1. Introduction

Recently, a facial NFT minting project initiated by Privasea has gained tremendous popularity! At first glance, it seems simple: users record their faces on the IMHUMAN (I Am Human) mobile app and mint their facial data into an NFT. This combination of facial data on-chain + NFT has led to over 200,000 NFTs minted since its launch at the end of April, indicating its significant popularity. I was curious too – why is this happening? Can facial data be stored on-chain? Will my facial information be misused? What exactly is Privasea? Let’s delve into the project and its initiator, Privasea, to uncover the details.

2. From Web2 to Web3 - The Unending Battle Between Humans and Bots

Firstly, let’s decode the purpose of the facial NFT minting project. You are greatly mistaken if you think this project is merely about minting facial data into NFTs. The app’s name, IMHUMAN (I Am Human), already hints at a deeper purpose: the project aims to use facial recognition to determine if the person in front of the screen is human. Why do we need human-bot recognition? According to Akamai’s Q1 2024 report (see appendix), Bots (automated programs that can simulate human actions like sending HTTP requests) astonishingly occupy 42.1% of internet traffic, with malicious traffic accounting for 27.5% of total internet traffic. Malicious bots can cause disastrous consequences like delayed responses or downtime for centralized service providers, affecting real users’ experience.

Take the example of ticket scalping: cheaters create multiple virtual accounts to increase their chances of securing tickets, and some even deploy automated programs near the service provider’s data center to achieve almost zero-latency ticket purchases. Ordinary users have little chance against such high-tech competitors. Service providers have made efforts to combat this, using methods like real-name verification and behavioral CAPTCHAs to differentiate between humans and bots on the client side, and employing WAF strategies and other techniques to filter and intercept malicious traffic on the server side. But does this solve the problem? Clearly not, as the rewards from cheating are substantial. The battle between humans and bots is ongoing, with both cheaters and verifiers constantly upgrading their tools. For example, AI’s rapid development in recent years has rendered client-side behavioral CAPTCHAs almost ineffective, as AI models can often solve them faster and more accurately than humans. This has forced verifiers to upgrade from early user behavior detection (image CAPTCHAs) to more advanced biometric detection (perception verification: client environment monitoring, device fingerprinting, etc.), and for high-risk operations, to biometric verification (fingerprints, facial recognition).

In Web3, human-bot detection is equally essential. For certain project airdrops, cheaters can create multiple fake accounts to launch Sybil attacks, necessitating real human verification. Given Web3’s financial nature, high-risk operations like account login, withdrawal, trading, and transfers require not just human verification but also account ownership verification, making facial recognition an ideal choice. The demand is clear, but how do we implement it? Decentralization is the essence of Web3, and when discussing facial recognition in Web3, the deeper question is how Web3 should adapt to AI scenarios:

• How do we build a decentralized machine learning computing network?
• How can we ensure user data privacy?
• How do we maintain network operation?

3. Privasea AI Network: Exploring Privacy-Preserving Computation and AI

In response to the challenges mentioned in the previous chapter, Privasea has proposed an innovative solution: the Privasea AI Network, built on Fully Homomorphic Encryption (FHE), to address privacy-preserving computation in AI scenarios on Web3. FHE is an encryption technique that allows computations on encrypted data to yield the same results as if the operations were performed on unencrypted data. Privasea has optimized and encapsulated traditional FHE into a layered structure, consisting of the Application Layer, Optimization Layer, Arithmetic Layer, and Raw Layer, forming the HESea library. This library is tailored to machine learning scenarios, with each layer responsible for specific functions:

Through this layered architecture, Privasea offers more customized solutions to meet the unique needs of each user. Privasea’s optimizations primarily focus on the Application Layer and Optimization Layer, delivering custom computations that can accelerate performance by over a thousand times compared to basic solutions found in other homomorphic encryption libraries.

3.1 Network Architecture of Privasea AI NetWork

Judging from its Privasea AI NetWork architecture:

The Privasea AI Network consists of four roles: Data Owners, Privanetix Nodes, Decryptors, and Result Receivers.

1. Data Owners: They securely submit tasks and data through the Privasea API.
2. Privanetix Nodes: The core of the network, and these nodes are equipped with the advanced HESea library and integrated with a blockchain-based incentive mechanism. They perform secure and efficient computations while protecting the privacy of underlying data and ensuring the integrity and confidentiality of the computations.
3. Decryptors: They obtain the decrypted results via the Privasea API and verify the results.
4. Result Receivers: The task results are returned to the Data Owners and the individuals designated by the task issuers.

3.2 Core Workflow of Privasea AI NetWork

The general workflow of the Privasea AI Network is as follows:

• Step 1: User Registration

  Data Owners initiate the registration process on the privacy AI network by providing necessary identity verification and authorization credentials. This step ensures that only authorized users can access the system and participate in network activities.

• Step 2: Task Submission

  The Data Owner submits the computation task and input data, which is encrypted using the HESea library. The Data Owner also specifies authorized Decryptors and Result Receivers who can access the final results.

• Step 3: Task Allocation

  A blockchain-based smart contract deployed on the network assigns computation tasks to appropriate Privanetix Nodes based on availability and capability. This dynamic allocation process ensures efficient resource distribution and task assignment.

• Step 4: Encrypted Computation

  The designated Privanetix Nodes receive the encrypted data and perform computations using the HESea library. These computations are executed without decrypting sensitive data, thereby maintaining its confidentiality. To further ensure the integrity of the computation, Privanetix Nodes generate zero-knowledge proofs for these steps.

• Step 5: Key Switching

  After the computation is complete, the designated Privanetix Nodes use key-switching techniques to ensure that the final result is authorized and can only be accessed by the specified Decryptors.

• Step 6: Result Verification

  Upon completion of the computation, the Privanetix Nodes return the encrypted results and corresponding zero-knowledge proofs to the blockchain-based smart contract for future verification.

• Step 7: Incentive Mechanism

  Contributions by Privanetix Nodes are tracked, and rewards are distributed accordingly.

• Step 8: Result Retrieval

  Decryptors use the Privasea API to access the encrypted results. Their primary task is to verify the integrity of the computation, ensuring that the Privanetix Nodes executed the computation according to the Data Owner’s intent.

• Step 9: Result Delivery

  The decrypted results are shared with the Result Receivers designated by the Data Owner.

In the core workflow of the Privasea AI Network, users interact with an open API, allowing them to focus solely on the input parameters and corresponding results without understanding the complex internal computations of the network. This reduces cognitive load. At the same time, end-to-end encryption ensures that data remains secure throughout processing.

PoW & PoS Dual Mechanism

Privasea recently introduced the WorkHeart NFT and StarFuel NFT, which use a dual mechanism of Proof of Work (PoW) and Proof of Stake (PoS) for managing network nodes and distributing rewards. Purchasing a WorkHeart NFT grants the holder the qualification to become a Privanetix Node, participating in network computation and earning token rewards based on the PoW mechanism. The StarFuel NFT, limited to 5,000 units, acts as a node enhancer and can be combined with WorkHeart, similar to PoS. The more tokens staked to StarFuel, the greater the yield multiplier for the WorkHeart node.

So, why use both PoW and PoS? The answer lies in the strengths of each mechanism. PoW reduces the likelihood of node misconduct by tying it to computational cost, thereby stabilizing the network. Unlike Bitcoin’s inefficient random number verification, the actual work output (computation) of nodes in this privacy-preserving computation network is directly linked to the work mechanism, making it naturally suited for PoW. Meanwhile, PoS effectively balances economic resources. This combination allows WorkHeart NFTs to earn rewards through PoW while StarFuel NFTs enhance yield through PoS, creating a multi-layered, diversified incentive structure. This structure enables users to choose participation methods that best suit their resources and strategies, optimizing reward distribution and balancing the importance of computational and economic resources within the network.

3.3 Summary

In summary, the Privasea AI Network has built an encrypted machine learning system based on Fully Homomorphic Encryption (FHE). Thanks to the privacy-preserving features of FHE, computational tasks are distributed among various computing nodes (Privanetix) in a decentralized environment. The results are validated through Zero-Knowledge Proofs (ZKP), and the network’s operations are maintained by rewarding or penalizing nodes that provide computation results, using a dual mechanism of Proof of Work (PoW) and Proof of Stake (PoS). The design of the Privasea AI Network paves the way for privacy-preserving AI applications across various fields.

4. FHE Homomorphic Encryption: The New Cryptographic Holy Grail?

As seen in the previous chapter, the security of the Privasea AI Network relies on its underlying FHE. With ongoing technological advancements by industry leaders like ZAMA, FHE has even been dubbed the new cryptographic “Holy Grail” by investors. Let’s compare it with ZKP and related solutions.

Upon comparison, it becomes clear that ZKP and FHE have distinct applications: FHE focuses on privacy-preserving computation, while ZKP emphasizes privacy verification. Secure Multi-Party Computation (SMC) appears to have a greater overlap with FHE, as SMC addresses the issue of data privacy among computing entities engaged in joint computations.

5. Limitations of FHE

FHE separates data processing rights from data ownership, thus preventing data leakage without compromising computation. However, this comes at the cost of computational speed. Encryption, like a double-edged sword, enhances security while significantly reducing processing speed. In recent years, various performance enhancement strategies for FHE have been proposed, ranging from algorithmic optimizations to hardware acceleration.

• Algorithm Optimization: New FHE schemes, such as CKKS and optimized bootstrapping methods, have significantly reduced noise growth and computational overhead.
• Hardware Acceleration: Customized hardware, such as GPUs and FPGAs, has markedly improved the performance of polynomial computations.

Additionally, the application of hybrid encryption schemes is under exploration. By combining Partially Homomorphic Encryption (PHE) and Searchable Encryption (SE), efficiency can be improved in specific scenarios. Despite these advancements, FHE still lags behind plaintext computation in terms of performance.

6. Conclusion

Through its unique architecture and relatively efficient privacy-preserving computation technology, Privasea not only provides users with a highly secure data processing environment but also opens a new chapter in the deep integration of Web3 and AI. Although the underlying FHE technology has inherent drawbacks in processing speed, Privasea has recently partnered with ZAMA to tackle the challenges of privacy-preserving computation. As technology continues to advance, Privasea is poised to unlock its potential in more fields, becoming a pioneer in privacy-preserving computation and AI applications.

Disclaimer：

1. This article is reprinted from [十四君], All copyrights belong to the original author [ 十四菌]. If there are objections to this reprint, please contact the Gate Learn team, and they will handle it promptly.
2. Liability Disclaimer: The views and opinions expressed in this article are solely those of the author and do not constitute any investment advice.
3. Translations of the article into other languages are done by the Gate Learn team. Unless mentioned, copying, distributing, or plagiarizing the translated articles is prohibited.