Verifiable Management of Private Data under Byzantine Failures

In this paper, we present Calypso, an auditable data-management framework that lends itself to decentralize the sharing and life-cycle management of private data as well as to enforce fair, atomic disclosure of data protecting against front-running attacks. To achieve these goals, Calypso deploys on-chain secrets, a novel abstraction that enforces the deposition of an auditable trace whenever users access confidential data. On-chain secrets combine verifiable secret sharing and blockchains to ensure accountability, fairness, and liveness of the data-sharing process without centralized intermediaries. By employing skipchains for identities and access-control rules, Calypso provides dynamically changing access control while enabling users to keep control over their identities. Our benchmarks show that the latency of processing transactions scales linearly with the number of involved nodes (trustees) and is in the range of 0.2 to 8 seconds for 16 to 128 trustees.We also evaluated Calypso in two contexts using simulated and real workloads. First, a document sharing application, where, depending on the load, the latency overhead ranges from 0.2× to 5× compared to a semicentralized system. Second, a zero-collateral lottery that, unlike the current state-of-the-art solutions, always terminates in one round independently of the number of participants.