a SMALL SURPRISE on testnet waiting to be revealed. Join our telegram, stay tuned, and claim everything you can claim ;p

And don’t forget this retweet event: https://twitter.com/Bibox365/status/1287928423411679232
winners will be announced at UTC 12 pm, Aug 10 🎁

About Phala

Website | Twitter | Github | Telegram | Discord

Image for post
Image for post

Written by

Infrastructure of Web3.0 privacy protection

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store