 So, yeah, I'm Liz Steininger With least authority. I'm going to talk today about something that we're calling P4 because we like to play with numbers and letters and the the four P's are private periodic payment protocol and so Yeah, just going to tell you guys about what our work is with this and why we're doing it So like I said, I'm Liz Steininger from least authority. We believe that people have a right to privacy Our mission is to make security easy to use and available to everyone We help others to improve their technologies to be more secure through security audits of things like distributed ledger technologies blockchain projects and related cryptographic efforts We also build technical solutions that incorporate these values using things like privacy by design empowering users to control their own data and Also minimizing the access that service providers have to the user data or personal data data minimization we also like to participate with other communities and Work together on particular efforts to these goals too. I'm sorry. I just realized my whole slide is not showing technical problems There we go. Okay, so we operate a subscription based service That's just secure distributed storage product and we call it s4 again We like our letters and numbers and s4 stands for simple secure storage service and It's built using open-source Technology and enables client-side encryption so that the users can hold the keys to their data not us one of the projects that it uses utilizes is called Tahoe laughs lafs, which stands for least authority file store and Tahoe laughs and our s4 service doesn't operate on access control lists or ACL or user accounts But instead works using object capability model Ocap or key-based access This is similar to how cryptocurrency works in a high level It's similar in the sense that if you have the private key You have access to the crypto to the cryptocurrency and there's no user list no centralized party That is kept that saying that this particular cryptocurrency belongs to you personally So we don't have any personal account information with our system about this so we don't have any personal account information about the ciphertext that we're storing and You either have the capability to access it the key or you don't So this brings us to our problem and why we started this effort to begin with We have to use fiat currency with this So anyway, so with our secure storage product, we need to can collect these subscription payments This is our business model with it and and so however in the world of fiat currency and online tools This results in us collecting personal data by using By using things like stripe and charge B And we are collecting this personal data only for the purpose of processing payments not for operating the service itself So right now we use stripe and charge B and only collect that's personal data And not for any account management Because of the OCAP model So we didn't like this so we started talking amongst ourselves about how we could potentially use Cryptocurrency to help us avoid using these centralized systems that are collecting personal data This came about from discussions about GDPR compliance, which is the general data protection regulation It's in the EU about how date personal data should be managed And so amongst ourselves we figured out that this was a problem and so we thought okay. What could we do with cryptocurrency? So we started looking around at how we could accept private payments for the subscription service And that would also allow us to do end-to-end privacy for people Just like we are able to offer them end-to-end encryption and privacy with the data storage service itself and So of course this is a problem now. It's expensive to make things private and cheap to make them public Unfortunately, this seems to be the case right now, and we're trying to work on making this not the case an Expensive is relative, and I think that this issue could be easily challenged with new technology So here are the layers of privacy that we're considering when we want to say that we want to do something That's end-to-end private for the user We need to preserve this customer's privacy at all these levels And these are the different layers and systems that we need to have interacting with about whether or not There's any personal data that would be leaked or any metadata that could be correlated with other data to become personal data the same way that The same way that like things like Bitcoin and Ethereum addresses could be you you know Looked at correlated with other data in order to figure out people so that figure out personal identities So that are not true anonymity, but pseudo anonymity So starting from the bottom and moving to the top we decided to use tour for network layer privacy Because it exists right now and it's usable some of our team members contribute to the tour project Which is an anonymity network that allows users to not reveal personal data on the network And this protects against leaking any IP address information, which can be considered personal data And then Tahoe laughs is a technology as I mentioned before that we use with S4 and This offers storage labor layer privacy with client-side encryption and lastly We also use or not my lastly sorry and then we have Zcash, I think I I Missed that sorry going up. I skipped over Zcash Zcash I'll talk more about it in the next slide But Zcash see shale to transactions help us with financial privacy and then Tahoe laughs again helps us with the storage layer Privacy and then going at the top we have the client application Which is grid sync that we're using for ours but this also applies to the Zcash wallets and this gives users control over their payments and All of this is combined in what we need to give us end-to-end privacy for our subscription customers And why we particularly like doing it this way is because these all these things exist right now And we can put them together to have this implemented in a short amount of time So about cryptocurrency payments Cryptocurrencies have some technical features that could be utilized including some privacy features one blockchain that we are familiar with is Zcash Our companies share founders and although they're two separate companies now So we should also share a mission for privacy for everyone So we looked at how we could use utilize Zcash's privacy features to help us preserve privacy in our processing of customer payments And of course Zcash offers two types of payments one that are trend Transparence transparent transactions and that which are is more like Bitcoin and then also the shielded transactions Which utilize a particular type of zero-knowledge proofs called ZK snarks, and so this assures So for subscriptions We need to establish a relationship between the customer and the merchant to facilitate payments that repeat at specific intervals So we went on to look at subscriptions with cryptocurrency So when we researched what was out there and the standards for doing subscription payments with cryptocurrencies What we found was a bit limiting and didn't quite meet our needs, especially in the case of end-to-end privacy One current use of Zcash shielded transactions is to have people prepay for their subscriptions This this works. Okay. This is not ideal for subscriptions but this does work for some service offerings where you can turn off the service when a payment lapses and then turn it back on later after New payment and like for example electricity payments However in our case because people are uploading data to be stored on our storage service This is not an ideal user experience because if they stop their survey because of the need to re-upload that data every single time And so amongst other downsides to this approach, too And then another option is to do post-paid subscriptions But this is also not ideal and it makes renewal or payment periodicity a challenge and Of course, you can use smart contracts for managing some aspects of subscriptions But this and this is an option with Ethereum and other platforms but it doesn't really offer much in terms of privacy at the moment and You can't do those on the Zcash blockchain at the moment and I hope to see both of those things change soon, too So this meant what this meant is that we need to do some work on defining how to preserve privacy While still establishing the necessary relationship for these reoccurring cryptocurrency payments for a subscription So this is what we came up with For p4 on the left side there's a list of basic tasks that we could that we need to have completed by a subscription and on the Right side you can see the various Pieces that the various layers the pieces that I mentioned earlier and their part and these different steps And then this is all done over the tour network So in the first step we have so the subscription initiation The customer visits a web page and completes the subscription request now because we're not caring for much personal data This is probably just a button actually right now. It is just a button We don't have any fields or a form for them to fill out because we don't want any more data We just want to know that they want to do this and so and then the second step is Subscription creation and invita invite code so we the merchant create a zcash address and yet and an initial database entry To link the subscription ID to the zcash address. We generate a special invite code for the subscription That includes configuration details to access our storage servers the capability that I mentioned before and It also includes the initial invoice for the service And in that invoice is a signature so that they can also verify us in the future And then the third step is client side Subscription configuration the customer's client a desktop application in our case grid sync that I mentioned earlier Securely connects to us receives and receives the invite code and then gets configured for both managing the data They will store on our service and also the invoices. They will receive for it And the fourth step is payment and server update Next the customer has to actually send their first payment for the service For the service per the invoice that they just received and they need to do this payment via a zcash wallet That payment is processed on the zcash blockchain and we consider it a confirmed after a certain number of blocks are written That might not take too long maybe about an hour I think right now we're thinking about 24 blocks and then this triggers the publishing of the next invoice so The fifth step then is the recurring invoice and payment process from this point the client monitors the next for the next invoice Displays it to the customer and continues to do this loop after subsequent payments are made and Within when they go checked on the invoice. There's we are also utilizing payment codes to be able to to like to communicate to them the status of the payment and then also Sign that they can also verify the signature with each of these and then if they stop paying then their service is stopped So privacy is maintained by pushing many of the subscription management activities to the user's device into their client So client side instead of gathering the data in a central repository by a service like stripe or the equivalent of stripe and This decentralization of subscription data along with the zcash shielded transactions and use of the tour now Allow us to not gather personal information about customers or any metadata that could be correlated for suggestions on Who the user is? So go into more details. This is the invoice So as for data standards again, we looked around it at things that are existing right now And we didn't see any kind of Common language or agreed upon protocol for expressing notions like billing period due date grace period and late penalties So we designed a simple invoice structure to allow us to communicate this information on the right You see a basic list of data that we need to have in our invoices, which could be expanded to include more data for additional features in the future and on the left this is what the string of the invoice data actually looks like in this example a Customer is being asked to pay point one zek by a particular date here September 4th for the service least authority S4 if the payment is made by a given deadline then the subscription will be extended for a month 2.5 million seconds until October 4th 2018 and I think in the future we need to include things like You know trial periods refunds things like that could be also included in this But this was just basically the the the short list of data that we need to just process an invoice for the subscription so Yeah to start to talk about Next steps and where we're at right now So we're wrapping up the edits to our paper about this work and the privacy Considerations that we've made in the designing of it. We think that by also sharing, you know These privacy considerations not just the technical specifications of what we're doing that we can help people understand more about how to do privacy by design or just at least explain how we're trying to do it and And we'll be publishing that paper soon and we've already started implementing this for our S4 service We hope to have this We hope to have this available to pay I mean to use Zcash shielded transactions to pay for our service subscription sometime in a few weeks And this includes making updates to our desktop client grid sync and also Yeah, just making sure that the you know setting up a this also includes setting up a separate tour website for people to visit And things like that because we need to force people even from the time that they're interested They're they're browsing trying to figure out if they want to subscribe to our service to start to use tour So that we don't get that IP address that we can correlate later Yeah, so also the sapling upgrade to Zcash just recently happened and that helps for faster To make a Zcash faster especially shielded transactions and then we hope to get lots of feedback from various communities especially this community on on To help us iterate and improve this We would like to coordinate efforts with other people who are working in the area of subscription Subscriptions services and management within with cryptocurrency and also people who care about privacy payments and stuff like that So for example, and then we were also thinking about all kinds of great things that we could do in the future with this For example, we could implement a more robust communication channel for subscription management via the encrypted memo field and Zcash transactions where data can be passed Like where that invoice data could be passed back and forth as a in-band communication channel We're also looking at Expanding on features within Tahoe laughs to create a communication channel there too and seeing if that would that would help and Looking at improvements to or integrations with customer wallets to support this type of invoicing Data and Also the advanced features of things like trial periods refunds and stuff like that And we'd like to see the development of merchant facing payment frameworks To support subscriptions and management of those subscriptions for companies that want to utilize cryptocurrency payments And lastly, we just hope that this inspires other subscription services to use cryptocurrency in a privacy-preserving way while experimenting with tech We understand that maybe privacy can be like an afterthought when you're doing experimentation But if we do want to see this Because that in order for this to become mass adoption Especially for cryptocurrency for subscription payments I think that there needs to be some privacy in those payments Otherwise the world can see everything that you're subscribing to and that's not so cool other and also Even if it's not so obvious what that data is if it's just like metadata or something With big data analytic capability analytic Capabilities that are out there right now people could start to easily correlate that data to other data That's out there and figure out more about you too So any current pseudonymity pseudo anonymity that we have right now will be quickly lost and a major factor in Decentralization is removing such power from big corporations central central organizations and giving it to us as individuals To manage our subscriptions ourselves So usability will be very key in this too. So I look forward to Hearing from people about these efforts and how we can move forward Thank you Yeah, we have about four minutes for questions does anyone have any Hi, is there any Anything that's in that's stored in the data that allows me to if I was a user to get any kind of proof That says my data is being stored and and is retrievable if I'm subscribed to a service like this Yeah, so in Tahoe laughs if there's proof of storage. I don't think so right now. I think that there's Yeah, there's maybe some other ways to do it, but not not in the sense that they're yeah Not in the sense of the other projects that have that right now Which merchants are you planning to integrate with I'm sorry Which merchant networks are you planning to integrate? Oh merchant networks So we're the merchant right now in this case in this use case where the merchant and this is just how we're gonna handle it as a merchant In terms of integrating with other merchant networks that would be something that we could talk about as like a future possibility and Yeah, anyone expressed interest into like using this solution for the subscription You mean other companies other merchants like Netflix or something like that like who like any of this subscription providers have they shown interest into using this kind of Like anonymous payments into their service Well, yeah, so other so other companies have said that they want to do subscription payments with cryptocurrency So like I said, you could do right now subscription payments right now are kind of difficult There's some workarounds that we have but we need to make those easier to use for cryptocurrency in general And then when it comes to the angle of privacy I think that while it might be okay to not be so worried about the personal data That's being leaked in the experimental phase in the short term that if we want to see In the long term if we want to see mass adoption, I think we need to have some privacy preserving features in these subscription management services Whether or not that's true anonymity. That's a whole difficult thing but Yeah, I just I think that I think that most people out there Just will not want to do subscriptions if they think everybody else in the world knows what they're doing What they're subscribing to that I think that we would want to keep that information to ourselves and only share it with Who we want to share it with? Have you had a chance to connect with Kevin from who's doing EIP you 1337 I just talked to him quickly about this last night and Yeah, well, we're gonna connect some more and talk about it some more. I'd love to see us like coordinate efforts on that Oh, I see you're here too awesome Yeah, I'd want us to coordinate efforts on that because I think that it would be really good to talk to to make sure that like You know, we're being consistent on how we define things like invoices structure and stuff like that and Yeah, see if we can help with privacy on the Ethereum network, too Any other questions So one question you say you comply with GDPR, but how about AML and the money laundering you're opposed to monitor transactions If it's recurring payments, if it's over 15,000, how can you do that before if you don't know your customers? Yeah, so KYC AML stuff will I'm sure there's yet like you said you mentioned 50,000 in this case like to subscribe to our data storage service. It's definitely not 50,000 It's much cheaper than that. So I think for like the day-to-day subscriptions, that shouldn't be a problem But I can tell you once we implement this and we start actually receiving these These payments for our service in that way our business will definitely And before that too, but I'll know a lot more about how this is actually going to be handled by the regulators at least in Germany But right now it doesn't we don't foresee any major problems about that because again KYC AML More about like large quantities of money As far as I understand you're shaking your head. No, though No not that's not my area of expertise, but I think that that's definitely something that we should explore But I also think it's unrealistic to do the opposite thing Which is to have all of this personal data floating around in public too. So we have to I think we have to find some sort of like common ground between Offering more privacy for subscription payments with cryptocurrency and adhering to laws and regulations