Nowadays I rarely come across important releases in crypto but this is a truly major one. Dero is an L1 that uses the account model with homomorphic encryption and smart contracts. Dero's current iteration is in alpha and was released in March-April 2022. It is my understanding that Dero is still under development, with the latest update in August 2023 and an important upgrade in the pipeline. Lack of privacy and censorship plague today's web3Today's web2 and web3 dapps are hosted in 3rd party servers. To use them we must submit sensitive data into these servers where dapp's code runs. For example, let's think of a website that calculates insurance premiums. Users complete a form and the site generates an estimate of the premium. As a user you received a service, but in return you had to give out a lot of personal information over which you no longer have any control whatsoever. You also had to connect to a third party server where you could get blacklisted/censored because of your country, age, estimated income bracket and so on. Why L2s and modular privacy solutions do not cut itTo solve this issue some projects like Zama have created tools for data to be operated on homomorphically in encrypted form. With the introduction of such tools, users no longer insert plaintext data into web2 and web3 dapps. Instead, the plaintext data is inserted first in an encryption environment where it is encrypted in such a way that operations can still be performed. Then these cyphers (encrypted data) are sent to a centralized or decentralized network of servers. The problem with such approach is two-fold. First, since data is hoarded in and operations conducted in one place (single server or network of servers) then as user data and computing power requirements increase with time, only the most performant servers can keep up with network's growth. This leads to centralization and, as result, censorship because a server with such data can homomorphically filter users. For example, they can homomorphically block users based on geolocation even if they don't see their exact location. Second, there is a backdoor and compiler risk in the encryption environment and the server itself. If the encryption environment is not trusted, then even if the encryption code is open source there could be compiler vulnerabilities to expose the plaintext data before encrypting it. For the uninitiated, virtual machines like the EVM run on compiled code. Developers write contracts in solidity but those smart contracts must be compiled because the EVM is a compiler not an interpreter. Compiling code is similar to translating it into a language that the EVM understands and can run on. This translation however can be flawed in case of a compiler vulnerability. The same thing can happen inside the server where operations are performed on data. In the example with insurance premiums, a compiler vulnerability could be used to artificially inflate estimated premiums to create a sense of urgency and then try to sell users "discounted" insurance plans. Data censorship can be enforced too. Consider, for example, the scenario of a laboratory that has measured the concentrations of key pollutants in the air/water and needs to calculate the air quality index or water quality index. Through a compiler vulnerability one could change the formula to give artificially high values for political reasons, or to hide the impact of polluting activities in a specific area. This is why L2s and modular privacy solutions do not really solve censorship and surveillance, they only make them more seamless. Tela's decentralized web3 standardTela dapps consist of 2 parts, the functional part (max 20kb) and the indexing information (9kb). The functional part is the actual application. The indexing part serves to help with discoverability and includes, among others, a description, user ratings and the commit hash. Dapps are run locally without any data ever leaving user's machine. How would the insurance premiums calculator dapp would work on Tela? Well, instead of having to reach out to a third party server and input sensitive data there (such as medical history, income and lifestyle choices), Tela users just download the algorithm (code) and calculate the premium in their own PC. What about compiler risk? This is the other revolutionary aspect of Tela and Dero. Tela runs on Dero and uses Dero's VM. Since Dero's VM is not a compiler but an interpreter (it is the only interpreter VM in crypto), there is no compiler risk. On Ethereum, or any other existing smart contract platform, the VM is a compiler so running the code locally won't eliminate compiler risk and the backdoor risk that comes with it. Aside from eliminating compiler risk, Tela also establishes a new standard of censorship resistance because even if the owner of some dapp is forced to delete the code (eg: under duress by a government or corporate actor), users can still access past commits. How does a non tech savvy user know that a Tela smart contract/dapp is safe to use? This is done through community audits and ratings on one hand, and the SCID commit hash on the other. Each Tela contract stores a commit hash (SCID) that uniquely identifies the deployed code. By checking the SCID users can verify that the code they are interacting with matches the hash stored in the contract. If you have come so far then I hope you now have a good understanding of Tela. For me it was not really easy to put all the pieces together at first, but once I did it was really impossible to miss what kind of profound revolution this is. Tela is a cypherpunk wonder out of nowhere. [link] [comments] |
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments