Introducing COVA, a Smart Policy Platform

Aug 8, 2018 · 4 min read

An email written in Switzerland arrives in mere seconds today through the Internet, or, as Al Gore calls it, the “information superhighway”. Using this metaphor, “information” would be analogous to the “cars” that traverse this “superhighway.”

But if “cars” in the real world really acted like “information,” we would be quickly descending into lawless hell. Once drivers get these “cars” to their destinations, they’re no longer at the steering wheel. For one, anybody waiting at the destination could simply hop into the car and drive away, or resell your car for a profit, even raid the glove compartment for the registration papers to find out where you live. It’s as if as soon as the car reaches its destination, its stops being yours.

The internet is made up of a suite of protocols, such as transport layer protocols like TCP/IP, and application layer protocols such as FTP, HTTP, SSH. Together, these protocols make sure that your data is properly packetized, addressed, transmitted, routed, received, and interpreted — they make sure that your data gets to the right destination.

However, the current suite of internet protocols does not regulate what happens to data after it has reached its destination. Data on the internet is mindless, exposed, and abused. Data silos, data breaches, intellectual property infringements, unwanted advertisements, election manipulations, digital footprints, and spam are all negative effects from a lack of enforceable data usage policies.

The world needs a new internet protocol of smarter data that remembers, knows when to keep a secret, learns from its users, and more. COVA is this new internet protocol.

With COVA, the owner of a data package can attach a data usage policy that dictates how the data may be used, and makes sure programs operating on it obey the policy. We call this machine-enforceable data usage policy a “Smart Policy”.

Just as the “Smart Contracts” powered by Ethereum are machine-enforceable contracts that was otherwise only enforceable by law, COVA “Smart Policies” is a machine-enforceable data usage policy that was otherwise only enforceable by law.

Here are some example use cases that highlight the potential of Smart Policies:

I want …

  • that my Snapchat photo may only be rendered individually and not be processed by facial recognition.
  • that a shopper’s mobile GPS data may not be used with her other data to construct an intrusive customer profiling.
  • that a patient’s CT Scan may be processed by an aggregate function and not rendered individually.
  • that my credit card number may only be used once for a one-time charge. It will be erased from the server after the payment is completed.
  • that my password is salted and hashed before being persisted to a database.
  • that these text messages can only be viewed after tonight.
  • that this ebook can only be shared 15 times.
  • that k-anonymity or differential privacy is applied before my data can be used.
  • that only specific open-source libraries can be used to process my data.
  • that an ad or disclaimer has to be viewed before my content can be seen.

We have made significant progress towards the realization of this new internet protocol. Our technology comprises of 3 parts: a TEE network, a new language called Centrifuge, and a new virtual machine called CovaVM.

  • The TEE network refers to the substrate of “Trusted Execution Environments (TEEs)”. We first incentivize the creation of a network of TEE nodes which provides us with a scalable amount of “trusted” computing power. Having this “trusted” computing power allows us to make the important assumption about the program behavior of important “supervisor” programs. With this assumption, a much wider repertoire of tools for policy definition and enforcement becomes available to the upper layer.
  • Centrifuge is a Policy Specification Language (PSL) that translates human notions of data usage policy into “smart policies” that are enforceable code. Whereas the human notions of data usage policy are expressed in natural language and is only enforceable by law, a “smart policy” is specified in programming language and is enforceable by code. COVA Centrifuge is the counterpart of Ethereum Solidity.
  • CovaVM is a Policy Enforcement Framework (PEF) that enforces the policy written in Centrifuge. CovaVM is the counterpart of the Ethereum VM.

COVA’s mission has attracted a team of top engineers composed of prodigy hackers, awards winners in ACM, IOI, veteran Harvard and Silicon Valley coders. We have already released a private testnet and have open-sourced important source code repositories. Our development is happening at an incredible speed that is unfamiliar to the blockchain space.

COVA is laying the groundwork for an internet of Smart Data that remembers, keeps a secret, learns from its users, and is open for good. We need engineers who are daring enough to work on what others believe is impossible. We need a supportive community that accelerates the adoption of a new protocol.

More news on COVA to come in the next few weeks. Stay tuned:)


Written by

COVA is laying the groundwork for an internet of Smart Data that remembers, keeps a secret, learns from its users, and is open for good.