Be brave as Ukraine — Build “AnonDrop” at the Kyiv Tech Summit hackathon!

One of the harder problems facing the documentation of war crimes is enabling witnesses to send data without revealing their identity or location to an adversary monitoring their internet connection. The last thing someone who wishes to disclose a human rights violation wants is to become a victim simply by reporting the crime.

Nym is a decentralized mixnet that provides privacy and anonymity at the network layer. It has the potential to serve as a powerful privacy-protecting front-end for these cases. The mix network can offer strong privacy protections capable of withstanding attacks by even nation-level adversaries.

We believe there is an urgent need to create an encrypted file drop application — AnonDrop. This application will use the Nym mixnet to hide the metadata of users uploading encrypted files (and their decryption keys) to a service operated by institutions requiring sensitive evidence, where sender anonymity is paramount.

Kyiv Tech Summit and AnonDrop for the Freedom of Ukraine

The Kyiv Tech Summit, happening 6–9 September 2022, is a global hybrid event bringing together developers, technology providers, designers, innovators, and product evangelists focused on solving tangible, on-the-ground issues to aid the Ukrainian people in their fight for freedom.

AnonDrop can be used by those fighting for the freedom of Ukraine to securely upload evidence of war crimes. Beyond this, the software can protect human rights globally by enabling the persistent and decentralized storage of sensitive data. Previous work on mixnets for this use case, such as the FreeHaven design preceding Tor, shows the long-standing need for privacy-preserving storage. Now is the time to make this a reality.

Combining the Powers of Nym, IPFS, and Filecoin

As we have always believed, privacy loves company! AnonDrop combines the Nym mixnet for anonymity with IPFS for decentralized storage. Solutions built for the Nym specifications also qualify for an IPFS/Filecoin bounty evaluation.

Needing little introduction, IPFS and Filecoin have provided persistent decentralized file storage since 2015. It’s only natural for Nym to join forces with this tried and tested infrastructure to support human rights defenders.

Specifications for AnonDrop

Code already exists for a generic ‘encrypted Dropbox’ proof of concept (called NymDrive) that utilizes the mixnet. The specification for this challenge requires modifying the NymDrive code with additional features to securely send sensitive evidence to institutions such as the United Nations (referred to as "the Authority"). Institutions gathering evidence will run service providers enabling people to connect and send files through the decentralized Nym mixnet. The mixnet anonymizes and makes data untraceable before storing it on IPFS.

Application Components

1. Uploader GUI
   The GUI will allow users to:

   • Store an encrypted file via the AnonDrop service provider
   • Use a multi-lingual interface (e.g., English and Ukrainian)
   • Verify their file upload by checking hashes
   • Toggle an option to delete the local file from their device securely
   • Securely share the hash and decryption key of uploaded files with the Authority

2. AnonDrop Service Provider
   The service provider will:

   • Receive files
   • Hash files with the same hash function as the GUI and store them in IPFS
   • Respond to verification requests from users
   • Send relevant files in response to valid retrieval queries
   • Deny invalid file retrieval requests

3. Reader GUI
   The Authority can use this GUI to:

   • Receive files
   • Verify files
   • Decrypt files

Required Changes to Existing NymDrive Code

1. Develop a Reader GUI for the Authority to decrypt and access stored information.
2. Ensure unidirectional data flow:
   • Users upload encrypted files.
   • Remove the option to retrieve files from the service provider later, currently present in NymDrive.
3. Add an automatic file wipe option:
   • Automatically delete files locally after upload and acknowledgment from the service provider.
4. Enable the Authority to decrypt files:
   • Implement ECDH key exchange for decryption.
5. Include additional metadata when uploading files:
   • Cryptographic identity of the sender.
   • Photo or video metadata (e.g., timestamp, location).

Additional Features

1. Image provenance checks:
   • Use the CAI SDK for verifying the authenticity of images and videos before uploading.
2. Identity sharding for key backup:
   • Use something like Shamir Secret Sharing for recovery if the sender loses their device.
3. Decentralized hosting via platforms like Akash.
4. Private distributed storage alternatives to IPFS.

Building Beyond Kyiv — Nym Shipyard

The Nym Shipyard beta space will launch shortly. Shipyard allows members of the Nym ecosystem to build and test Privacy Enhanced Applications (PEApps). Successful participants in the AnonDrop challenge will qualify for a Shipyard grant to continue developing AnonDrop, focusing on verifying evidence authenticity. Mentorship details will be announced soon.

Filecoin also offers a Grants program for promising projects interested in continuing development beyond the hackathon.

Make a Difference — Join the Hackathon Now

The Kyiv Tech Summit Hackathon starts tomorrow, 6 September. Online participation is possible, so join now to use the power of technology to solve real issues in Ukraine!

---

Stay Connected

Discord
Twitter
Telegram

Use Nym to enhance your apps’ privacy. Test the beta release of NymConnect with Telegram and Electrum — download here.

---

Privacy Loves Company

Discord | Telegram | Element | Twitter

The internet is global, and so is Nym. Join the Nym community to help build the private internet today.

Languages:
English | 中文 | Русский | Türkçe | Tiếng Việt | 日本 | Française | Español | Português | 한국인