In Detail: Authorised Applications — Beyond Self-Sovereign Identity
We’ve briefly touched on the idea of how Super Protocol would be a perfect fit for the Self-Sovereign Identity implementation, yet haven’t talked about what exactly makes it possible and what other interesting applications are enabled by that feature.
The idea of Self-Sovereign Identity (see this article for a deeper description) among other things assumes that as the owner you’d be able to carefully choose and authorize applications that access your personal data (or even specify which data exactly can be accessed). This feature perfectly aligns with how the Intel SGX confidential computing works.
In case you’ve missed our confidential computing in details series, here’s a brief reminder: through the combination of hardware and software Intel SGX creates protected enclaves that only authorized applications can access. Unauthorized apps won’t even know what’s going on inside the enclave, what kind of data is being processed, or where it comes from.
Isn’t it convenient? Self-Sovereign Identity does not have to be atomic — various apps may need some parts of it. With users’ data split into safely protected within enclaves there’s no need (and no risk) of exposing your whole life and history just to use this one particular app. Another convenient thing is that these apps can store and process the data associated with this user within the enclave, without having to load it somewhere, reducing the risk of it getting leaked in case the app gets compromised.
Now the Web3-skeptic should ask: is this the only use case we should build a whole new web infrastructure and change how things work?
Well in case giving privacy back to the user along with the means to control it is not enough, here are some other awesome things that could be achieved with the tech we’re making.
The recent hype around the ChatGPT led to a number of curious ethical and legal questions. For example, if the other developers’ code had been used to train the AI, do the AI’s creators have to split the profits with said developers? There’s a lot to debate here, especially since some groups believe that information is free and has to be shared in the true spirit of “hacker ethics, some think that putting your code out there for others to use implies “for non-profit purpose”, and others see a great opportunity to provide their codebase in exchange for some royalties. We’re not going to discuss the rights and wrongs here, we’re the folks that build tools. In this case, if developers want to protect their code from being scrapped and used by some ML model and would prefer this to be a mutually profitable agreement, we can help do that!
Similar to the SSI case, the developer can grant access to the authorized application and be completely sure that all other parts of their codebase (personal or work-related) are safe. Super Protocol is uniquely positioned to create this kind of tool since it also allows the uploading and training of machine learning models. That means a whole ML infrastructure and CI pipelines can be built on top of the Super Protocol infrastructure, including the part where the model uses proprietary developers’ code for training or any other private data in a secure way.