• Stars
    star
    126
  • Rank 284,543 (Top 6 %)
  • Language
    Rust
  • License
    MIT License
  • Created over 4 years ago
  • Updated about 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Privacy preserving voluntary Covid-19 self-reporting platform. Share your location history and status, get alerts you are in high risk areas and identify high risk regions

License: MIT Contributor Covenant

COVID-19 Self-reporting with Privacy

Privacy preserving voluntary COVID-19 self-reporting platform for contact tracing. Share your (encrypted) location history and test status, get a notification if you have been in proximity to higher risk locations.

Overview & Motivation

Social contact tracing based on mobile phone data has been used to track and mitigate the spread of COVID-19[1]. However, this is a significant privacy risk, and sharing these data may disproportionately affect at-risk populations, who could be subject to discrimination and targeting. In certain countries, obtaining this data en masse is not legally viable.

We propose a privacy-preserving, voluntary self-reporting system for sharing detailed location data amongst individuals and organizations. Users will be able to encrypt and share complete location history, and their current status (positive, negative, unknown). Users will be able to update their status if it changes. This system will compute on shared, aggregate data and return location-based social contact analytics.

This system relies on 3 core services:

Location History data from Google Location Services via Google Takeout

Any user who has Location Services active with Google is able to obtain a JSON format file of their location history. They are also able to edit this file manually to remove any unwanted or sensitive locations (i.e., a home address). A user who does not use Location Services can manually add a history via Google.

Note: This service could be swapped/replaced by a mobile application at some point

A Privacy-preserving Computation service

Private computation is a term for performing tasks on data that is never viewed in plaintext. Our system will use private computation to generate individual and global analytics. In this scenario, private computation techniques could be employed to:

  • Identify users who have been in close proximity with individuals who have tested positive
  • Add noise to user locations, and then output that data to a map without revealing the original data to anyone, including application developers or server owners
  • Analyse and create clusters from user data, and output those results to a map without revealing original data to anyone TBD (we welcome suggestions for computational analysis that provides privacy guarantees as well as useful, high-fidelity output data)
  • Initially, we propose using an Intel-SGX based service that uses Trusted Execution Environments (TEE). Additional alternative private compute techniques include homomorphic encryption, multiparty computation, and differential privacy.

Visualization and notification services

Our working assumption is to:

  • Inform individuals who have been in close proximity of individuals who have tested positive via a notification system. This section is TBD based on requirements defined by experts
  • Create a visualization service for users (individual and social organizations) to track the current status virus outbreak at a granular level.

These diagrams provide an overview of how these services connect and how data is accessed and controlled throughout. Note: data is encrypted on the client side, remains encrypted in transit, and is protected by TEE security and privacy guarantees during compute.

image

User Story

  1. User creates an account (email and password)
  2. User views instructions for retrieving location data from Google Location services.
  3. User reviews Google Maps timeline, and optionally removes any sensitive activity (i.e., home address, work address, others)
  4. User exports her data via Google Takeout service
  5. User returns to app UI and uploads JSON file from Google Takeout for the previous month or two
  6. User indicates her current testing status (positive, negative, untested) and the date of the test (today's date if untested)
  7. User submits data to compute service (data is encrypted locally by the app prior to sending)
  8. User can now view "matches", where her data overlaps in time and proximity to a user reporting a positive test result
  9. User can opt in to receive emails if new matches occur, and prompting her to update her data and infection status periodically.

System Architecture

image

The system is made up from the following components:

Front-end UI

  • contains the self-reporting UI
  • displays the individual proximity match report from post-compute results
  • displays a heat map view of positively tested participants (global results) from post-compute results

Login / Unique identifier DB

Private Compute Service

  • contains code
  • maintains an encrpyted DB of submissions

Components

Data self-reporting UI

Requirements:

  • Clearly communicates to users the goals and possible risks of the service
  • Walks users through obtaining and sanitizing Google Takeout location data
  • Provides https-like assurances that UI is in communication with successfully attested enclave
  • Enables users to create a persistent email/password log-in
  • Enables users to submit, and update:
    • 1-2 months of location history in Google Takeout JSON format
    • Current infection status (positive, negative, untested)
    • Date test was administered
  • Runs data formatting and simple data validation on the browser Open Questions What are our options for data validation?

img

Private compute

Requirements:

  • Proves what code is being executed over the data
  • Proves integrity via Intel Attestation Service (IAS)

Input: Encrypted user location histories in Google Takeout JSON format

Output:

  • Positive matches between users who have had positive test results and users who overlapped with them on time and proximity for individual reporting
  • Clustering algorithm to run on location history of users who have had positive test results (with time dependend weights) for global view

Open Questions

Post-Compute Results

Current thinking is to have two services result from the computation:

  • A notification service for users who are untested/negative that tells them if they have overlapped in time/proximity with positive test cases [Link to detailed description]
  • An aggregate heatmap of locations where individuals with positive tests have been [Link to detailed description]

Open Questions

Get Involved

Below is a list of areas that we need help with and our open questions

  • Epidemiologists / public health: We need to solicit feedback on how this data is most actionable both for individuals and also the society at large. The goal of individual reporting is to assess situations of close proximity to high risk individuals. This enables us to take better measures. We need feedback to understand what distance and time difference should trigger a high risk scenario (i.e 2 individuals within 10ft in a 1 day window can infect one another). We also would welcome feedback on our approach to global view visualizer. Please see issues X and Y that explain these asks in more detail.

  • Rust programmers, developers and engineers with Intel SGX experience TBD - Enigma team is currently volunteering to lead this part. We would always welcome more hands

  • Mapping/visualization and experience working with Google Location data:

  • Notification / alert system: We would like individuals who opt in to receive emails (or other forms of notification like text) if they are found to be in a high risk area. We need help implementing the notification system. Please see the following issue for more details

  • Data privacy (i.e., able to identify data leakage concerns / mitigations)

  • Front-end design Front-end development for self-reporting UI

  • Devops

  • Volunteers to provide sample data: Our proposal only provides value if volunteers participate. We welcome everyone who’s tested for Covid-19 to share their location history in a privacy preserving manner when we have an initial prototype

LICENSE

The code in this repository is released under the MIT License.

More Repositories

1

catalyst

An Algorithmic Trading Library for Crypto-Assets in Python
Python
2,486
star
2

SecretNetwork

𝕊 The Secret Network
Rust
523
star
3

enigma-core

Enigma Core library. The domain: Trusted and Untrusted App in Rust.
Rust
91
star
4

secret.js

The JavaScript SDK for Secret Network
TypeScript
73
star
5

secret-toolkit

A collection of Rust packages that contain common tools used in development of Secret Contracts
Rust
72
star
6

SecretJS-Templates

Templates for working with SecretJS
JavaScript
66
star
7

snip20-reference-impl

This is a reference implementation of the SNIP-20 standard.
Rust
54
star
8

enigma-docker-network-deprecated

A containarized Enigma Protocol environment to start writing secret contracts
Shell
51
star
9

catalyst-docs

Documentation for the Catalyst algorithmic trading library
41
star
10

Grants

Repository for grant proposal submissions
40
star
11

enigma-p2p

The Enigma Worker Peer-to-Peer (P2P) package written in Node.js based on libp2p-js
JavaScript
37
star
12

enigma-core-deprecated

The code has been moved to a new repository:
Rust
31
star
13

smart_contract_marketplace

Smart Contract for the Enigma Data Marketplace
JavaScript
25
star
14

secret-vault

A contract that allows you to create private keys on-chain and sign data with secp256k1 signatures
Rust
25
star
15

SecretSwap

Rust
24
star
16

secretSCRT

𝕊(𝕊) SCRT backed privacy coin
Rust
23
star
17

enigma-contract

Smart Contract and Javascript library for the Enigma Protocol
JavaScript
23
star
18

SecretHoldEm

A Texas hold 'em poker game implemented as a Secret Contract for the Secret Network
JavaScript
23
star
19

discovery-docker-network

Docker Network for the Discovery release of the Enigma Protocol
Shell
20
star
20

secret-contracts

Showcase of Privacy-Preserving Smart Contracts using Enigma
JavaScript
18
star
21

salad

A coinjoin implementation for the Enigma Discovery network
JavaScript
16
star
22

SecretStablePools

A Curve-like AMM for Secret Network
Rust
16
star
23

dash.scrt.network

Secret Dashboard is an entry point for new users into Secret Network.
TypeScript
15
star
24

CosmWasm-Simulator

TypeScript
14
star
25

discovery-cli

Command Line Interface (CLI) for the Discovery Enigma Protocol developer testnet
JavaScript
13
star
26

api-registry

A registry of API endpoints for mainnet and testnet
12
star
27

enigma-template-dapp

Template dApp to start building with the Enigma Protocol
JavaScript
12
star
28

marketplace

Data Marketplace documentation: https://enigmampc.github.io/marketplace
10
star
29

EthereumBridge

Rust
10
star
30

secret-redelegate

A re-delegation script for SCRT coins using ledger + CLI (or other Cosmos SDK coins)
Python
10
star
31

wrap.scrt.network

Wrapping Coins as Secret Tokens immediately supercharges them with private balances and private transfers.
TypeScript
9
star
32

bech32.scrtlabs.com

Mainly an "enigma" to "secret" bech32 addresses converter.
JavaScript
8
star
33

SecretDice

A simple dice roll game implemented as a Secret Contract
Rust
7
star
34

SupernovaDocs

7
star
35

superuser.scrtlabs.com

Do stuff like a pro.
TypeScript
7
star
36

SecretSimpleVote

A very simple voting contract
Rust
7
star
37

protocol

Enigma Protocol Documentation
6
star
38

SecretSwapAnonEdition

Private swaps for Secret Network using a private entropy pool & differential privacy.
Rust
6
star
39

docker-environment

Docker Environment for the Discovery release of the Enigma Protocol
Python
5
star
40

gov-airdrop

Rust
5
star
41

EnigmaBounties

Secret Contract samples
5
star
42

surface

Surface is part of the Enigma node software stack. The Surface component is responsible for operations that are outside of SGX and acting as a bridge between the outside world and the "Core" component.
Python
5
star
43

dNetflix

JavaScript
4
star
44

secret-migrate-example

Rust
4
star
45

crosschain-contract-demo

Rust
4
star
46

safetraceV2

Rust
4
star
47

EthereumBridgeBackend

TypeScript
4
star
48

secret-raffle

A simple secret contract that selects a winner from registered participants
Rust
3
star
49

catalystweb

Catalyst web-app
3
star
50

GitpodLocalSecret

3
star
51

enigma-contract-deprecated

The code has been moved to a new repository:
JavaScript
3
star
52

dev-help

This repository is for opening and managing developer issues
3
star
53

wasmi-in-enclave-test

Rust
2
star
54

discovery-template-dapp

Client DApp template for Enigma Protocol Discovery
JavaScript
2
star
55

react-native-secretjs

Java
2
star
56

discovery-documentation

2
star
57

InvestSEFI

Reinvest SEFI by swapping half for sSCRT, LPing it to the SEFI-SSCRT pair and depositing the LP tokens in the SEFI-SSCRT rewards pool
TypeScript
2
star
58

random-ibc-example

Rust
2
star
59

tm-secret-enclave

Rust
2
star
60

ViewingKeysWizard

All your viewing keys belong to you :-)
TypeScript
2
star
61

cosmwasm-old

This is a fork of CosmWasm/cosmwasm, intended to make it easier to pull in changes from upstream to the vendored copy in enigmampc/SecretNetwork.
Rust
2
star
62

secret-contracts-examples

A curated list of Secret Contracts ordered by complexity
2
star
63

SecretRandomOracle

A random oracle for the secret network
Rust
2
star
64

secret-vrf-challenge-contract

Rust
1
star
65

ecosystem-tools

List of tools that should be built to help improve the Enigma ecosystem.
1
star
66

WasmiMemoryTest

Test how wasmi behaves when WASM code imports memory vs. export memory
Rust
1
star
67

lockup-incentives

Rust
1
star
68

axelar-bridge-ui

Vue
1
star
69

examples

Rust
1
star
70

secret-metamask-demo

MetaMask demo for Secret Network
TypeScript
1
star
71

mainnet-.compute

An updated Secret Network .compute directory, for easier node syncing
1
star
72

BenchmarkSecretContracts

Benchmark Secret Contracts
Rust
1
star
73

slate

API Documentation v0.2
JavaScript
1
star
74

go-cosmwasm

This is a fork of CosmWasm/go-cosmwasm, intended to make it easier to pull in changes from upstream to the vendored copy in enigmampc/SecretNetwork.
Go
1
star
75

discovery-testnet

Discovery Testnet
JavaScript
1
star
76

testnet-faucet

A faucet for Secret Network testnets
Vue
1
star
77

blockchain-explorer

Blockchain explorer for the Discovery Enigma Network
TypeScript
1
star
78

MillionaireProblemTutorial

Rust
1
star
79

secret-oracle

Rust
1
star
80

rps

Vue
1
star
81

unstoppable-secrets

Rust
1
star
82

cro-pay-vue-example

Vue
1
star
83

secret-ibc-setup

A docker compose script that sets up two local secret networks and a relayer that connects them.
Dockerfile
1
star
84

secret-proto

Rust
1
star
85

enigmaslackbot

A simple FAQ answering bot for Enigma's Slack
JavaScript
1
star
86

ibc-template

TypeScript
1
star
87

SecretJack

Rust
1
star