English

SBT Privacy Module

The module leverages Semantic SBT and Lit Protocol to enable privacy-preserving data sharing, with users being able to share their private data with addresses meeting certain conditions.

In this mechanism, Lit Protocol is used to encrypt and decrypt data. Afterwards, arweave will store the encrypted data, encrypted key, and conditions for data sharing. Then, Semantic SBT will be used to store the hash pointing to arweave and define the conditions for data sharing.

The conditions for data sharing can be defined as:

  • EOA addresses

  • Users with certain NFT collections

  • Users with certain SBTs

  • Users owning a certain amount of a specified ERC20 token.

The process for sharing private data

Encryption

The private data awaiting sharing should be encrypted via Lit Protocol. The result (accessCondition、encryptedSymmetricKey、encryptedObject) should then be sealed as the "encryptMetaData" and uploaded to a storage layer (like arweave), generating a address for the "encryptMetaData".

  • The encryptMetaData has a following format:

{
 "encryptionBy": "lit-protocol",
 "accessCondition": [
   {
     "contractAddress": "${contract address of Semantic SBT}",
     "standardContractType": "ERC721",
     "chain": "polygon",
     "method": "isViewerOf",
     "parameters": [
       ":userAddress",
       "${tokenId}"
     ],
     "returnValueTest": {
       "comparator": "=",
       "value": true
     }
   }
 ],
 "encryptedSymmetricKey": "a hex string that LIT will use to decrypt your content as long as you satisfy the conditions",
 // encrypted content
 "encryptedObject": "AhgXUao1QU2iQg34UsCw0-ptkoy_fhifEoqEs3_Zj1s="
}

Minting a privacy-preserving SBT

A PrivacySemanticSBT contract is built based on the Semantic SBT specification. We are to mint a privacy-preserving SBT, with its RDF object as the address on arweave/ipfs.

  • How to call the method of the SemanticSBTPrivacy contract:

const tokenId = await PrivacySemanticSBT.prepareTokenId();

PrivacySemanticSBT.mintWithPrivacy(tokenId, arweaveHash);

await PrivacySemanticSBT.addViewer(address1, tokenId);

  • A complete RDF example is provided as follows:

:Soul_0x0000000000000000000000000000000000000000 p:telgramAccount "[Privacy]ar://djbZ5l5Ij5zBEgFFnVlDDqa4z5ACtS_A9uWPmAVwRe"

  • The construct of the encryptedObject:

    • Prefix: [Privacy]

    • web3 storage layer, e.g: ar:// or ipfs://

    • web3 hash for the storage

  • example of an encryptedObject:

[Privacy]ar://djbZ5l5Ij5zBEgFFnVlDDqa4z5ACtS_A9uWPmAVwRe

Decryption

Users who want to decrypt the private data should obtain the "encryptMetaData" from SBT's object. By calling LitProtocol's Decryption process, they can decrypt the data and obtain the object in plain-text.

Access Control Conditions Types

Different conditions can be set to control users' access to private data.

User holds an NFT in a collection

Users owning certain NFT collections can decrypt the private data.

[
  {
    "contractAddress": "0x3110c39b428221012934A7F617913b095BC1078C",
    "standardContractType": "ERC721",
    "chain": "ethereum",
    "method": "balanceOf",
    "parameters": [ ":userAddress" ],
    "returnValueTest": { "comparator": ">", "value": "0" }
  }
]

User holds an SBT in a collection

Users owning certain SBT collections can decrypt the private data.

[
  {
    "contractAddress": "0x588368698213bdf05aa722936d7657df8f3abe27",
    "standardContractType": "ERC721",
    "chain": "polygon",
    "method": "balanceOf",
    "parameters": [ ":userAddress" ],
    "returnValueTest": { "comparator": ">", "value": "0" }
  }
]

User owns a specific wallet address

Users owning certain addresses can decrypt the private data.

[
  {
    "contractAddress": "",
    "standardContractType": "",
    "chain": "ethereum",
    "method": "",
    "parameters": [
      ":userAddress",
    ],
    "returnValueTest": {
      "comparator": "=",
      "value": "0x50e2dac5e78B5905CB09495547452cEE64426db2"
    }
  }
]

User holds at least XX ERC20 Token

Users owning a certain amount of a specified ERC20 token can decrypt the private data.

[
  {
    "contractAddress": "0x9f8F72aA9304c8B593d555F12eF6589cC3A579A2",
    "standardContractType": "ERC20",
    "chain": "ethereum",
    "method": "balanceOf",
    "parameters": [
      ":userAddress"
    ],
    "returnValueTest": {
      "comparator": ">",
      "value": "0"
    }
  }
]

Using boolean operations (AND + OR) for any of the above

The above conditions can be compounded using AND, OR operations.

PreviousDeploy the contract

Last updated