The module leverages Semantic SBT and to enable privacy-preserving data sharing, with users being able to share their private data with addresses meeting certain conditions.
In this mechanism, Lit Protocol is used to encrypt and decrypt data. Afterwards, will store the encrypted data, encrypted key, and conditions for data sharing. Then, Semantic SBT will be used to store the hash pointing to Arweave and define the conditions for data sharing.
The conditions for data sharing can be defined as:
EOA addresses
Users with certain NFT collections
Users with certain SBTs
Users owning a certain amount of a specified ERC20 token.
Schema
The for privacy content sharing works as follows: The schema is stored on Arweave in the form of a ttl with the transaction hash as the schemaURI to be passed to the contract during its initialization stage. For example:
:Soul a rdfs:Class ;
rdfs:label "Soul" ;
rdfs:comment "A soul." .
Predicate
The predicate p:privacyData describes private data.
p:privacyContent a rdf:Property ;
rdfs:label "privacyContent" ;
rdfs:comment "The privacy content." ;
rdfs:domain :Soul ;
rdfs:range xsd:string .
Contract
interface IPrivacyContent is ISemanticSBT {
/**
* Prepare a tokenId.
* @return tokenId
*/
function prepareToken() external returns (uint256);
/**
* Query the prepared tokenId.
* @param owner
* @return tokenId
*/
function ownedPrepareToken(address owner) external view returns (uint256);
/**
* Post a content.
* @param content The content should be the hash on Arweave. The actual encrypted content and authorization records are stored on Arweave.
*/
function post(string memory content) external;
/**
* Whether the address is authorized to be the view of the token.
* @param viewer
* @param tokenId
* @param isViewer
*/
function isViewerOf(address viewer, uint256 tokenId) external view returns (bool);
/**
* View the hash on Arweave corresponding to the token
* @param tokenId
* @return content
*/
function contentOf(uint256 tokenId) external view returns (string memory);
}
For a complete contract implementation, please refer to:
The process for sharing private data
Encryption
The encryptMetaData has a following format:
{
"encryptionBy": "lit-protocol",
"accessCondition": [
{
"contractAddress": "${contract address of Semantic SBT}",
"standardContractType": "ERC721",
"chain": "polygon",
"method": "isViewerOf",
"parameters": [
":userAddress",
"${tokenId}"
],
"returnValueTest": {
"comparator": "=",
"value": true
}
}
],
"encryptedSymmetricKey": "a hex string that LIT will use to decrypt your content as long as you satisfy the conditions",
// encrypted content
"encryptedObject": "AhgXUao1QU2iQg34UsCw0-ptkoy_fhifEoqEs3_Zj1s="
}
Minting a privacy-preserving SBT
A PrivacySemanticSBT contract is built based on the Semantic SBT specification. We are to mint a privacy-preserving SBT, with its RDF object as the address on Arweave/ipfs.
How to call the method of the SemanticSBTPrivacy contract:
The private data awaiting sharing should be encrypted via . The result (accessCondition,encryptedSymmetricKey,encryptedObject) should then be sealed as the "encryptMetaData" and uploaded to a storage layer (like Arweave), generating a address for the "encryptMetaData".
Users who want to decrypt the private data should obtain the "encryptMetaData" from SBT's object. By calling , they can decrypt the data and obtain the object in plain-text.
