2.4 Security Model
A comprehensive security analysis and formal proofs are beyond the scope of this overview and are addressed in subsequent sections.
The ASP security model is based on the following principles:
-
Immutability: The Public Registry is append-only and immutable, ensuring the integrity of stored records.
-
Privacy: Zero-knowledge proofs enable compliance verification without revealing sensitive details.
-
Decentralization: The system operates across multiple protocols and doesn't rely on a single point of trust.
-
Access Control: Strict policies to prevent unauthorized modifications to the Public Registry.
-
Cryptographic Integrity: All records and proofs are cryptographically secured.
- The underlying blockchain protocol’s security (e.g., Ethereum’s consensus mechanism).
- The cryptographic security of the hash functions used (e.g., Keccak-256, Poseidon).
- The soundness and zero-knowledge properties of the ZKP system employed.
Key security considerations include:
-
Sybil Resistance: All system components must be resistant to Sybil attacks.
-
Front-Running Protection: Measures to prevent front-running of compliance proofs.
-
Privacy Leakage: Careful design & implementation of Interfaces & communication channels to prevent inadvertent privacy leaks through query patterns.
-
Upgrade Security: Secure processes for updating classification rules and compliance policies.