Dot.Blog All news in Polkadot Ecosystem

A Deep Dive Into Phala Network
Phala Network is a Substrate-based interoperable cross-chain confidential smart contract platform, aiming to provide privacy computing and data confidentiality services for all users and companies. Empowered by the computing powers of TEEs, Phala Network will be a parachain on Polkadot and the infrastructure of next-generation privacy protection.
Published date: March 21 2021
Share:

What is Phala Network?

Phala Network is a Substrate-based interoperable cross-chain confidential smart contract platform, aiming to provide privacy computing and data confidentiality services for all users and companies. Empowered by the computing powers of TEEs, Phala Network will be a parachain on Polkadot and the infrastructure of next-generation privacy protection.

Unlike Bitcoin and Ethereum which build consensus based on each single node to solve double-spending issues, Phala smart contracts are trustless themselves because of a physically isolated secure enclave in CPUs — the Trusted Executive Environment. The security of the whole network can be guaranteed without time-costing consensus algorithms and Phala miner nodes can be freed from the consensus validating work to run contracts computing parallelly. Each one of them will be able to host one contract with its full computing power, which enables the computing performance to scale linearly as the number of miners grows.

Based on such a powerful network, Phala built W3A — a decentralized data analytics tool — for users and companies. Analysis using W3A will output the results only without any raw data. Before W3A, they had pLIBRA — a confidentiality-layer bridge between Polkadot and Libra. They both won Grants from Web3 Foundation.

Problems that Phala Network solves

Right now, the problem that many projects are facing is: Smart Contracts can not call each other before they execute computation. Phala has discussed relevant solutions with Parity and has come out with a mature plan. Beside, Phala also find out the decentralized storage technology:

In normal logic, once data is collected, it means the transfer of data sovereignty has been completed. In many UGC (User Generated Content) platforms such as WeXXX, Dou XXX, Red XXX, the user agreement will always mention the following rules:

The content you upload, publish or transmit on this site and related services (including but not limited to text, images, audio, video, live content and other forms of content, and the music, sound, lines, visual design, dialogue, etc. included in it), you grant the company and its affiliates, controlling company, and successor company a global, free, non-exclusive, sublicensable (through multiple levels) right (including but not limited to reproduction rights, translation rights, compilation rights, information network dissemination rights, adaptation rights and the rights to produce derivatives, performances, and displays, etc.). The use scope of the above rights includes but is not limited to current or other websites, applications, products, or terminal devices.

Platforms that rely on recommendation algorithms for heavy advertising operations, such as TikXXX, Today XXX, emphasize the followings in their user privacy policies:

Similar technologies such as cookies and device information identifications are commonly used technologies on the Internet. …We may use this type of technology to understand your preferences and usage habits, conduct data analysis to improve products and services, recommend information or features that users are interested in, and optimize your advertising choices.

This means that once we click “Agree”, both our information and the information generated by us will be collected, analyzed, shared, and transmitted to uses and third parties beyond our control. The only completely controllable method is to uninstall, but this means to leave this era — — the Internet era has forced users to “agree” or even get used to hand in the information and continue to do it.

Now Phala Network have a choice. The emergence of Phala decentralized data analysis platform W3A, which uses TEE network and decentralized storage network technology, has made the process of “collection” and “transfer” limited and controllable.

Different from the traditional paradigm, in Phala’s decentralized data analysis platform W3A, user data will not be controlled by Phala, but will be uploaded and stored in a decentralized storage network similar to IPFS. Every time others collect and use your data will first get your permission, and you will get rewards from it.

Specifically, the flow of data will be broken down into the following parts in W3A:

  • Collection: Collect data and store it in a decentralized storage service with end-to-end encryption throughout the process.
  • Custody: Users can manage, authorize, and delete data through confidential contracts.
  • Transaction: A trading market is provided, users can put data on it and earn profits.
  • Analysis: The demander only purchases the right to use the data. After the demand side realizes the purpose and analysis algorithm, W3A will execute the analysis according to the algorithm after obtaining the authorization of the source data, and finally only output the results.

Take the analysis of user-health data as an example. If the user’s private health information such as schedule, diet, habits, is agreed to be analyzed, it will be encrypted and uploaded to the distributed storage network, and then calculated through the W3A private computing network, and finally, output the result. The analyst will pay PHA as reimbursement for using network resources and source data, while users who provide source data will receive PHA as a reward for providing data, and TEE miners will receive PHA as a reward for providing computing power.

The Most Characteristic Features of Phala Network:

Trusted Execution Environments

A hardware Trusted Execution Environment is a confidentiality modality that enables secure computing. A secure enclave is an instance of a TEE that provides integrity for the enclaved programs and confidentiality for both the program and the data that it operates on. This data includes program state, transaction payload, and the result of the computation. The Oasis platform and runtime (including the reference runtime implementation) provide secure computing using TEEs. The advantage of this is near-native performance and with confidential VMs the ability to run binaries compiled from any programming language or framework for ease of adoption.

Differential privacy

Used to ensure that the results of a computation do not leak sensitive information. There is differential privacy for statistical queries, where the query results cannot be used to get information about any specific row in a database. There is differential privacy for machine learning, where you can ensure that the models do not leak sensitive information that was used to train them. Applications here are data sharing via results of differentially private computations on the data.

Zero-knowledge proofs

A privacy modality that can be used to check constraints on private inputs where the information is encrypted and never made accessible to an individual but only to an algorithm used to verify that information and proof of ownership. Applications here are checking credentials, providing privacy-preserving transactions(Zcash), etc..

Homomorphic Encryption

A secure computing encryption scheme, where functions are evaluated over encrypted data without the need to decrypt the data before use. The results are produced in the encrypted domain and can be decrypted by the data owner with the same keys used to encrypt inputs. There is still work ongoing to make this efficient. For some areas such as machine learning training, there have been successful implementations of HE schemes. At this time they do not provide near-native performance that secure computing using Trusted Execution Environments (IntelSGX, AMD SNP) provides.

Secure Multi-Party Computation

This is a privacy modality where the data does not leave the site of ownership but instead, each participant runs an SMPC algorithm locally in their own environment such that the results can be used by all participants and none of the participants ever gaining access to the data they do not own. This has a lot of communication overheads and requires participants to be able to support computing environments that can participate in SMPC.

There are advantages in using some of these techniques for specific use-cases. In our view, there is no one size fits all but instead, the choice of technology is driven by the trust and threat models of the participants. Having said that, there are efficiency disadvantages with many of the above techniques that once addressed will enable them to be mainstreamed. At Oasis, Phala Network are agnostic and non-prescriptive when it comes to privacy and confidentiality technologies. Our architecture is built to take advantage of any and all of the available technologies as they become competitive or become necessary for the use-cases Phala Network deal with.

Phala Products

pLIBRA

pLIBRA is an answer for the KYC challenge on Facebook’s Libra projects. It provides private transactions for Libra tokens. Besides, dApps running on Libra can use this product for a fully decentralized and private solution. Libra needs to implement KYC to answer the regulation worries. In other words, users have to provide their data to use Calibra wallet and Libra coin. pLibra makes it possible for them to provide their data, but the actual data will only be visible to the owner.

Web3 Analytics

Google Analytics is the most popular analytics solution for websites and applications. Web3 Analytics is the decentralized version of this program. Only if the service users give consent to use their data, the analytics program will collect and process their data about website visits and other actions. In other words, users have full control over their data. Something that isn’t possible yet in centralized systems. Phala Network received a Web3 Foundation grant for both of the above products. It means the blockchain is on the correct path for becoming a successful parachain on Polkadot.

Utilities Of PHA Tokens

PHA is the primary token of Phala Network. It has many utilities, that most of them are focused on payments. Paying for CPU-time, on-chain storage, network bandwidth, and any other Phala resources is done by PHA token. Besides, it’s the native token for confidential smart contracts. Those contracts transact data and payments with PHA.

To become a Gatekeeper on the Phala network and guarantee the security of the system, you should stake a certain amount of PHA tokens. The tokens are locked to guarantee the goodwill and legal action of Gatekeepers. Besides, governing the blockchain is only available for PHA holders – with a certain amount of holding. Other use-cases include settlements for Phala products like Web3 Analytics and cross-chain bridges.

Token Distribution

The distribution model for the PHA token is:

  • 5%: Team Reward
  • 15%: Token Sale
  • 1%: Reward for Testnet
  • 9%: Airdrop
  • 70%: Matrix Mining – TEE miners

Users can also receive PHA tokens in various ways. They can contribute TEE computing power and become miners. Being a Gatekeeper or Nominator is another way for getting PHA. For becoming a Gatekeeper, you need an Intel SGX-enabled computer with an ultra-fast network and enough power supply. For becoming a Nominator, you only need to hold PHA tokens.

Roadmap

Partner and Cooperator of Phala

Conclusion

Confidentiality has always been a significant burden in front of businesses that held them away from public blockchains. They needed some protected systems to hold and manage their data in a decentralized manner. Phala tries to solve this challenge with the help of TEE technology.

The blockchain uses the security levels of Polkadot for ensuring a safe environment, too. Some products are launched on Phala, and there are many opportunities for others looking for a confidential layer of security for their applications and transactions.