
Ask HN: Can blockchain allow full privacy Covid-19 tracing? - skitout
The current plan for bluetooth covid-19 contact tracing sounds a little bit creepy to me(but better than nothing. They generally have two components: 
1. A decentralized part storing on our devices (anonymously) who we’ve been in contact with
2. A state-run centralized system to contact people once someone had been infected<p>Sounds to me blockchain could allow the second part (and the whole system) to be more&#x2F;fully decentralized, with more&#x2F;total privacy…  
What do you thing ?
======
skitout
A (non-specialist) idea of architecture :

\- If you are more than X minutes at less than 2 meters of someone, you get a
unique address from this person (like for any blockchain transaction), stored
in your smartphone.

\- If your are infected (after validation by a doctor?), you just send the
info (like a normal transaction) to all the relevant "unique addresses" stored
in your phone

\- Using existing blockchain (and a modified version of their open source
wallet) to do these simple transaction, with existing coin (eg. using OP-
RETURN) or by creating a specific token. Monero would be interesting (obscures
sender and recipient) for the privacy side. Less private, but I like Komodo
too...

Nothing stored in the blockchain. No smart contract, no gas cost, nothing
complex, using existing tech and open source code...

------
davidajackson
Probably not a great idea because:

1\. Replacing a DB/server side code with contracts that you pay to run per
opcode introduces needless cost (this is general problem with startups that
use blockchain too quickly). Sure AWS compute costs money, but smart contracts
are way more expensive.

2\. If you're building an app and distributing it via Apple/Google, there's no
need for a blockchain. Plus the app store itself is already centralized, so if
your distribution channel is centralized there's really no guarantee of
privacy.

3\. Ethereum/<pick your favorite blockchain> txs are slow compared to HTTP
requests. We're talking minutes to confirm sometimes, versus less than 100s of
milliseconds.

4\. If you increase privacy, you must be increasing anonymity, and that's not
useful for contact tracing. You need to know who was in contact with who else.

5\. Smart contract code is a pain to upgrade. It's costly, complicated, and
puts all your "server-side" code right on the blockchain for anyone to mess
with it and try and break it.

~~~
skitout
Thank you for your insight. My (non specialist) answers:

1\. It is possibly be a (little) bit more expensive to run, but the cost must
be compared with the potential gain: more privacy, and more adoption thanks to
privacy (=less cost for treating COV-19). I think cost can be decreased by
using existing blockchain infrastructure, and using a gas-free design.

2\. If we can achieve much higher privacy without blockchain, I am happy with
it, I just never seen any proposal! Crypto-wallet are available on app stores,
but still guarantee decentralization and anonymity/pseudonymity

3\. Speed is not key here. Knowing now or in 2 minutes that you have been in
contact with someone with COV-19 does not seem to be game changing

4\. My understanding is you need to know if you have been in contact with
someone having the COV-19. But you don't need anything else, and health system
does not need to know your name or other info

5\. If it is a pain in the neck but allow better privacy and more tracing app
usage seems a reasonable trade off to me. Furthermore I think that it possible
to do a design without smart contract.

~~~
m11a
1\. You don't see this from a layman's perspective: a person who hardly
understands Bitcoin never mind blockchain. _You_ may realise the privacy
improvements in such a solution. The average laymen will not. How can you
expect trust, as far as privacy goes, when people can't even understand how
that privacy is guaranteed? The media, who could simplify and spread, have
very low trust ratings according to recent surveys on the coronavirus crisis.
Trust in almost all organisations, including central governments, has went up
- the largest exception was the media.

On a sidenote: Governments haven't played around with blockchain enough to be
able to rapidly develop and deploy such a feature using blockchain technology.
Then they'd probably run into lots of bugs and hurdles on release.

Not good when you need to increase public trust, adoption, and deploy
effective solutions rapidly.

------
detaro
Why do you think that? How would you use the blockchain to achieve that?

Also, what does "full privacy" mean? The goal of such a system is by
definition partiall compromising privacy, by revealing information.

~~~
skitout
Blockchain allows to send stuff pseudonymously (bitcoin, ethereum, komodo…) or
anonymously (monero, Zcash, pirates...), and allow to get a decentralized
system, with high level of privacy and control. Seems to me that can be useful
for a more privacy in the contact tracing system, especially for contacting
people at risk... But I am no specialist, maybe people in HN could share their
expertise...

~~~
verdverm
The true anonymity is not actually near where people think they are, even on
the purpose built for.

So in many ways, block chain is less anonymous because the true data set is
provided to the public. They do data science, connect dots, an de-anonymize
the wallets.

~~~
skitout
In general I do agree with you; here I think it is different, with 2 different
options.

1\. You can use Monero like blockchain

2\. What's allowing to de-anonymize wallet is the multiple transaction you do,
especially the transaction linked to the real word (eg. stuff with KYC or with
your someone's postal address). Here this could be a "wallet" that only send
or receive info from other "covid wallet" without link to real life info, and
with only very few transaction (when you have covid, or are at risk). That
reduces the risk of de-anonymization

~~~
verdverm
1\. Monero anonymity has been subverted in multiple cases

2\. How does the fiat get in or out? That's where anonymity breaks with
anything blockchain

------
mytailorisrich
Storing contacts on people's devices in a private way is trivial (just use an
unique ID, and that's probably the way apps that trace through Bluetooth
beaconing work), but the point is that the list of contacts may be identified
by the authorities if and when needed.

We don't want something that only allows people to be notified on their
devices without anyone knowing who they are. We want to know exactly who the
contacts are.

Back to your question: It's not clear to me what blockchain has to do with
this, anyway.

~~~
skitout
"We don't want something that only allows people to be notified on their
devices without anyone knowing who they are. We want to know exactly who the
contacts are"

Why???

And even if you want the authorities to get specific names and contacts (which
I don't understand the usage of it), a system giving those name while not
revealing with whom s.he had been in contact with would be good.

More you have privacy, easier it gets to convince people to opt-in.

Monero or Pirates blockchains allows you to do some transaction while
obscuring sender, recipient and amount of the transaction... Seems an
inspiration to get more privacy for tracing app

------
rampatra
The privacy concerns you're pointing out can be overcome even without
Blockchain. I am not sure I understand the use of blockchain here, even though
I would be really happy to use one if I see a benefit.

Let's say we use a blockchain to store these user data in a decentralized way.
Now, how will blocks get created (new blocks added) in the chain? How are you
planning to get a consensus? Who decides?

~~~
skitout
If there is no need of blockchain, then it would be "stupid" to use
blockchain, as it tend to be more complex and inefficient.

However all the design I came through included a state-run centralized
database to contact people who have been in contact with someone having the
covid, and generally gets access to the info of which covid-positive person
you have been in contact with... How would design a system including more
privacy ?

My feeling is you don't necessarily need to store anything on the blockchain.
If you are more than Xminutes at less than 2 meter of someone, you get a
unique address from this person. Then you just use the unique addresses of all
the people to send them the info that you have the covid (after validation by
a doctor?). That could use existing blockchain to do these simple transaction,
with existing coin (eg. using OP-RETURN) or by creating a specific token.
Monero would be interesting for the privacy side. Less private, but I like
Komodo too.

------
kleer001
No. Blockchain is for an immutable forever docket. That's the opposite of
privacy.

~~~
skitout
A good Monero wallet gives you more privacy than any bank...

