Charles Guillemet (Ledger): "With this protocol, your data really belongs to you"
Charles Guillemet, CTO of Ledger, presents Ledger Key Ring Protocol, a new protocol focused on data confidentiality and sovereignty in the blockchain ecosystem.
The Big Whale: What is the context of your protocol?
Charles Guillemet: In cryptography, we often talk about four main properties. The first is authentication, i.e. the ability to prove that you are the person you claim to be. The second is integrity, which guarantees that the data you are manipulating or viewing has not been modified by someone else. Then there's non-repudiation, which means that you can't deny having carried out an action that you actually did in the past. Cryptographic signatures are often used for these first three properties. The fourth property is confidentiality, and for that we use encryption.
Today, in the world of blockchains, we mainly use the first three properties. For example, when we authenticate ourselves, we prove that we hold bitcoins, or that we are who we claim to be at a certain time. Integrity is a fundamental property provided by the blockchain itself, which guarantees that transactions have not been altered. And finally, non-repudiation is also ensured by the blockchain, since once a transaction has been recorded, it can no longer be altered or disputed.
On the other hand, confidentiality is often left out of current blockchains. Very few blockchains are truly anonymous, or only partially so. That's why we thought there was a need for confidentiality in this area. After all, we don't always want to share everything about our lives online, and we have secrets we want to keep. So the idea of creating a privacy solution was born at Ledger. We identified this need, and felt it was important to add this missing brick.
Read also - Investigation: Ledger, a giant at a crossroads
What is your Ledger Key Ring Protocol?
If you look at what we provide at Ledger, we already have a trust brick, our device, which is our main product. This device, like our Ledger Nano, Flex or Stax products, is very useful for storing your cryptocurrency keys and authenticating yourself. Whenever you need to prove that you are who you say you are, that you are holding bitcoins or that you are using your own computer, our device ensures the security of these actions. However, when it comes to encrypting data to guarantee confidentiality, there's nothing there. That's what we've decided to add to our device: the ability to manage encryption keys.
So we've developed a new feature that lets you manage these keys. Encryption is not done directly in the device, for technical reasons. If we tried to encrypt all the data inside the device, it would mean that it would always have to be connected, and that could be slow. Encryption often requires large amounts of data to be processed, encrypted, decrypted and so on. It wouldn't work smoothly in the device itself. So what we decided to do was to use the device as a key ring, which will generate keys. Then, as the user, you decide which keys you give to whom to decrypt the data you want to share.
"Confidentiality is the missing brick of blockchains"
Can you give us some concrete use cases?
Imagine you wanted to create an equivalent of Google Drive, but in a sovereign and decentralised way. If you use Google Drive today, you store your photos with Google, and Google has access to those photos. They can encrypt them themselves if they wish, but overall, they have access to your data. You, as a user, choose who you share access with. Now, if you want to do the same thing without going through Google, in a decentralised way, you could use this protocol. You take your photos, you encrypt them locally with keys generated by your Ledger device, and then you decide who you want to share access to those photos, and which ones. When you do this, you're not sharing the photos themselves, but rather the encryption keys needed to decrypt them.
For example, I could encrypt all my holiday albums with different keys and share specific photos with you. For example, I could share with you only the Singapore photos I took at the Token 2049 conference. I could then take the key to that specific folder and give it to you, which would give you access to all the photos in the folder, or just certain photos, depending on my choice. That's how we could build a sovereign, decentralised system, without needing to trust a third party like Google.
Read also - These ex-Ledger executives who are launching start-ups
How long have you been working on this project?
The idea may have been in the air for a year and a half, but it's only been a few months since we really started working on it actively. We've spent a lot of time wondering what use cases this would unlock, and there are several that are taking shape. I can't talk about them yet today, unfortunately.
We have a white paper that we've published, and we've been thinking about a lot of cases where privacy could be useful. For example, if we go back to the idea of data sovereignty, today most of the Web2 services we use store our data in their systems. You arrive with your Google account, for example, and all your data is stored with them. The Web2 service then gives you access to that data.
If we want to turn this model on its head, your data has to be your own. You store it locally, you encrypt it locally, and then you decide who you want to share that data with and how. If you think about it like that, there are a lot of Web2 services, like social networks, where you give up the confidentiality of your data by storing it with a third party. With our protocol, you retain total control over your data, whether it's stored locally or encrypted on servers, and only you can decide to decrypt and share it. This creates truly sovereign storage for the user.
When will this protocol be ready and operational?
The protocol already exists. We have already published a white paper and we have implementations that work on our devices. We have also developed concrete examples to ensure that it works in practice. Because, of course, on paper, everything always works perfectly in theory, but it's important to test things in reality to be sure. Depending on the feedback we get during the white paper evaluation period, we may soon be able to release features based on this protocol. So overall, everything is ready, and all that remains is to adjust according to the feedback we receive.
"We want to give users total control over their data"
The concept of "broadcast encryption" has been around for a long time. Is what you are doing a major innovation or is it based on existing standards?
In fact, this concept is quite old. We haven't reinvented the wheel. There are already protocols that do more or less the same thing. We're using cryptographic standards that already exist, so we haven't created any new cryptographic standards. What is specific to Ledger is the way we manage keys using our devices, and also the ability we have to do 'selective data sharing', meaning you can choose what data you share and with whom.
In addition, we rely on key derivation techniques used in blockchains. This allows the user to manage multiple keys from a single master key. Otherwise, managing one key per photo or file in the cloud would quickly become unmanageable. We solve this problem by using a deterministic key derivation system, where you only have to manage one starting key, and all the others are generated automatically.
Read also - Ledger Flex, the new digital wallet from Ledger
Do you have to have a Ledger wallet to use this protocol?
We've implemented it on our Ledger wallets, but it's not exclusive. With any wallet compatible with BIP 39 (a Bitcoin standard), it is possible to reimplement the same protocol as us, and be compatible with our solution. We have no intention of making this exclusive to Ledger wallets.
You mentioned earlier that confidentiality is one of the weak points of current blockchains. But aren't ZK proofs a solution to the confidentiality problem?
Yes, ZK proofs solve part of the confidentiality problem. What's really interesting about ZK proofs is that you can prove something without disclosing any contextual information. For example, you can prove that you are 21 years old without having to show your identity card or give your date of birth. You can also prove that you have fewer bitcoins than someone else without revealing the exact amount you have. These are very powerful protocols that guarantee data confidentiality.
However, ZK proofs do not solve all confidentiality problems. For example, if you have a photo that you want to encrypt and share only with a specific person, ZK proofs don't allow you to do that. For that, you need to use encryption. Instead, ZK proofs are used to prove properties without revealing underlying information, but they don't encrypt data like photos or messages.
In fact, in the world of blockchains, ZKproofs are used primarily for integrity, as they allow you to prove certain properties while ensuring that these properties have not been altered. They can also be used to check that calculations or proofs are correct, without needing to know the details of the calculation. In fact, this is why blockchains often use ZK proofs for integrity reasons, rather than for confidentiality.
How will the user experience play out on Ledger wallets?
On the Ledger device, it's quite simple. The user will see a request appear on the device screen asking if they want to share a particular resource. They can then give their consent directly on the device screen, by pressing a button. It's as simple as that. We're trying to make the user experience as seamless as possible.
Read also - Charles Guillemet: "The fear around Ledger Recover is totally irrational"
"We hope that developers will build on top of our protocol"
In your blog post introducing the protocol, you mentioned certain use cases such as encrypted messaging. In concrete terms, what would this change in the field of secure communication?
Imagine you're using end-to-end encrypted messaging like Signal. With what we've developed, you could say that the encryption keys for your messages are managed directly by your Ledger device. This would improve the security of communications, because your keys would be stored securely on your Ledger device, and you would have full control over their management.
We could also imagine completely rewriting a solution like Signal to make it even more secure. For example, you could choose to share part of a conversation with one person, while keeping other parts private. Or you could invite a new person into a group conversation and only give them access to certain messages, without sharing the whole conversation from the beginning. This kind of granular control is possible through encryption and key management, and it would provide even stronger security guarantees.
Is there a business model behind all this for Ledger?
For now, we're mainly focusing on the technical side. We see this technology unlocking a lot of interesting use cases. We've already identified a number of small use cases that will enable us to release simple, useful functions for users. We're not yet in the process of developing a new business model around this, but that could happen in the future.
The idea for now is to encourage developers to use our protocol and build innovative applications using this technology. We hope that many development teams will see the value of this solution and start using it to create applications. We are not yet in the process of launching a new business unit around this protocol, but this could evolve in the future.
Is the protocol patented? And if so, what type of licence do you use?
Yes, some parts of what we have developed are patented, but our approach to patents is mainly defensive. We don't want to prevent innovation or limit the use of this protocol by other developers. The protocol itself is open and public. You can use it freely for open source projects.
Our patent strategy is more defensive than offensive. The idea is to protect our innovations to prevent other companies from using them for commercial purposes without our consent. But we encourage innovation and we want developers to be able to use this technology freely in their open source projects.
"We have no plans to create a governance token"
How will encrypted data be backed up? Will each user manage their own backup, or will Ledger recommend a cloud service?
If you want to manage your own backup system, you can. The protocol is completely open, so everyone can decide how they want to use it. In terms of the features we're going to offer our users, we're going to provide a solution that's transparent and easy to use. The user won't even have to worry about it, everything will be managed automatically in the background.
Given that we're talking about cryptography and data sovereignty, do you envisage this protocol being completely decentralised?
Yes, by default, the protocol is decentralised. There is no central server to manage the keys or the data, everything runs directly on the user's device. Depending on the applications you want to develop with this protocol, there might be a need for governance around certain specific features, but the protocol itself is designed to work in a decentralised way.
Do you ever plan to create a governance token for this protocol?
No, that's not in our plans. We have no plans to create a governance token. But it's always possible that this could change in the future, even if it's not in our current vision at all.
Before investing in any product, investors should fully understand the risks involved and consult their own legal, tax, financial and accounting advisors.