Securing our Data with Numbers Capture

Ethan Wu
Numbers Protocol
Published in
3 min readAug 19, 2020

--

What is the current state of data?

The world we live in runs on data and as humans we consume data constantly and are informed by the information it provides. The issue becomes, how trustworthy is this data? How do we know that the data hasn’t been altered or utilized in a way that was not originally intended?

The answer to this question is we currently don’t know. Cross Referencing sources is one way of checking data validity however with social media channels such as Twitter and Facebook distributing data effortlessly at such scale, this solution is inefficient and pretty much impossible to perform.

Untrustworthy data takes on many forms, most notably fake news. Many of us are aware of the effect fake news had on the 2016 United States Presidential election and its far reaching consequences.

Numbers Solution: Capture, Record, Verify

Numbers Solution is build based on our open source framework for data integrity. Data integrity is really important and here at Numbers, we hope to address this significant issue by leveraging traditional cryptography approaches along with decentralized storage in our Capture, Record, Verify approach.

Theory of Capture

When someone wants to reliably ID me, they would ask for photo ID. Photo ID is often not the most reliable because it can be easily forged or altered. A level above a photo ID would be something like a fingerprint or DNA. Something that is truly unique to the individual and cannot be faked or changed. What if I told you, that generated data, for example an image or video, can also have a “fingerprint”.

When I take a picture with my phone there is a lot of unique environment data that is recorded. For example hardware signatures and sensor data (Time / Date, GPS, Accelerator, Gyroscope, etc.). This environmental data, we will refer to as metadata, provides additional descriptions for the data and is difficult to replicate due to the sheer number of details.

Traditional cryptography methods like Public and Private Keys are used to sign the data for reading and sharing. In the end, everything is wrapped up as hash codes and the result is a unique data fingerprint.

The above process is outlined in the following example serialization schema:

{
proof: {
hash: String,
mimeType: String,
timestamp: Long
},
information: [{
proofHash: String,
provider: String,
name: String,
value: String
},
...
]
}

Example (Metadata):

{
"proof":{
"hash":"1837bc2c546d46c705204cf9f857b90b1dbffd2a7988451670119945ba39a10b",
"mimeType":"image/jpeg",
"timestamp":123456789
},
"information":[
{
"proofHash":"1837bc2c546d46c705204cf9f857b90b1dbffd2a7988451670119945ba39a10b",
"provider":"ProofMode",
"name":"Current Location",
"value":"121.0, 23.0"
},
...
]
}

Signature (Public / Private Key)

[
{
proofHash: String,
provider: String,
signature: String,
publicKey: String
},
...
]

Example:

[
{
"proofHash": "845ace0144620a18abf1d73c1dceaa51ea78cd5d791dbbbd2368d75260431bd9",
"provider": "AndroidOpenSSL",
"signature": "3046022100b96babf7fb1a374792ce47cebdf0b5a40166352a4e8aed2d8e84a04699898c72022100ec0646e318a0701f794fd0a3dc28da41ff864a1f9156e694b890a1800edd86b0",
"publicKey": "3059301306072a8648ce3d020106082a8648ce3d030107034200043e4ba565aa9158b9aeafc1bb4a970bfc7fcdcc398c35bb525aedd37bbf459dbd30868b909ec6b78f7904474c225e02f45c2384b0f4ece0d68e2c3c84fce04686"
},
{
"proofHash": "845ace0144620a18abf1d73c1dceaa51ea78cd5d791dbbbd2368d75260431bd9",
"provider": "Zion",
"signature": "3045022100dbfe89fe13a4758f2124fc35d440d6ca8a6b3c3d72429a3a70b3a8146695c0db02204d8d387bba770d16e100e05109061897013317682a8cd2ac45162d381effa1ee",
"publicKey": "Session:\n3059301306072a8648ce3d020106082a8648ce3d03010703420004b4b85c26384dda113f029cfb3b71c1769a44f78093b91b8bd5965506dc3ea00b4abc780d93a23f4dda5ae65c95f61a31a808b2e22f654cfcf2b76905046f4992\n\nReceive:\n03583ea032d0607a9d0d9748b445e4e170277921ed3eebec10795521be11a2f04d\n\nSend:\n03583ea032d0607a9d0d9748b445e4e170277921ed3eebec10795521be11a2f04d"
},
...
]

Recording on Decentralized Storage

This data fingerprint can be stored locally or uploaded onto a decentralized storage network such as IPFS. If you are curious about what IPFS is take a look at Understanding IPFS / FileCoin Medium article. Storing data on IPFS is ideal due to its inherent secure nature, version control tracking and resistance to censorship.

Checkout out Capture Project

With the 2020 United States election coming soon, we need to prioritize our data and not repeat fake news history again. Data Integrity is a conversation that needs to be discussed more than it currently is and at Numbers we want to encourage the development community to be apart of the conversation and our open source projects on GitHub . We are firm believers of open source projects and opening up innovation to everyone.

--

--

Ethan Wu
Numbers Protocol

Recent M.S Graduate and Numbers Software Developer & Developer Relations/Community Manager