Here’s how we protect your private parts
The H4X Project is a showcase of Tide Protocol’s open source ‘trustless’ data privacy technology — removing the need for trust when relying on third parties to protect sensitive data. The protocol also provides the incentive for organizations to embrace privacy and affect meaningful change at scale. H4X invites the community to discover and address any flaws in the Tide Protocol, with a bitcoin bounty.
7 trillion U.S. dollars. That’s going to be the value of personal data globally by 2020, if the European Commission estimates are any indication. You can guess what your share of that value’s going to be. However, the real question is: what share will the hackers have? How far will they go to get it?
At this very moment, cyber hackers from around the world are actively working to steal your personal data, to sell for profit on the black market or impersonate you. Most likely, they’ve already stole it, but don’t take it from me. Verify it here: HaveIBeenPwned. Your data is stolen from companies you’ve willingly given it. In most cases, those companies also sell it for profit themselves on an open market.
With a new data breach happening every day — it’s clear this is a problem affecting everyone. It’s neither a small or easy problem to tackle, and while most will say it’s a boring one — we found an exciting solution! We called it The Tide Protocol.
So, Mr. business, you need my details? Fine but here’s the twist: from now on, you get my data locked. You can still keep it, but I hold the only key. Need access sometimes? Ask me every time. Want to sell it? Pay me.
Why would a business even consider adopting such an approach, you ask? Liability, man. And lots of it. Dear Hacker has been working your backdoors for a while now and it’s just a matter of time until you’re in the news. Would you prefer having your customer’s affairs out in the open or have some useless locked boxes stolen? Not to mention Mr. Government enforcing GDPR and the likes to tear you a new one when that happens.
Know what? Why talk about the stick when we should focus on the carrot? Even a corner store has customer data that’s valuable to someone. What if that data was automatically offered for sale (securely of course) in a global ecosystem — with the explicit consent of the customer? After all, they’re getting a clip every time it’s being sold.
That’s the concept of the Tide Protocol, in a nutshell. An open-source framework, governed by the Tide Foundation, a community-driven non-profit organization offering it for free. This framework has been developed over several years out of commercial necessity within a closed enterprise space, but with the recent proliferation of Blockchain technology, the missing element of ‘trustlessness’ made it possible to open it up as a collaborative industry standard that doesn’t require a centralized entity to control it. Check our explainer video on our website to understand the extent of it.
You’re immediately thinking of Facebook, aren’t you? And how cool would it be if Zuckerberg paid us every time he makes money off selling our data, right? Yeah, that’s what it’s for, but we’re under no illusions either Facebook or Google will be Tide first adopters. But, think of that long-tail of all the organizations you gave data to, other than FB and GOOG: think your accountant, ISP, bank, utility company, landlord, frequent flier, shopper reward program, doctor, favorite app, etc. Or put yourself in the position of any B2C business owner. Most likely you’re collecting sensitive information and generating valuable insights about your customers. Meaning, you’re on a collision course for a cyber breach and a hefty privacy compliance breach fine.
The Tide Protocol is the solution. It’s a radical, new, trustless privacy-protection solution for sensitive personal data on a global scale. This solution utilizes state-of-the-art cryptography leveraging the maturing trustless nature of blockchain technology. It also addresses the painful usability problem of today’s blockchain-based products — messing around with crypto-wallets, private key protection, mnemonics, etc. — It looks and feels like your everyday web experience, but with the uncompromising security of crypto. By solving the UX problem, we break one of the biggest mass-adoption barriers of any blockchain-based application. Something even your meemaw can use. You can find a more comprehensive discussion in our whitepaper.
Some say the whole damn thing is absolutely unhackable!
Actually, no one said that. Nor should anyone say that on any security solution. Ever! But it has proven to be infallible so far with exceptional results. We still need help to make it even better.
The solution is designed to benefit an entire ecosystem of participants so we are actively looking for contributors, developers, researchers, media experts, privacy advocates, cryptographers, blockchain zealots and industry partners interested in evaluating the technology, talk about it, audit it, break it, fix it and make money off it. We are in perpetual pursuit to nurture and grow the community around this solution — so get in touch on our Telegram channel and get involved in our Github. For those who can’t wait to get to the deep end, join our whitelist on our website:
As a testament and a showcase for the robustness of the Tide Protocol, we put our money on the line and our balls where our mouth is and placed a shiny little bitcoin behind this protection. Anyone who breaks that protection will see the private key — no question asked, no further details are required. Proudly presenting H4X:
1 bitcoin awaits you at http://h4x.tide.org
(see, we even ditched the SSL intentionally to make it as exposed as possible. Exploit it!)
To see it in action, use these dummy credentials:
username = ‘admin’
password = ‘password’
The concept is quite simple. The details of 1 Bitcoin were stored in the simplest website setup: on a database record behind a web server. Anyone logging in to that website using the correct username and password will see those details. All typical defenses around that set up were removed. No firewalls, no added security. It should be an easy job for any hacker to crack that. The twist: A unique protection mechanism (The Tide Protocol) was employed on the data and the website authentication. Supposedly, even if one cracks the whole thing, it would be impractical to crack the authentication or extract the data. Should anyone succeed, the bitcoin is theirs, and we’re back to the drawing board.
The Tide Protocol robust protection is achieved accordingly:
- The data (the bitcoin private key) is encrypted with the user’s unique key and stored in the Vendor’s database (the website). Vendor has no access to the user’s key.
- The user’s key is held by a 3rd party trusted custodian named DAT
- When the user wants to access its data, it retrieves the key from DAT
- To release the right key to the right user, the DAT authenticates the user using a username and password
Quite simple at this high-level description — but also sounds fully centralized, trusted and security-weak. Tide adds the following dimension to achieve highly-secure decentralization:
- Tide’s Decentralized-Automated-Trustee (DAT) is a semantic layer in Tide’s architecture made of an array of independently-operated decentralized nodes named Orchestrated-Recluder-of-Keys (ORK).
- While the DAT layer is considered trusted, each individual ORK is completely trustless and can be considered potentially-malicious.
- The user’s key is broken into shards and distributed across a predefined group of ORKs in the DAT in a Secret Sharing scheme such that none of the ORKs has access to the full key.
- Each ORK stores its respective shard on an immutable blockchain record in encrypted form only that ORK can read.
- To retrieve the key, the user authenticates against each ORK of its predefined group so that ORK will send its respective shard back to the user.
- The authentication against each ORK is done with a deterministic, unique derivative of the username and password of the user — so no ORK can ever derive or brute-force neither the username nor the password on its own.
- The user, using Tide’s web-client software, reconstructs the key from the multiple shards received from the ORKs. Using a Threshold-Encryption scheme, the key can be reconstructed even if 30% of the ORKs in the group didn’t reply.
And that’s how we protect your private parts!
A detailed design and source code of the H4X can be found here (including architecture and workflow diagrams with a complete installation manual to deploy the entire environment locally).
At the time of writing these lines (June, 6th, 2019), we’ve seen a bit more than 6,000 login attempts with over 60,000 probes at our servers — with no vulnerability found as yet.
Offering a bitcoin as a bounty is hopefully a cherry on top to help us test for vulnerabilities in the Tide Protocol, but we also hope that you’ll become part of “we” and find the project interesting enough to engage on a continuous basis and help perfect this vision as we grow it. With your help, as we expand, we’ll be able to increase our bounties and rewards to our contributing community members. We will be routinely releasing hints and exposing intentional holes to make it easy — so keep in touch and don’t be shy with asking questions and sharing your thoughts down here in the comments.
A word about the H4X operational environment: this is a pure proof-of-concept environment aimed at showcasing the novel concept and engaging with the community to scrutinize and perfect the technology. The Tide Protocol itself is still a fair way from going live. To clarify even further: this environment is not the Tide Mainnet environment. Let’s call it a H4Xnet.
The H4X portal: http://h4x.tide.org/
Github repo: https://github.com/tide-foundation/Tide-h4x-for-Privacy
The Tide Protocol: https://tide.org/tideprotocol