NuCypher is a decentralized Key Management System (KMS) that uses blockchain technology to allow data owners to share sensitive data with a large number of users in a secure manner. Any number of applications, from a centralized healthcare system to a decentralized content marketplace, can use NuCypher as security infrastructure for sharing data. NuCypher is a layer 2 protocol, a Proof-of-Stake based work token built on Ethereum.
NuCypher is building cryptographic infrastructure that addresses three primary use cases:
Currently, the NuCypher protocol is focused on proxy re-encryption, a process that allows third parties (proxies) to alter a ciphertext which has already been encrypted for one party, so that it may be decrypted by another. The proxies re-encrypt data from the data sender and provide it to the data recipient, all without any risk of having the data exposed.
The NuCypher network is accessible, intuitive, and extensible. The network can be used by anyone; it is permissionless and censorship-resistant. By using a classic cryptologic character-based narrative throughout it’s codebase, NuCypher helps developers write “safe, misuse-resistant code.” Although the network is currently only supporting proxy re-encryption, it can be extended to provide support for other cryptographic primitives including those discussed above.
Proxy re-encryption (PRE) schemes are cryptosystems which allow third parties (proxies) to alter a ciphertext which has already been encrypted for one party, so that it may be decrypted by another.
The threshold proxy re-encryption scheme used by NuCypher is called Umbral. It enables users to securely grant and revoke access to encrypted secrets and data to counterparties using staked worker nodes called Ursulas. Access permissions are part of the underlying encryption, and access can only be explicitly granted by the data owner via sharing policies. The data owner has ultimate control over access to the data. NuCypher can never determine the data decrypted or the underlying private keys.
Secrets management, access control, and data encryption are core security measures corporations take seriously. Many enterprises store a plethora of sensitive data and must adhere to varying levels of regulatory compliance depending on their industry and location.
The costs for data breaches are not insignificant. In 2019, Marriott International booked a $126 million charge tied to a massive data breach. California’s new privacy law, CCPA, could cost companies a total of $55 billion to get in compliance as determined in an economic impact assessment.
NuCypher enables the secure sharing of data without keys ever being revealed. Enterprise clients can work within their existing cloud storage solutions and will potentially be able to use NuCypher as a proxy re-encryption solution for their employees to share data that is always encrypted and secure.
“Bison Trails is committed to democratizing access to blockchain networks and paving the way to a decentralized future. We are excited to support NuCypher as they prepare for their mainnet launch. Their secrets management system, dynamic access control, and secure computation give users more control over the security of their data, significantly contributing to the decentralized ecosystem both our teams are striving for.” —Joe Lallouz, CEO of Bison Trails
NuCypher network participants will run worker nodes called Ursulas to which NU (the native token) will be staked. The nodes perform the work of re-encryption and are the key actors in the network. The NuCypher protocol requires access to an Ethereum node for the Ursula worker node to read and write to NuCypher’s smart contracts. Bison Trails provides every Ursula Worker node with a private connection to a dedicated Geth node, maximizing reliability and uptime.
In order to ensure the NuCypher network is able to perform all the re-encryption work demanded by users, nodes must be highly available and allow for people to create long-lived data access policies. NuCypher’s staking economics were established to incentivize node operators not only to participate in the network but remain part of the network.
Nodes are incentivized to continually provide re-encryption services by receiving fees from users (paid in ETH) and participation rewards (paid in NU tokens). Node operators must stake NU tokens to their node and will receive rewards that are earned in proportion to their stake. When the mainnet initially launches, incentives will mostly come in the form of rewards rather than fees. Eventually, when the network gains users, fees will become a large portion of the financial incentive to run a node. In addition, NuCyper is currently working on a system to allow holders of NU tokens to delegate their funds to other people's nodes in order to earn rewards.
All node operators must lock NU tokens to their node in order to participate in the network. To incentivize the acceptance of longer-term access policies, if node operators lock their funds for at least a year, they will receive maximum compensation. Node operators who lock their tokens for a shorter period will receive a lower amount of rewards and will not be eligible to re-encrypt policies that extend beyond the length of the lock-up period.
The minimum lock-up is 30 days. Staking for longer than one year, while possible, does not provide greater benefits in terms of earning rewards. Staking rewards are automatically restaked after each period, unless the user has opted out or the period ends. At the end of the stake period, if the Ursula Node did it’s job providing re-encryption services, the stake plus rewards can be claimed.
A lockup period can not change. Users can specify to wind-down their stake instead, running this lockup period down and decreasing rewards as this lockup period approaches 0.
“For over a year we have been working closely with the NuCypher team to ensure the WorkLock and subsequent mainnet launch will be a successful addition to the blockchain ecosystem. WorkLock is novel and will be the first real token distribution model where initial tokens are rewarded for actual work on the network.” —Viktor Bunin, Protocol Specialist at Bison Trails
NuCypher intends to use an innovative mechanism, called WorkLock, to broadly distribute the initial set of NU tokens. It is a decentralized, permissionless process: anyone who has ETH can escrow their ETH into a locked smart contract in exchange for NU tokens.
These NU tokens are initially locked as well. In order to recoup the escrowed ETH and unlock the NU, locked NU must be staked to a validator node and a certain amount of encryption work on the chain must be performed. The NU and ETH remain locked until the encryption work is done.
WorkLock begins with an open bidding period, during which anyone who wants to participate can lock ETH to the WorkLock contract to be escrowed on-chain. At the end of the bidding period, stake-locked NU will be distributed pro rata across participants. If those participants use the stake-locked NU to run a node, the NU will eventually unlock and the deposited ETH will be returned in full.
The distributed WorkLock NU rewards will be claimed as stake and locked up for six months (180 periods in Ethereum) earning rewards like normal staked NU. Both wind-down (the option to begin decreasing stake duration towards zero to unlock stake) and autostaking (a feature that enables all rewards to be automatically added to your existing stake to optimize earnings) are configurable at the customer level, not the node level. As a node operator, Bison Trails does not change these configurations. It’s up to NuCypher stakers to manage their own stake behavior. As Ursula nodes perform work on the network, ETH is gradually returned to WorkLock participants.
An example of how WorkLock works:
WorkLock offers specific advantages over ICO or airdrop as a distribution mechanism. Most importantly, WorkLock selects network participants most likely to strengthen and secure the network because they commit to staking and running nodes.
This method represents a novel innovation in a token distribution model: the first real example of initial tokens rewarding work on the network. If you have ETH, participating in WorkLock is a valuable way to both contribute work to the network and earn NuCypher tokens, in proportion to how much ETH is deposited and the total ETH deposited into WorkLock.
Additionally, WorkLock participants are guaranteed to recoup their deposited ETH as long as they run a node. Please note: WorkLock makes the deposited ETH illiquid and unusable for other opportunities, like selling tokens for USD, exchanging it for other crypto, or earning passive income by investing ETH into decentralized finance products.
If you have NU tokens, there is no requirement to participate in WorkLock, but doing so is a good way to increase your share of the NuCypher protocol (% of outstanding tokens).
Bison Trails has a proven track record with NuCypher; we managed Ursula Worker nodes since the first federated testnet in November, 2018. We continue to collaborate closely with the NuCypher development team on testing, protocol upgrades, and protocol documentation.
Bison Trails was an active participant in the Cassandra testnet challenges andis running the node with the most staked NU tokens on the network outside of the NuCypher team. We also completed all phases of CASI (Come and Stake It, NuCypher’s Incentivized Testnet).
We have established direct lines of communication with the NuCypher team, and provide economic and technical guidance on an on-going basis. For example, see our delegation smart contract PR feedback; we verbally proposed and merged a PR that an Ursula Worker can be instantiated without a staker address and helped to update and correct core NuCypher documentation. Our Protocol Specialist, Viktor Bunin, helped the team think through the WorkLock and provided feedback on network dynamics, economic policy, slashing penalties, and stake pooling over the last year.
“NuCypher’s upcoming mainnet launch is the culmination of over three years of work towards making privacy-preserving blockchain applications a reality. Bison Trails has been a key contributor--both via running testnet nodes and providing technical feedback on multiple aspects of the protocol. We’re excited for them to continue to play a large role during WorkLock and the subsequent mainnet launch.” —MacLane Wilkison, Cofounder & CEO of NuCypher Cointelegraph, Apr 2020
Bison Trails is an Infrastructure-as-a-Service company, based in New York City, specifically focused on blockchain participation. We’ve built a platform for anyone who wants to participate in new chains effortlessly (e.g. by running Cosmos Validators, Tezos Bakers, and Libra Validators, etc.)—without having to invest time and resources into developing any of the engineering, protocol, dev ops, or security competencies in-house. Our goal is for the entire blockchain ecosystem to flourish by providing robust infrastructure for the pioneers of tomorrow.
Contact us to learn more about our enterprise-grade blockchain infrastructure or running NuCypher Nodes on the Bison Trails platform.