10 Questions with Fred Episode Twenty-four | Dawn Song, the Founder of Oasis Labs, Joins with Fred Wang to Chat on Relationships between Blockchain and Privacy Protection, Deep Learning and Security Protection

10 Questions with Fred Episode Twenty-four | Dawn Song, the Founder of Oasis Labs, Joins with Fred Wang to Chat on Relationships between Blockchain and Privacy Protection, Deep Learning and Security Protection

Oct 1st 2018| Investment By:Sakura
Privacy is actually a very complex topic. Many people misunderstand the notion of security and privacy, and this happens even to people who have been working in blockchain for a long time.

Time: 9:00 PM (Beijing Time) ,September 5     9:00 AM(ET) /6:60AM(PST),September 5

Groups: Mars 3.0 wechat group

Dawn Song:Professor of computer science at the university of California, Berkeley, founder and CEO of Oasis Labs, has been praised by the media as "the godmother of Internet security". Research interests include deep learning, computer and network security, blockchain, etc. He has won the MacArthur Fellowship, the Guggenheim Fellowship, the Alfred p. Sloan Research Fellowship, the MIT technology review's tr-35 Award for innovation under the age of 35, etc. Is the most frequently cited scholar in the field of computer security (AMiner Award)

Fred Wang: Founder of Mars Finance, chairman of Linekong (HK. 8267), and founder of Consensus Lab, the founding partner of Geek Founders

Fred Wang:Good evening, guys. Welcome back to Mars Finance. Today is the 24th 10 questions with Fred Wang.

Firstly, introducing our guest tonight: Dawn Song, professor of computer science at the university of California, Berkeley

Dawn Song is a Professor in the Department of Electrical Engineering and Computer Science at UC Berkeley. She received a bachelor's degree from Tsinghua university in 1996, a master's degree in computer science from Carnegie Mellon university in 1999 and a PhD from the university of California, Berkeley in 2002. She taught at Carnegie Mellon university from 2002 to 2007 and at the university of California, Berkeley from 2007. Her research interest lies in deep learning, security, and blockchain. She has studied diverse security and privacy issues in computer systems and networks, including areas ranging from software security, networking security, distributed systems security, applied cryptography, blockchain and smart contracts, to the intersection of machine learning and security. Dawn Song is the recipient of various awards including the MacArthur Fellowship, the Guggenheim Fellowship, the NSF CAREER Award, the Alfred P. Sloan Research Fellowship, the MIT Technology Review TR-35 Award, the Faculty Research Award from IBM, Google and other major tech companies, and Best Paper Awards from top conferences in Computer Security and Deep Learning. She is ranked the most cited scholar in computer security (AMiner Award). Dawn Song is also a serial entrepreneur, including Ensighta Security (acquired by FireEye Inc.) and Menlo Security. She is currently the founder and CEO of Oasis Labs, creating privacy-first cloud computing on blockchain.

We all live in an age of information explosion. Every day, more than 60 billion messages are sent via apps and social networks, and 269 billion e-mails are sent, according to Forbes. But leakages, thefts, and tampering of data are also on the rise. The non-tampering and distributed nature of blockchain technology gives us the opportunity to control our data privacy. However, open and transparent accounting books allow massive user data to be exposed on the chain. The privacy issue still isn’t solved fundamentally.

Dawn Song:Thank you for inviting me to attend 10 Questions

Fred Wang:The topic of today's dialogue is the privacy revolution. How to use blockchain technology to solve privacy problems is vital to people’s life in Internet era. Privacy protection is also bound to be the next focus of the public blockchain development. Whoever can overcome the privacy protection problem first may win the "Holy Grail" of the public blockchain competition.

Our first meeting happened at the Mars Silicon Valley Summit last weekend. I listened to the Flame Dialogue led by Professor Song and we have dinner together. It’s a pity that our time is too short to have a deep conversation. 

It’s an honor that we invited Professor Song to the Ten questions with Fred Wang, a program made by Mas Finance. Professor Song has a good reputation for being Computer security Godmother. Her professional experience cover internet security, artificial intelligence and blockchain. I believe our conversation tonight will definitely creat more inspirations and enlightens .

Now, let’s get started.

Dawn Song:Thank you for sharing with us!

Question 1:

Fred Wang:I still remember our last meeting at the Mars Silicon Valley Summit where you participated the Flame Dialogue concerning the public chain and distributed finance along with Tom Ding, cofounder of Dfinity and Jiang Hai, CEO of Bubi. It’s very impressive. I noticed that almost all of you participants are Chinese or with Chinese background who stay at the Silicon Valley to develop business. 

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

Mars silicon valley blockchain summit "public chain and distributed finance" firehouse dialogue

However, when we look at the major predecessors, including bitcoin, Etherum and Eos, we find that all their funders come from foreign countries. This is a sharp comparison with the status quo of the public chain industry which is dominated by domestic entrepreneurs and ethnic Chinese.

It makes me feel that China will be a major source as to the next round of finalists deriving from public chain competitions. So, my question is, do you think the Chinese will become a leading force during the next round of public chain competition? As blockchain gains more and more popularity in domestic areas and overseas Chinese communities, will that give the Chinese an advantage in terms of technology, product and community?

Dawn Song:I grew up in China and did my undergraduate in Tsinghua (1992-1996, major in Physics). After graduation, I went to US for graduate school; and then later became a professor in Computer Science. So I have been living mainly in US for over 20 years. During this period, I continue to witness the huge change and fast progress that has been taking place in China. I think very few people could anticipate back then the kind of changes that we have seen today in China.

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

When I went to US for graduate school, you hardly can find papers from Chinese authors at top research conferences in many fields in Computer Science. Now, in many fields, papers from Chinese authors represent a huge percentage at top research conferences in many fields.

For deployment of cutting edge technologies, China also moves at a rapid speed. I continue to be pleasantly astonished to see how fast technologies are changing people’ lives in China such as mobile payment, and how fast AI technologies are being integrated into real world usage scenarios such as face recognition; much faster than in US and most other parts of the world.

These are just examples showing the amazing fast progress that China and Chinese researchers, entrepreneurs and practitioners are capable of making. This happens for a number of reasons. Many Chinese are smart, hardworking, and brave to try new directions and areas. The competition in China is actually much more fierce than many other parts of the world. This helps trains people to be fast moving, adaptive, and creative. China has one of the largest markets in the world, which is an amazing advantage for gaining deployment for new technologies.

I think the factors that I mentioned above will also apply in the blockchain domain. We already see a huge fraction of blockchain projects are led by Chinese entrepreneurs, researchers and practitioners. Many companies and institutions in China are trying different use cases. I wouldn’t be surprised if we first see some really innovative use cases in the Chinese market. I’m certain that Chinese talent will be key players in blockchain domain.

On a separate note, people often focus on the competition of the different chains. However, I think it’s also important to keep a collaboration spirit---the different teams and approaches are all trying to explore this new field together to propel blockchain technology to a new level and help use the technology to enable new applications.

Fred Wang:After the year 2000, the global internet industry entered a capital winter. Due to uncertainties the internet business models had back then, Wall Street ditched a lot of internet programs even if their users expanded massively. It is fair to say that the internet industry went through a long journey before it won favor from capital. In the case of Chinese companies, their rise relates to such profitable businesses as gaming and E-commerce. Blockchain is born to be connected with value transition, which means it is closer to money compared to other peers. So, do you think Chinese people ‘s active participation in blockchain programs unveils their eagerness towards affluence? Sorry for my abruptness if it bothers you.

Dawn Song:I think Chinese has a great combination of pragmatism and idealism. Blockchain area is appealing to Chinese for both the reason of exploring a completely new domain, its excitement and long term impact.

Question 2:

Fred Wang:Data breaches have become a popular topic nowadays. Last weekend, a Hua Zhu hotel reported a data breach, after discovering that its clients’ personal information was sold on the dark web forum. SF-Express, Chinese logistics giant also reported that more than 300 million peoples’ data was leaked.  Facebook and Uber also got involved into similar scandals. A professor from Harvard University even made a public comment that said “Privacy is dead”. In your opinion, what kind of new hopes can blockchain bring to us as to privacy security?  Can personal privacy be saved from the current bad internet conditions and come back to life again?

Dawn Song:First, distributed ledger is about reaching agreement among distributed, mutually distrusted parties. Blockchain technology itself does not necessarily give you privacy. For example, in Ethereum and most of today’s blockchain platforms, all data and smart contracts on chain are public and hence there is no privacy protection for them.However, for many applications that people would like to build on blockchain need to deal with sensitive data, such as healthcare, financial services, IoT, etc. Thus, it is important that we build privacy-protection technologies into a blockchain platform to enable such applications.

Fred Wang:In my opinion, privacy is becoming a key factor to drive blockchain development. In the paper called “Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contract Execution”, you put an emphasis on the technological structure of Ekiden designed to solve privacy problems. Why does Oasis Labs stress privacy protection so much? What advantages does your team have to deliver that? What does your perfect privacy protection environment look like? Can you share some examples to describe it, please?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

Paper screenshots

Dawn Song:When we talk to DApp developers, we see that most of these applications that developers want to build need to deal with sensitive data and need a way to protect the privacy of data when using the blockchain platform. For example, we have talked with DApp developers who want to build decentralized credit score models, decentralized fraud detection, use blockchain for data markets for genomic data and IoT data, for private auction, etc..  

All these applications need a way to protect privacy of data. Without privacy protection, these applications are simply not possible. At the same time, currently there is no existing blockchain platform that can offer such privacy protection capabilities. We see a real need for a privacy-first blockchain platform. I think this is also one of the main reasons why we have seen so much in-bound interest to the Oasis project, and have so many DApp developers who want to build on our platform. 

My team including myself has been working in the area of security and privacy for a long time (me for decades). We have built up a lot of experience and expertise in this domain and have developed a lot of technologies in the space, including privacy-preserving data analytics technologies that have already been deployed at Uber.

To be able to address the different challenges for privacy protection, we build privacy into every layer of the platform, including using technologies in secure hardware, cryptographic techniques for secure computation, and differential privacy.

Also, we wrote the first research paper on using secure enclave to enable confidentiality-preserving smart contracts. All these experience, expertise and already-developed technologies help us in building a leading blockchain platform with privacy protection as one of the key goals.  

Privacy is actually a very complex topic. Many people misunderstand the notion of security and privacy, even people who have been working in blockchain for a long time. To help people clarify the concept of security and privacy in blockchain, at Oasis Labs, we have written a blog post on this: 


Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

The article screenshots

Question 3:

Fred Wang:The year of 2018 is dubbed “the first year of the public chain”.  According to my observation, the current public chain industry is very crowded, as more than 30 public chains’ main net is coming online this year, competing with popular programs such as ETH、EOS、NEO、QTUM、TRON.

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

Oasis Labs founding team

According to Oasis Labs’ vision, it hopes to build an efficient platform which provides comprehensive privacy protection services. Its larger goal, namely integrating with intensive computing applications such as artificial intelligence, are gaining interest from investors. In fact, a lot of professionals aim to solve the impossible triangle problem, and make decentralization, security and efficiency happen at the same time. It’s very hard. But if we simplify the challenge and do our job step by step, which one of them should be our priority? Security, privacy or scalability? 

Dawn Song:Privacy-protection and scalability are certainly two of the most important problems to address currently. And for scalability, i think it’s important to recognize that scalability is more than just high tps (transactions per second) for payment transactions; it’s imperative that we provide scalability for complex smart contract execution, to support real-world applications such as in healthcare, financial services, etc.

Fred Wang:Many new public chain programs aspire to replace Ethereum. To make them more attractive, people even have come up with a new term “blockchain 3.0”. However, I notice that many of them are based on ERC20 and EVM , just like ROM or UI were based on Android, whose update were heavily influenced by Google’s update. As of now, no public chain products show potential to fight against Ethereum. What’s the core reason behind it? What’s the key factor to win the public chain battle?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

The public chain's desire to replace ETH is akin to the "game of custom android versus Google native android"

As we all know, Ethereum is now bottlenecked and thus attracting many disputes. Vitalik has done a lot effort to improve and optimize it, including increasing efficiency through Sharding and providing privacy protection through Zero Knowledge Proof. According to BTCmanager's latest news, the team has announced a delay in Casper development for one year. Are you optimistic about Ethereum? Let’s consider it a patient, what kind of prescriptions would you give ?  

Dawn Song:Ethereum started several years ago and was the first smart contract blockchain platform built, and has an active community. As we see more blockchain platforms being built, we will see that dapp developers will get more choices and see what solutions may be best suited for their applications.

Just like we see that different languages exist and are designed to support different types of applications, I think we will see that different blockchain platforms may tailor different types of applications, for example, with different features, different trust assumptions, different tradeoffs, and different usability design choices.

Fred Wang:What do you think of the ecosystem and opportunities for universal public chain? Compared to the universal public chain, Customized public chains are also considered promising by many, as various business scenarios call for various requirements in terms of efficiency and consensus mechanisms, thus making customized public chains much needed by a variety of industries and applications. During the next competition, which one do you think better of? The universal one or the customized one? In the future markets, will those public chains coexist or winner takes all? 

Dawn Song:As I explained above, I think we will see different blockchain platforms may be best suited for different types of applications. Just like we have many different types of languages, and different languages may be better suited for different types of applications. 

Question 4:

Fred Wang: Recently, Dr Xiao from Wan Xiang Blockchain came up with a new idea that the total economic value a DApp can create consists of the total value of a crypto currency of a public chain. In the future, a public chain valued at 1 trillion to even 5 trillion will emerge as opposed to Apple whose market value just surpass 1 trillion. Could you please describe what purposes a perfect public chain can achieve?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

Today apple's market value snapshot

Dawn Song:To be honest, I don’t think as a community we understand how to value a blockchain platform. We are really exploring new territories here. In the Internet era, it took time for people to gradually develop the metrics for valuation, such as daily active users, etc.. I think a lot of research is needed to figure out how to value a blockchain platform, especially as we see new business models emerge in blockchain.

Fred Wang:On July 9, 2017, Oasis Labs secured a finance of 45 million dollars, with investors coming from major blockchain investing agencies at the time. Did they invest fiat money or just tokens? Rumors said that this financing exceeded 400 million dollars, Is this accurate? If so, the first round of financing can be ranked at 25 among programs circulating in exchanges. Since January, the whole second tier market has entered a bear market with conditions worsening the last two months. Therefore, some pessimists believe the bear market can continue  the whole of next year. Will the overall market condition influence subsequent financing of Oasis Labs?

Dawn Song:We focus on building technologies and the blockchain platform, and providing long-term value as the technology gain adoption. So we don’t pay much attention to the short-term ups-and-downs of the market.

Question 5:

Fred Wang:Since the increasingly similar technological approaches used in the development of the public blockchain project, it is believed that the success factor of the public blockchain is 30% dependent on technology, and 70% dependent on BD and community operation. In the past, your two start-ups were also technology-oriented companies, which did not seem to depend on the construction of BD and community operation. Do you have any layout or plan in community operation and BD?

Dawn Song:We have been hiring in BD and community development. Our team is a very technology heavy team. However, we recognize the importance of building a community, especially given that our goal is to enable a broad spectrum of new applications built on top of our platform to help transform different industries. We just came out of stealth two months ago, and we’ve already been seeing huge inbound interest about developers wanting to build on Oasis platform. We are in the process of building partnerships and developing various mechanisms to support developers and working with the community together to build up the ecosystem.

Fred Wang:In my mind, coverage area of Oasis Labs is mainly in overseas blockchain and academic circle. However, the general recognition of Oasis Labs is insufficient In Chinese market, only the top investor circle know about them, the ordinary people cannot find related knowledge in Chinese community operation, and even there is no related Chinese website. How would you assess the Chinese market ? What is your outlook for the Chinese market?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

The Oasis Labs website

Dawn Song:We just came out of stealth about two months ago. We have been focusing on building the technology and working with developers to build use cases. As I mentioned earlier, I have high hopes that China will play a major role in blockchain technology and deployment. We look forward to working together closely with the community in China. And thanks for having me here :)

Question 6:

Fred Wang:According to CB Insights, in 2017, $15.2 billion was invested in AI globally, up 141% from 2016. According to the zero one think tank data, there were 63 global events related to financing in “blockchain + cryptocurrency” field in 2017, with a financing amount of 4.9 billion RMB. In the first quarter of this year, the amount of funds raised in blockchain reached 6.72 billion RMB, exceeding the amount raised last year.

I have noticed many AI-focused funds turning to the blockchain field, such as DanHua Capital founded by a scholar, Zhang Shoucheng, Lu qi, all in AI field when he was in Baidu, but after leaving Baidu, he proposed the data acquisition and development of AI should be combined with blockchain. Therefore, do you think more and more AI start-ups and investors will shift their focus to the combination of blockchain?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

There were 63 global events related to financing in the blockchain + digital currency field in 2017, with a financing amount of 4.9 billion yuan

Dawn Song:The community of people who are at the intersection of AI and Blockchain and have significant experience in both AI and blockchain is still very small. I’m always really excited to meet another person who has done both AI and blockchain. I think we need more people like this in the community )

Fred Wang:I also noticed that some scholars and investment institutions are reluctant to get involved in or mention blockchain. You have done a lot of research in the areas of deep learning, development and applications of AI. As you said before, you have been exploring the development of new technologies in the AI field , and now focus on the blockchain project of smart contracts. In your opinion, what impact will blockchain have on AI? What problems can AI solve in the current blockchain? How do they Interact with each other? What will be the first application scenario of "AI+ blockchain"?

Dawn Song:Besides blockchain and computer security, I have been doing a lot of work in AI and deep learning. I think the intersection of AI and blockchain is really fascinating and important. There are many interesting questions and new directions to explore here. For example, one of the applications that some dapp developers in collaboration with doctors from Stanford and other researchers are building on Oasis is a privacy-preserving data marketplace in healthcare. As we all know, medical data is often siloed---for example, it’s difficult for medical researchers to gain access to medical data for their research. This is mainly due to the security and privacy concerns since medical data is so sensitive. 

Using privacy-preserving smart contract capability provided by Oasis platform, a medical researcher can write a smart contract containing code for training machine learning models. The smart contract can also specify terms of use, e.g., that the data will only be used for training machine learning models in the smart contract, and will not be used for anything else. It can also specify how users may be compensated for contributing data to the smart contract. If a user agrees to the terms of use for the smart contract, he or she can then contribute data to the smart contract. As the smart contract collects enough data, it can then start training machine learning models. And then the medical researcher can evaluate the effectiveness of the trained model. 

And the Oasis platform enforces the privacy-protection for users’ data and at the same time enables the training of machine learning models over the data. As we can see, this way significantly reduces the friction for medical researchers and pharmaceutical companies to gain access of medical data to train machine learning models to help find better cures for diseases. Users can get reward and also contribute to the greater good for society while preserving the privacy of their data.

This is just one example how blockchain can help address the challenge of getting data for deep learning. The same technology can help in many other segments including training better machine learning models in fraud detection by utilizing data from different data sources, in building credit score models using data from different data sources, etc.. 

Moreover, I hope that blockchain technologies can help democratize AI. As AI becomes more and more capable and powerful, it’s important to consider who has control of the power of AI. I believe that it’s really important for individuals to have access to AI capabilities that are under users’ control so they can act with the best interest of users. This is very different than how it works today. I hope by supporting smart contracts with machine learning capabilities, we can enable intelligent smart contracts and AI agents that act with users’ best interest. 

Question 7:

Fred Wang:In my opinion, blockchain technology will drive the financial revolution as never before, the importance of security to the blockchain industry will be greatly higher than that of the internet era. At present, blockchain is particularly vulnerable in terms of smart contract vulnerability, node network vulnerability, ecology (exchange and wallet) and user security. In August, Tencent released the "blockchain security report for the first half of 2018," blockchain field lost more than $2.7 billion in the first half of 2018 due to security issues. Among them, the smart contract vulnerability mainly focuses on Ethereum, for example, the capital loss caused by the code bugs or the reveal of private key, has reached USD $1.24 billion. What new challenges does the vulnerability of smart contracts pose to blockchain security? How should we respond?

Dawn Song:Smart contracts are code. Code vulnerabilities is not a unique issue in smart contracts; it’s a common issue in all programs. Code vulnerabilities is one of the biggest factors in leading to cyber attacks. In my past work, my group has been designing and developing new techniques and tools for automatically finding vulnerabilities in code, including binary programs, web applications and mobile applications. My first startup was on building automated tools for finding vulnerabilities and malicious behaviors in mobile applications. In smart contracts, the impact of vulnerabilities is more direct---you can lose a lot of money. 

In computer security and program verification, the community (including my group) has been working for decades on building techniques and tools to find vulnerabilities in code and to provide proofs of security for code. These techniques and tools can certainly help in the case of smart contracts as well.

In addition, it’s important to recognize that the programming language design also has a big influence on how easy or difficult it is to write secure code and to verify the security of code. We can certainly improve smart contract language design to help make it easier to write more secure code.

Fred Wang:Two technical teams from Belgium, the United States and Australia recently discovered a security breach at SGX (a technology developed by Intel to protect the confidentiality and integrity of users' key code and data). The U.S. government's computer emergency response team warned on August 14 that attackers could use the vulnerability to gain access to any information in a memory chip, including sensitive data, passwords and keys to long-term memory, and to copy and obtain sensitive data in a secure enclave. It has been argued that SGX technology can take years to achieve a high safety level. Thus, are privacy protections that rely on a single piece of hardware reliable? At the same time, TEE (Trusted Execution Environment) is based on the principle that the private key is stored in the chip manufacturer. For example, SGX is a private key held by Intel. Therefore, the chip manufacturer becomes a centralized node, so is it contradictory to decentralization of blockchain?

Dawn Song:Another approach that a number of formally-verified systems development has taken is to do code-and-proof co-design/development. As you write code, you do the proof at the same time. The process of doing proofs of the security and correctness of code helps produce secure code.  

TEE (or secure enclave) can be a cornerstone security primitive for building secure systems on top, given its strong security properties. A secure enclave can make it much easier to build secure systems. However, we need a trustworthy secure enclave. Current commercially available solutions are closed source. It’s difficult for the community to analyze and assess its security. In our recent blog post, we point out the challenges of existing closed-source secure enclaves and highlight the importance of building open source secure enclaves:  https://medium.com/oasislabs/towards-an-open-source-secure-enclave-659ac27b871a

In collaboration with UC Berkeley and MIT, we have been working on Keystone, a project on building open source secure enclaves: https://keystone-enclave.org/. Keystone utilizes existing hardware capabilities in RISC-V to enable secure enclave. RISC-V is an open source RISC architecture developed at UC Berkeley earlier which has seen broad industry adoption.

We recently have also hosted the first workshop on building open sourcesecure enclave: https://keystone-enclave.org/workshop-website-2018/.It’s great to see the excitement and support from the whole community. Leadingresearchers and experts from Google, Facebook, Microsoft, Intel, ARM, UCBerkeley, MIT, Stanford, and many others all came to the workshop to discusstogether the state-of-the-art technologies, open challenges, and the pathtowards building open source secure enclaves. 

We are working with industry collaborators towards building and deploying open source secure enclaves. Many blockchain companies have also contacted us and wanting to support and join the effort. We really appreciate the support we have received from the community on this, and look forward to working with the community together to make this a reality.  

Fred Wang:As far as I know, the first blockchain project, Ekiden, launched by Oasis Labs is practicing the blockchain privacy protection. As you mentioned before, its privacy depends on TEE, that is, putting private data in a "black box" of independent hardware for closed-loop computing. Recently, overseas media reported that Oasis LABS decided to adjust the technical route of privacy protection two weeks ago, no longer based on SGX and other TEE. Can you clarify it here?

Dawn Song:In our design of the Oasis blockchain platform from the very beginning,  we want to make sure that the integrity and scalability of the blockchain platform does not rely on any secure hardware (TEE). The Oasis blockchain platform takes a layered design, with separate consensus, storage, and compute layers. The consensus layer does not use secure hardware. This layered design allows each layer to scale independently and achieves greater scalability, especially for complex smart contract execution. For enabling privacy protection, some of the compute nodes may use secure hardware. The Oasis blockchain platform is designed to provide a unified secure computing framework, including secure hardware and cryptographic techniques such as secure multiparty computation and zero knowledge proofs. This unified secure computing framework provides choices and flexibility for dapp developers to leverage state-of-the-art secure computing technologies without needing to be an expert in privacy and utilize the technology best suited for their application. We have not changed our design.

Question 8:

Fred Wang:At the Asia-Pacific Ethereum technical seminar in last year, Vitalik Buterin delivered a speech entitled "privacy protection in Ethereum blockchain", this speech introduces four blockchain solutions which are suitable for both privacy and security on Ethereum, they are respectively Channels, Mixers, Ring Signature and Zero-knowledge Proofs. He noted that zero knowledge proved to be the "most powerful" solution that could be applied to almost every scenario on the Ethereum blockchain.

Zero-knowledge Proof, that is to say the prover is able to convince the prover that an assertion is true without providing any useful information to the prover. There is a story in history that helps us understand Zero-knowledge Proof.  In the Renaissance, two mathematicians in Italy competed for the title of discoverer of the triple equation with the Zero-knowledge Proof method. At that time, the mathematicians Tartaglia and Fio both claimed to have mastered the formula. To prove that they did not lie and did not publish the specific content of the formula, they agreed to give each other 30 three unary equations to solve the other. The result showed that Taltalya solved all 30 of Fio's equations, but none of them worked out. Therefore, it is believed that Tartaglia is the true discoverer of the root equation of unary cubic equation.

How do you evaluate Vitalik Buterin’s "zero-knowledge proof" in protecting the privacy and security of blockchain networks such as Ethereum? At present, Zcash, Monero and other projects are already on the market, and through zero-knowledge proof technology, the privacy security of relevant information in the transaction is explored. From the effect of application practice, what are the shortcomings of zero knowledge proof?

Dawn Song joins the 24th 10 Questions with Fred Wang:Privacy revolution

Zero knowledge proof is being introduced by Vitalik 

Dawn Song:Zero knowledge proofs is a fascinating area in cryptography and has a long history. Some of my earlier research work has been in this area as well. However, ZKP can have high performance overhead. It’s difficult to do ZKP for most of complex real world applications.

Also, ZKP is in general used when computing over one’s own private data. If you need to compute over data from different data sources, such as the smart contract for privacy-preserving machine learning that I mentioned earlier, ZKP alone is not sufficient to enable such use cases. 

Question 9:

Fred Wang: Student entrepreneurship is prevalent in Silicon Valley, without the student entrepreneur in a garage, there would be no Silicon Valley miracle today. From the early days of Jobs (Apple), Lawrence Edward Page and Sergey Brin (Google) to the recent years of Mark Zuckerberg (Facebook), Elon Musk (Tesla), and Jack Dorsey (Twitter), most of Silicon Valley's start-up stars started their businesses while in school or even dropped out of school. I feel that being a professor in Silicon Valley has nothing to do with being an actual professor. You have been teaching at the top universities like Carnegie Mellon university and the university of California, Berkeley, and you have been very successful and respected in the academic field. You also funded two security companies, Ensighta Security (later acquired by FireEye Inc.) and Menlo Security. How do you balance teaching and commercializing research?

Dawn Song:I enjoy developing new ideas and technologies in research, and I also enjoy the process of deploying these new ideas and technologies in industry to help make the world a better place. The process of deploying research technologies in the real world also helps us gain more insights about real use cases and remaining challenges, and improve the technologies better. 

Fred Wang:What inspired you to fund your first company, Ensighta Security? Can you talk about the experience of creating two companies, Ensighta Security and Menlo Security? Have you ever experienced difficult moments? Some tech media call you the godmother of internet security, what do you think is the greatest contribution to internet security? What can the internet security experience do for Oasis Labs now?

Dawn Song:Ensighta Security focused on building automated techniques and tools to analyze mobile apps to detect vulnerabilities and malicious behaviors. Menlo Security is on building new technology for secure browsing to protect users’ machines from being compromised by threats over the web. Both startups are based on technologies that were developed in my lab.

I have been working in computer security for over 20 years, and have developed new solutions and state-of-the-art technologies in a broad spectrum of domains. Due to time limit, I won’t be able to go into details. All this experience has been really helpful in building the technology at Oasis Labs. 

Fred Wang:do you feel insecure when you started Oasis Labs? Is there any difference between your past two start-ups? 

Dawn Song:I think building a blockchain platform is a much more complex and challenging project. Building great technology is only one piece of the puzzle; one also needs to learn how to build great communities.

Question 10:

Fred Wang:According to a recent study by Coinbase and Qriously, 42% of the world's top 50 universities now offer at least one course on cryptography or blockchain. In China, nearly 10 universities, including Tsinghua University, Tongji University, Central University of Finance and Economics, and Beijing University of Posts and Telecommunications, have also opened blockchain courses. When New York University Stern School of Business first started blockchain and financial services courses in 2014, 35 students signed up, only 8 fewer than the general electives. And by the spring of 2018, the number of students climbed to 230, and the college was forced to move the course to its largest auditorium. What do you think are the reasons students are interested in blockchain courses? You have taught at Carnegie Mellon University and the university of California, Berkeley for a long time. How are the blockchain courses offered by these two universities getting on?

Dawn Song:Last semester, I taught a very interesting blockchain class at UC Berkeley. It’s probably the first of its kind. It’s co-taught by three schools: me from Computer Science in Engineering School, one from Business School, and one from Law School. The students in the class are also evenly distributed across the three schools. The class has been hugely popular. The demand was many times more than the capacity of class. Blockchain is very interdisciplinary in nature, covering issues in technology, business, economics, law, and many other domains. It was great fun teaching such an interdisciplinary course and interacting with students not just from engineering school, but also from other business and law school. 

This semester, we’re offering a new advanced blockchain and crypto economics class for computer science students, covering the formal foundations, state-of-the-art technologies in different aspects of blockchain. 

Fred Wang:I have noticed that although some universities have set up blockchain courses as early as 2014, few universities have set up specialized undergraduate blockchain majors until 2018. There are finance majors and financial engineering majors in economics field, electronic engineering majors, software engineering majors, even e-commerce majors and online game majors in computing field. Blockchain field covers cryptography, economics, and software engineering field, it’s more complex than other subject areas, do you think nowadays universities should open blockchain-related majors?

Dawn Song:The blockchain domain is still at a very early stage. As the domaingrows with greater adoption, we will see more students want to study thisdomain. Certainly this is a very rich domain for students to study.

We don't have video equipment in the classroom this semester. The student proposes to give the course video by himself, which shows the student's interest in the subject

As we enter the digital era, the most important issue here is to establish digital property rights. This is not only the economic foundation for blockchain, but also the next step for the entire digital economy to be successful. Once this problem is solved, the world will be completely different. We are exploring this in OASIS and hope to make a breakthrough and original contribution together with you. We hope the world-class talents can join us and make special contributions to human beings from here!

Fred Wang:If we see privacy protection as a profound revolution during the development process of Blockchain, it just get started. Each of us participants have heavy responsibilities to shoulder and long journey to travel through. I hereby hope that we give more emphasis on privacy protection, see the true value in it, and understand the obstacles awaiting us and opportunities we must grab.

Further, I hope Oasis Labs make more breakthroughs in security, privacy and scalability, bring more hopes to the whole industry, and act as an Oasis in a desert of blockchains.

Thank you again, professor song. Thank you for your visit to Mars Finance today. We wish Oasis LABS a splendid future.