Aleo creates an online user experience that is both truly personal and truly private.
In the next decade, web services will be everywhere, living in more places than just your browser, and talking about every intimate detail of our personal lives. Our private lives have become public domain, and as web services become more private to live everywhere, we need to rethink how we control our data.
Today there is no such thing as private web data.
If it lives on the web, then it belongs to someone. The network provides free services in exchange for personal data. This business model is outdated and puts users at odds with web services. Users must transfer personal data in exchange for services in order to interact with each other in their daily lives. Service providers must manage sensitive data that compromises their business if stored, processed or disclosed incorrectly. This is problematic and should not be so.
Tomorrow the Internet will be private by default.
Over the past decade, new technologies for protecting user data have become practical. For the first time, users have a choice. They don’t have to relinquish control over their data, and data leakage should no longer be an inevitable cost. And for the first time, web services can use privacy technologies to protect users while enhancing their online experience.
Privacy technologies will change how we see and use our data.
Instead of relinquishing control over your personal data, web services will reason about it without actually seeing it. Web services will no longer need to store sensitive data and will return their work to the user. Thus, neither the user nor the service provider will know more than they should, and control over personal data will remain with the user. This approach rethinks both the privacy guarantees offered by services and the way users think about their data. This paradigm will fundamentally change how the Internet works in ways we have yet to see.
First, zero knowledge makes web services secure.
For example, instead of risking a user’s password being leaked, users can now hash their password (with salt and pepper) on the device without even sending their password to any web service. This not only allows user data to be stored on the device, but also reduces the overhead of access control and eases the legal responsibilities that web services must bear today.
Secondly, zero knowledge makes web services interoperable.
For example, today brokerage houses not only know the full transaction history of the user, but also know when the user makes a transaction. Access to this data allows brokerages to sell valuable information to third parties, deny service to certain users, and even outperform their users on the exchange. This is a serious and unresolved problem. Users should not expect their brokerage to be fair, and regulators should have proof that brokerages are up to their standards.
Third, the lack of disclosure makes web services honest.
Web services don’t need to have user data to provide a valuable experience. Users should be able to interact with web services without access to their personal information. For example, if a brokerage company can’t find out their users’ details, they can’t target any user — be it a denial of service or an unfair price offer. The choice of data transfer must be made by the users.
This is just an example of what Aleo builds.
The next step for web developers.
Aleo defines a new standard for the Internet. It takes a radical new approach to security, privacy, and data ownership. Users no longer need to sacrifice information they can never get back, and web services no longer need to risk compromising their users’ data.
Today we are releasing Developer Preview II.
To make it intuitive and easy to write private applications in Aleo, we created Leo, the first programming language for formally validated zero-knowledge applications. Leo ensures that user data is kept private by default and surfs the web seamlessly.
To make it easier for web developers to try out Leo, we’re releasing a playground for Leo.
Web developers publish their work to the Aleo Package Manager (PM), a registry that freely hosts and distributes commonly used code. With Aleo PM, developers can quickly import packages to build a new web application. Today we’re releasing a new Teams feature that lets developers work together.
We believe this feature will make it easier for developers to collaborate on complex packages like SHA256 or AES and easily publish their work for others to use. We’ve also introduced new security features to make it easier to draw attention to new bug fixes for all downstream packages.
To make it easier for developers to get started, we have integrated Aleo PM into Aleo Studio, the first IDE for private web applications.
With Aleo Studio, developers can now quickly search for and import new packages to use in their applications.
Once ready for deployment, the Aleo network hosts the application with 100% uptime and complete privacy. Our network allows developers to seamlessly run and deploy zero-knowledge applications without having a degree in cryptography.
As more people use the Internet in their daily lives, applications will demand greater security, compliance, and fairness. We want web developers to build applications based on Aleo and make private applications a standard in every user’s life.
This is just the beginning of the next chapter for the Internet.
