This page discusses how Litentry will assure confidential identity data aggregation and computation.
The litentry parachain carries the confidential identity data aggregation and generates trusted identity data. The following technologies are put in place to assure the users data privacy.
The storage of ID graphs and the entire identity data aggregation process will be implemented by the TEE Sidechain of the Litentry network. A Trusted Execution Environment (TEE) is an environment for executing code, it guarantees code and data loaded inside to be protected with respect to confidentiality and integrity. See also TEE FAQ
Clients will submit ID graphs to the blockchain and the blockchain will verify the ID graphs. Validated ID graphs will be stored in an encrypted on-chain TEE storage.
The request desensitiser is executed inside the TEE, it is designed for splitting accounts into separate queries and batching parallel requests belonging to different users aside from adding random addresses when sending it to external data providers. The request desensitiser makes it impossible for data providers to guess a user's ID graph based on the data requests.
After sending data requests to data providers, the Litentry network will listen to the results from data providers and aggregate the results. The data results will only include the relevant values and is aggregated according to the request ID. The user's address does not appear in the process or is not disclosed in the credential
A user will have maximal control over the amount of information they want to 'disclose' to a dApp. Litentry's verifiable credentials allow the user to only disclose the minimum needed amount of information required for the specific use case.