Two months ago, the Baseline protocol was founded as a set of tools, including privacy enhancements to enable enterprises to use the Ethereum public blockchain while retaining the confidentiality of both data and smart contract contents. Now the protocol founded by EY, ConsenSys and Microsoft, is being explored for Coronavirus solutions.
Perhaps the highest profile COVID-19 initiative is the one being developed by Apple and Google. The idea, doubtless inspired by Singapore’s TraceTogether, is for your phone to use Bluetooth to track other phones it comes close to anonymously. If someone nearby tests positive, you get informed without knowing their personal identity.
Public blockchains are under constant attack. So it’s not surprising that ConsenSys’ John Wolpert, one of the Baseline founders, assessed potential vulnerabilities in the Apple-Google plan. For example, you could deliberately add someone’s Bluetooth key to your list of proximity contacts, even if you haven’t been near them. That would especially be an issue if you tested positive and the proximity contacts unnecessarily quarantine.
Wolpert suggests that if instead the fact that the parties were close to each other was ‘baselined’ (stored on a blockchain in a privacy preserving manner), then this bad behavior would be negated.
The next possible corruption is if someone sets themselves as having a false state. They say they’re infected when they are not, or healthy when they are infected. A suggestion to combat this is to integrate “baselining” into testing results.
Abbot Labs testing machines are widely used, and in a Github post, Wolpert outlines how they might be integrated. He suggests storing what sounds like a credential in something like uPort, the self sovereign identity solution from ConsenSys. Or it could be stored in a more conventional app like 1Password. Wolpert acknowledged that the example is somewhat close to a typical decentralized identifier.
But one of the biggest issues with the Apple-Google solution is what happens when somebody tests positive. If you test positive, do you hand over all the Bluetooth ids of people you came near to. And to whom? The concern is that if there’s some central repository, then AI could be used to analyze the data.
An alternative decentralized solution is for an infected person to add a special digital fingerprint or hash to the blockchain, and anybody exposed to the infected person gets alerted.
Yet another avenue is to incorporate incentives. The app may grant you permission to go to supermarkets. But if you turn off your phone, or your biometrics change because you lent your phone to somebody, then some permissions get revoked.
These incentives might be a seed of an idea but would need to be handled carefully and sounds more like something appropriate for authoritarian regimes. It has too much scope for “punishing” the innocent. For example, if a phone battery fails or if you have to lend your phone to a spouse.
In the spirit of startups, the Coronavirus isn’t purely viewed as a negative threat. It’s also being seen as an opportunity to do good and raise the profile of nascent technologies. ConsenSys isn’t the only one.
One of the most novel applications is the combination of nanotechnology and blockchain for immunity passports by Quantum Materials Corp.
The COVID Credential Initiative is a collaboration of more than sixty firms interested in self sovereign identity (SSI). And the Coronavirus crisis does seem like a perfect match between SSI and immunity passports or proof of test results.
And IBM and HACERA partnered to share data relating to the Coronavirus amongst blockchain networks.
Credit to Samuel Haig for first highlighting Wolpert’s post.