The “dark forest” is a concept that describes how you are no longer safe in the universe once your existence becomes known to another intelligent being.
This concept plays out every day on public blockchains by way of a concept coined as “Maximal Extractable Value”, or “MEV”. Once your transaction becomes public, it is at risk of being re-ordered or censored by a financially-motivated actor seeking to extract as much value as possible.
Now think about “Maximal Extractable Value” on a larger scale, just how far will companies and governments go to extract value or intelligence about you?
Think about all of your data that has ever passed through a digital platform. And the information about such data, the when, where and with what device - your metadata. And then think about anyone who may seek to profit from such data and metadata, whether as a purveyor of Surveillance Capitalism or a state actor with military or political motives. As General Michael Hayden, former director of the NSA and the CIA, infamously once stated, “we [the NSA] kill people based on metadata”.
While smart people are working to mitigate the profound societal consequences of MEV in the context of blockchain transactions, truly private internet services are the only way to mitigate the deleterious impacts of a kind of global scale MEV. But, unfortunately, the internet as we know it was not designed for privacy; it’s designed for profit.
“Cryptography was bolted on as an afterthought ...Today, widely deployed secure web browsing and messaging protocols like TLS and Signal implement end-to-end encryption to protect the content of communications. However, even if data payloads are encrypted, these protocols still expose metadata to network eavesdroppers, including information such as who communicates with whom, when, how much, how often, for how long.”
“...the network-level metadata associated to online activities can be exploited to uniquely identify users, enable pervasive tracking, and reveal private information about personal or business activities. By applying "artificial intelligence" algorithms to metadata, it is possible to predict people’s political preferences, associations, social relations, purchasing behavior and other intimate details of their private lives and mind.”
From Cambridge Analytica to the 2016 US election, we’ve seen exactly this sort of profiling time and time again.
As users of internet services, we have no control over what metadata is leaked about our interactions online and what any actor - nefarious or otherwise - may choose to with that information. Whether the resultant profiling is deployed for selling you advertising or determining your potential suitability for a loan or a new job, we have less and less agency over how our online interactions might affect us or others.
The Web3 vision is about providing the public with increased agency and control over their online experiences and the resulting personal information. Without appropriate privacy solutions, businesses and internet users are increasingly vulnerable to breaches, hacks, surveillance and censorship, and they don’t have interoperable power, e.g. they can’t move seamlessly between products and take their data with them.
Despite a multitude of privacy solutions existing in both Web2 and Web3, none of these solutions solve the inherent leakage of metadata, rendering any of the other privacy benefits from existing solutions insufficient for many purposes. A private messenger like Signal might encrypt a message’s contents, but metadata identifying the timing, sender and receiver is accessible by powerful third parties that monitor the internet and can readily identify users.
A full-stack and technically holistic approach to privacy is needed.
“One fundamental premise of Nym is that well-designed incentives can sustain a large-scale privacy infrastructure as a collective public good.”
Nym's ultimate vision is to build a platform that sustains the privacy demands of every global internet user and application.
“The Nym network ("Nym") is a decentralised and incentivised infrastructure to provision privacy to a broad range of message-based applications and services. The core component of Nym is a mixnet that protects network traffic metadata for applications, providing communication privacy superior to both VPNs and Tor against global adversaries that can watch the entire internet.”
The Nym architecture is powered by three main technological advancements: a mixnet, private credentials and incentives.
Nym’s mixnet essentially works by “mixing” internet traffic with other traffic to help it hide its benefit by getting lost in the crowd. This is why scale is an important property for privacy networks. The more data packets that are sent through the network, the harder it is to trace one packet as it is mixed with a lot of other traffic.
All data passing through Nym’s network is layer-encrypted (or in other words onion-encrypted) using public-key cryptography. To prevent an eavesdropper from surveilling any particular data packet of a particular size, the first step in any mix is to transform the data into packets in a uniform size - called Sphinx packets. Then, nodes in the mix network “mix” the traffic, releasing packets probabilistically in order to ensure timing obfuscation, and avoiding any attempts to track data based on when it entered or exited the network.
In Nym, there is a clear distinction of roles between the end-users, who send and receive anonymous data packets, and the mixnodes that provide the service to those users. The saying is “privacy for the end user, transparency for the infrastructure”. Mixnodes are incentivised to reliably provide a high quality of service to thousands of users at any time, and their performance is public and can be browsed in the mixnet explorer. A full list of available mixnodes is published at regular intervals in the Nym blockchain, ensuring that all participants have a verifiable, global, up-to-date and consistent view of the mixnodes forming the network.
While Nym’s mixnet builds a strong foundation by protecting the network-layer, through the use of private credentials, Nym also enables privacy at the application layer.
Anonymous credentials allow users to prove their "right of use" when privately accessing services over the mixnet while preserving unlinkability.
Nym credentials advances on the Coconut signature scheme (a design funded by Decode, a project initiated by the European Union’s Horizon 2020 innovation program to “build a trustworthy and privacy-aware digital society”), enabling people to prove their right to access and do things online while retaining privacy. Nym credentials encrypt and embed the data needed for a given service, including zero-knowledge proofs of private data. These credentials are validated in a decentralised and public manner, without revealing any link between the user and the service they want to access.
Nym credentials can encode any attributes that are relevant to proving right to use, including third-party certified identity attributes as well as proofs of payment for services.
Nym’s anonymous credentials system is indicative of the overall thoughtful systems-level approach to privacy taken by the team.
Node operators in Nym are rewarded for their proof-of-mixing, i.e. their work providing privacy. For Nodes, staked deposits of Nym’s protocol token, NYM, represent a right to provide continuous work to Nym’s marketplace for privacy-enhanced services and earn rewards for performing that work. Staked deposits of Nym tokens also act like a bond in the network that the protocol can seize (part or whole of) in the event of misbehaviour. Without any human intermediary, the protocol takes payment for data that node operators request to pass through the network and distributes rewards for their work done. This is incredibly efficient from both a technical and environmental standpoint. Resources are only deployed when necessary, meaning that the network will scale up and down in response to demand as required.
Post-launch, Nym will be able to leverage different forms of network effects around its new incentivised network for privacy-preserving services. Two-sided marketplace network effects will result directly from increased usage of the network and a growing pool of network fees for the supply-side to earn. This will attract additional mixnodes to the network, improving the supply-side of the network by increasing the decentralisation and privacy guarantees of the network, which should, in turn, incentivise further usage from the demand-side. In terms of privacy, Nym’s value increases the more types of applications are running on the Nym network.
The value of NYM, the protocol token, will also increase with more usage through greater demand for the revenue flowing through the network. These network effects could cement Nym as the de facto privacy solution for the internet at large. Protocol network effects such as this are made more possible because Nym thoughtfully leverages its own cryptocurrency to incentivise the actors within its system. Put simply, forking the Nym Network protocol will not bring the Applications, the Mixnodes, community members, or the value of $NYM with it.
"Technology does not need vast troves of personal data, stitched together across dozens of websites and apps, in order to succeed. Advertising existed and thrived for decades without it. And we’re here today because the path of least resistance is rarely the path of wisdom. If a business is built on misleading users, on data exploitation, on choices that are no choices at all, then it does not deserve our praise. It deserves reform…"
Apple CEO, Tim CookWhen the CEO of Apple, the quintessential tech establishment firm, believes that the age of mass surveillance needs to come to an end, there must be a problem.
If not the status quo, then what would a more private internet look like?
Although current instantiations of public blockchain require transactions, accounts and state to be stored publicly and for computations to be transparent; for individuals, it’s a tough sell for most consumers to have their net worth leak every time they make a grocery transaction, and for companies; it’s a tough sell to have their data and transactions fully trackable by their competitors’ data analytics teams. Ultimately, we need a way of doing logic on encrypted numbers. If we keep things more private by default, third parties will have to provide greater justifications to receive and hold on to our data. After all, your data is now a liability under much of the new global privacy regulations such as the GDPR in Europe and the CCPA in California.
Through a combination of full-stack privacy solutions like Nym and the innovative use of technologies like zero-knowledge proofs, we foresee a future with privacy as a default for many aspects of our digital lives. Just as encryption initiated a wave of innovation by making internet commerce possible, we also foresee broader privacy protections initiating a new wave of exciting data-innovation. Surveillance is a data-grab for the few. Privacy enables meaningful data innovation for the many.
We envision that the widespread adoption of Nym will begin with applications that involve a high demand for privacy – such as cryptocurrency – then grow into ever more generic applications, like secure messaging and decentralised VPNs. Nym is at the centre of a technical revolution with people at its centre and is composed of one of the most committed groups of builders in the sector. We wish them every success.
Follow and support Nym’s work as they begin their countdown to mainnet!
You can join the conversation on Twitter or Telegram. Or, if you are running services, wallets or other applications and want to integrate Nym and offer your users extended privacy protections, get in touch directly using firstname.lastname@example.org
You can also join Nym’s Cosmos hackathon: to build ‘The Eternity Service 2.0’. Deadline 8th of Dec. The challenge is to create a Nym service provider (application) which offers cloud file storage, and a GUI where users interact with the service provider, all via the Nym mixnet. https://cosmos-hackatom-vi.devpost.com
Last but not least, Nym are always looking for excellent people to join the team: https://nymtech.net/get-involved/#jobs