- From: benjaminsavage via GitHub <sysbot+gh@w3.org>
- Date: Thu, 11 Aug 2022 15:18:30 +0000
- To: public-patcg@w3.org
Hi @alexWhitworth - I think you've misunderstood the proposal. That is not what the "helper party network" refers to. It refers to a group of three distinct companies, each of whom operate a server which would run an MPC protocol that conformed to the specification. These entities are *minimally trusted*. That is, they are never entrusted with raw user data. They only ever see "secret shared" data, which cannot possibly be converted back to raw user-data without collusion between the helpers. As such, the *only* thing we need to trust about these helpers is that there is AT MOST one malicious one. So long as there is at most one malicious helper, it is not possible for user privacy to be violated. As for how these three entities would be chosen, it would be up to the browser or mobile-OS vendor to select a group of companies that *they* trust to not intentionally collude amongst one another to violate user privacy. -- GitHub Notification of comment by benjaminsavage Please view or discuss this issue at https://github.com/patcg/meetings/issues/70#issuecomment-1212134491 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 11 August 2022 15:18:32 UTC