Empower dapps to perform encryption, threshold decryption, and signing on the IC by allowing canisters to call a threshold key derivation interface. This feature will enable canisters or individual users to encrypt messages under the public key of the subnet, so that they can be decrypted by calling the threshold key derivation interface for the corresponding decryption key that is secret-shared among the replicas.
Integrating this feature will enable canisters to store end-to-end encrypted user data (e.g., storage, messaging, social networks) without having to rely on browser storage for user-side secrets, as well as enabling transaction privacy within canisters (e.g., closed-bid auctions, front-running prevention).
In this community conversation, we’ll walk through the proposed design and take any questions or suggestions.
Speakers:
Aisling Connolly, Senior Research Scientist at DFINITY
Gregory Neven, Staff Researcher at DFINITY
00:00 Introduction – Security in Web3
03:41 On-Chain Encryption Intro
08:50 Mental Model
14:03 Cryptographic Foundations
16:54 Use Case – Secure storage
19:48 Use Case – End-to-end encrypted messaging
24:31 Use Case – Front running prevention (MEV)
28:56 Q&A
