DevAccelerator Spotlight: Dead Man’s Switch

A decentralized, censorship-resistant tool for whistleblowers

This is a part of a series highlighting the work of developers on the Oasis Network through the new DevAccelerator Program. Go here to learn more about the program and apply.

I’m Nick Merrill, a researcher at the UC Berkeley Center for Long-Term Cybersecurity, where I direct the Daylight Lab. I also started Broad Daylight, a software practice where I blend security with design methods.

I’m building a decentralized, censorship-resistant Dead Man’s Switch: a method for releasing documents, which are kept confidential until some future conditions are met. With a combination of the Oasis network and IPFS, encrypted documents are nearly impossible to censor.

Whistleblowers can use the Switch to release sensitive documents, and/or as an insurance policy to protect themselves. There are also some compliance use cases (for SEC filing and so on).

Here’s an example for whistleblowers: post some damning information, keeping it secret for now, but proving that it could become public in the future. The information’s potential release may act as your shield against institutional recourse.

If you’re a whistleblower today, your options aren’t amazing.

  • You can reveal the fact that you have secrets without revealing the secrets themselves, but that could get you arrested before you can release anything.
  • You can trust one or a few people, but you then have to trust them with multiple copies of the data, and trust them to coordinate with one another (and with you).
  • You can use a centralized software solution, but such a service can be pretty easily taken down by someone with political or legal means. If your adversary has some technical chops, the documents on that service could also be tampered with — -you might be able to prove the tampering occurred with a hash, but good luck recovering the data.

Something like IPFS helps us post files in a tamper-proof, uncensorable way using content addressing. But if we want to encrypt the data, how do we manage the release of the encryption key?

This is where Oasis comes in:

  1. Neither the documents, nor the fact that they’ve been posted, can be censored or taken down.
  2. The on-chain contract manages the coordination among trusted parties required for the key release.
  3. When the documents are released, you can definitively prove that the now-public document is the same as the once-secret one. A more mundane example might be your last will and testament. If you really don’t trust your lawyer, or you’re in a jurisdiction with poor rule of law, you can use this tool to create tamper-proof wills.

I’ve been following blockchain technologies since the original Bitcoin whitepaper came out on Halloween, 2008. While Bitcoin’s limitations are well-trodden now, I still appreciate the simplicity of that implementation. Smart contracts emerged quickly after that.

Many hype cycles have come and gone since then. Through them all, four major developments have really excited me:

  1. Proof-of-stake, which makes blockchains more environmentally scalable.
  2. Sarah Meiklejohn’s work on de-anonymizing blockchain transactions, and follow-up work on providing transaction privacy guarantees (the most promising of which I believe to be Meiklejohn and Mercer’s (2018) work on trustless tumbling, again because of its simplicity and ease of integration with smart contract platforms).
  3. The CODA protocol, which guarantees a constant-size blockchain through the clever use of zk-SNARKS (zero-knowledge succinct non-interactive arguments of knowledge).
  4. The Oasis Network, which guarantees confidential state on the chain using secure enclaves.

Eventually, I am confident that these innovations, and potentially some future ones, will either converge or work in unison to solve a reasonable set of real-world problems.

Confidential state on smart contracts is the killer feature of Oasis for me. Down the road, confidential state on smart contracts could enable better fairness guarantees in machine learning.

Barring the unexpected, I expect to have a semi-public beta by Q4 2020.

Subscribe to our newsletter! https://tinyletter.com/daylight-switch. We expect to post an update every month or two. No spamming, I promise.

If you or someone you know may need this platform for whistleblowing or compliance, get in touch (nick@broad-daylight.com). We’ll get you early access in exchange for some testing & feedback.

Oasis Foundation

A better internet is only a matter of time.