<aside> 🙂 Eternal Privacy Playgrounds

1 - Why your game needs hidden information

2 - An ontology of hidden information mechanics

3 - An ontology of trustless privacy techniques

4 - Knitting our ontologies together

</aside>

This overview of various privacy-enhancing technologies is for technically-minded readers. We’ll traverse a lot of ground and then apply our knowledge to the abovementioned hidden information mechanics.

You can probably skip this one if you’re less technically-minded and hop straight to 4 - Knitting our ontologies together

Overview

Commit-Reveal Schemes

Commitment schemes consist of two phases:

  1. The commit phase, where a value is chosen and committed to — (e.g. the player commits to a value)
    1. Commitments make use of the binding property. This means the sender cannot cheat during the reveal phase and open the commitment to a different value than was initially chosen.
  2. The reveal phase during which the value is revealed by the sender, then the receiver verifies its authenticity.
    1. Commitments also make use of the hiding property. This means the receiver cannot open the commitment (and reveal inside) until the sender allows them to do so.

[source]

Consider Rock-Paper-Scissors. Since it is impossible for players to reveal their choice simultaneously in a blockchain environment, Alice and Bob must commit to their choice beforehand. Alice chooses “Paper”. She hashes it together with a random number (a salt) and submits the hash to a smart contract. Bob does the same with his choice, “Rock”. Both players have committed to their choices without revealing them.

Alice then reveals her choice by publishing “Paper” and the salt. The contract can checks for a match with the committed hash. If it fits, it’s a valid submission. The same holds for Bob.

[source]

There is a great deal of variation and flavour across commit-reveal schemes, or what might broadly be considered commit-reveal schemes. In the context of gaming, we suggest two modalities for commit-reveal schemes: public vs. private, ****and complete vs. partial.

Public reveal

That is, the reveal is verified in a public setting (e.g. a smart contract) and the information may be used by anyone in the full course of the ensuing game.

Private reveal

The reveal is done selectively to a set of specific players either through a private channel or through encrypted public channels (using some key exchange between the players).

Complete reveal