Secret Network is a powerful platform, enabling developers to build privacy-preserving decentralized applications that wouldn’t be possible elsewhere. As a layer one smart contract blockchain built on the Cosmos SDK, Secret is interoperable with many other blockchains via IBC. Secret also connects to many different EVM chains via the Axelar network. At this moment in time, these connections enable tokens to be transferred into and out of Secret with ease, enabling things like privacy-preserving wrapped tokens which can be used in private DeFi applications.
However, a new form of interoperability is on the horizon…
Introducing Privacy as a Service
“Privacy as a Service”, or PaaS for short, is what we’re calling Secret Network’s ability to provide private computation to other blockchain networks. This means that not only can tokens be sent into and out of Secret, but data as well. It opens up a whole new world of use-cases, as Secret’s privacy-preserving computation can be utilized by virtually anyone!
This is achieved through the use of cross-chain communication protocols like Inter Blockchain Communication (IBC) and Axelar General Message Passing (GMP). By utilizing these connections, developers can make use of features from multiple blockchains, getting the “best of both worlds”. For example, a smart contract built on Arbitrum might perform the majority of its operations there, and communicate with a proxy contract on Secret whenever it needs to perform a task requiring private computation.
To give you an idea of what this can enable, we’ll explore several different use-cases, some of which are already live on the network today and some of which are currently in development.
Example Use Cases
Random Number Generation
See Secret VRF
There are many reasons why an application might need to generate a random number. Encryption algorithms rely on random numbers to generate keys, salts, and other critical parameters. Applications that use two-factor authentication or one-time passwords often use random numbers to generate unique codes. In gaming, random numbers are essential for functions like generating environments, computer player behavior, loot drops, shuffling cards, and games of chance.
In all of these situations, it’s essential that the logic used to generate the random number is not publicly visible, otherwise a malicious actor could potentially figure out the number ahead of time and gain an unfair advantage, or gain unauthorized access to something. With blockchain applications, this problem is sometimes handled by sourcing the randomness from an off-chain, centralized provider. The problem with this is that the application is no longer fully decentralized, and you must trust the off-chain provider to not act maliciously.
The latest Secret Network upgrade included an integrated random number generation API called Secret VRF (verifiable random function). It allows smart contracts on any IBC-connected network to obtain random numbers generated securely by Secret inside of a trusted execution environment. This service will also become available to EVM chains through Axelar GMP in the near future.
One of the largest barriers of entry for people new to using Web3 applications is the need for a wallet. They have to install a wallet application, generate an address, back up their seed phrase, create a password, and then likely obtain a token that will be used for transaction fees. These are unfamiliar concepts for people coming from Web2, and the steps can be time consuming. For someone only casually interested in using a Web3 application, it may be enough to deter them completely.
Secret has a solution to this, which we’re calling “walletless apps”. It works by abstracting the wallet management process away from the user, storing the wallet’s keys in a Secret smart contract, and using familiar access methods like a username and password to allow the user to authenticate with the wallet and use the application. Users can even fund the wallet using traditional Web2 payment methods.
Where Privacy as a Service comes into play is that this process can be used to create and operate wallets on blockchains other than Secret. For example, an Ethereum application could be built as a “walletless application” by making use of a Secret smart contract to manage the wallet instead of requiring a user to connect a MetaMask wallet. An API for this is currently in development by SCRT Labs.
Threshold wallets are often used in blockchain applications to enhance the security of cryptocurrency holdings. A threshold wallet is a type of multi-signature wallet that requires a certain number of digital signatures to approve a transaction. This provides an added layer of security as it reduces the risk of any one key holder acting maliciously or making a mistake that could result in the loss of funds.
Threshold wallets are particularly useful for companies that need to securely manage customer funds. By requiring multiple approvals for transactions, threshold wallets provide a robust security framework that helps protect against theft, fraud, or human error. Coinbase and Fireblocks are some examples of well known companies that make use of this technology. The problem with this situation is that these are centralized, closed-source companies, and customers are dependent on them to access their funds, or need to trust them to execute security policies properly.
Secret’s Privacy as a Service can improve on this by completely removing the need to trust a centralized entity when using threshold wallets. This can be achieved by creating a Secret smart contract that stores one of the threshold wallet’s keys, and enforces security policies set by the user. In this situation, even if the user’s personal key is compromised by an attacker, the attacker’s access will be limited by the security policies enforced by the smart contract. This PaaS solution is currently being developed by a couple of different teams, and can be used with virtually any blockchain. One example is SCRT Labs' Unstoppable Wallets, which we'll be covering in more detail soon!
In nearly every instance of governance outside of Web3, private voting is the standard. Imagine going to your local government building to vote for your country’s next leader, and as soon as you cast your vote, your choice is posted online along with your name and financial history. This is how DAOs currently operate on transparent public blockchains.
There are several reasons why a DAO might want members to be able to vote privately. If members can cast their vote without revealing their identity, they don’t have to worry about potential retaliation for their choice from people with opposing opinions. Private voting can also promote decentralization by reducing the potential for voter coercion. If voting is public, voters can be influenced to vote a certain way, which can undermine the democratic process.
Secret Network’s PaaS can solve this problem by receiving encrypted votes from the DAO chain, decrypting them and counting the votes on Secret, and then sending the results back to the origin chain.
Sealed-bid auctions are a type of auction where each bidder submits only one bid, and the bids are not revealed to the other bidders until the end of the auction. This can help to prevent collusion and ensure that each bidder submits their true valuation of the item being auctioned, rather than attempting to win with the lowest bid possible. In the NFT art market, this can be desirable especially for pieces from famous artists.
In order to achieve this with a blockchain application, some method of keeping the submitted bid amounts private is required, which is a challenge on a public blockchain. There are some attempts at this which involve obfuscating bids and over-collateralizing, but these methods are imperfect and have the potential to reveal bid amounts.
A custom-built solution utilizing Secret’s PaaS is currently being developed by the Bidshop team.
Private Content in NFTs
There’s a huge amount of use-cases for NFTs with private properties, and some of these can be made available to NFTs on public networks by linking them to an NFT on Secret. This method of Privacy as a Service involves bridging NFTs from one network to another. For example, an NFT on Ethereum could show a preview image of a famous artist’s work. In order to view the full artwork, the NFT would need to be bridged to Secret, where the accompanying NFT would contain additional private metadata only viewable to the owner.
An NFT bridge enabling this was recently launched by XP.NETWORK.
Axelar GMP (General Message Passing) is a framework that allows blockchains to communicate with each other, and more specifically, allows Cosmos SDK blockchains to communicate with EVM chains. It's an extremely powerful tool that will open up an entire new range of possibilities for Privacy as a Service applications, as it will make communication between Secret and EVM chains much easier.
Axelar GMP started supporting Cosmos SDK chains on May 2nd, 2023, but in order for Secret applications to start using it, an additional network upgrade is required on the Secret side. This upgrade will add the IBC-hooks middleware, and is currently planned for Q3. Once this upgrade is complete, we should start seeing even more PaaS applications being built with a focus on providing private computation to EVM chains!
Start Building with PaaS
The above use-cases are just scratching the surface of what’s possible with Privacy as a Service! If you’re a web3 developer interested in making use of PaaS in your own applications, reach out to our devrel team. They'll schedule a call with your team, discuss ideas for how your application could be built, and provide developer support along the way.
Over the next few months, several PaaS applications that are currently in development will be launching on mainnet. Stay tuned!