Digital confidentiality agreement as a smart contract

LuckybitLuckybit Member Posts: 2
edited November 2014 in Smart Contracts and Dapps
Digital confidentiality agreement as a smart contract

The objective is to build a smart contract which can allow Alice and Bob to share confidential information in a way which encourages by game theoretic incentive confidentiality between Alice and Bob.


1) An arbitrator

To accomplish this you need a third party to the smart contract called an arbitrator. The arbitrator is basically functioning like a judge. This arbitrator could be an agency, it could be an individual, or a DAC but it will have to determine if both sides abide by the confidentiality agreement.

2) Collateral

Each side in the confidentiality agreement must accept an equal amount of risk in order to be given a stake in the success of keeping confidentiality. To buy this stake Alice would have to give a specific amount of value to the smart contract as collateral. This amount of value indicates how much Alice can be trusted as measured by the amount of risk she is willing to take, and as a result Bob would have to take on an equal amount of risk by giving an equal amount to the smart contract as mutual collateral.

3) Enforcement

To enforce the smart contract the information shared simply has to remain confidential. If there is a leak which takes place then to enforce the contract the collateral for both Alice and Bob are destroyed in an act of mutually assured destruction. The contract is enforced by psychology and game theory where Alice and Bob can trust one another because they each are taking on an equal amount of risk. The threat of mutually assured collateral destruction by the arbitrator is what enforces the digital confidentiality agreement smart contract.

4) Reputation

This would allow an arbitrator to be rated so that only arbitrators with a good reputation for successful arbitration could be paid. Reputation for settling disputes could be tracked, every dispute should be recorded in a public record so that over time arbitrators can gain a track record from their history. This track record should allow arbitrators to charge higher fees over time until the market place is filled with skillful arbitrartors with good reputations.


This smart contract would be relatively easy to write. It would require only a trusted arbitrator, an escrow account to hold the mutual collateral, and an enforcement mechanism which involves shared destruction of collateral. The shared destruction could happen all at once or it could slowly drain as this could all be negotiable. The arbitrator would be the person who has the power to trigger the shared destruction and because the arbitrator would have a reputation to maintain they would not be able to recklessly use the nuclear option.

In the case where there is a leak from either Alice or Bob then either of them could alert the arbitrator which would allow the arbitrator to study the facts to determine if there was a leak. If there was a leak then the arbitrator could have the power to destroy the collateral so that the pain is spread. It would not be a situation where Alice or Bob would want to approach the arbitrator unless the leak is something significant.

The arbitrator could also be given the power to determine that one side leaked on the other and destroy the collateral for the side which leaked. This would be quite difficult to prove though. This smart contract design may not be perfect so please improve upon it.

Post edited by Luckybit on


  • LuckybitLuckybit Member Posts: 2
    edited November 2014
    Technical details:

    To make this smart contract work on the technical level you need to use reputation points or an already established reputation system. This smart contract could work well over Ethereum for example. You also would need enough flexibility that Alice and Bob can select an arbitrator based on agreed criteria they establish in the contract. So basically you would want the smart contract to algorithmically search for or select the arbitrator without Alice and Bob having to do anything except to agree on the attributes they are looking for.

    The purpose of this sort of smart contract would not be to be about cryptography but more about the human aspects. Most leaks happen due to human failures when it comes to encryption so this smart contract would be designed to make sure both human beings share the same incentives are are equal stakeholders in the success of the confidentiality agreement. Game theory can be used, reputation can be used, and in this way a person can establish over time that they can handle information of greater levels of confidentiality as tracked by the blockchain which would record everything.

    People who are good at keeping information confidential would develop their reputation for being able to do that. Over time these people would be selected more often to receive confidential information based on their reputation. You can quantify things by looking at the amount of risk they've taken (the amount in collateral they've been willing to risk) to create a numerical score for their profile. You could also see how many different confidentiality agreements they have successfully participated in to see they are good at keeping them.

  • michael_cglamichael_cgla Member Posts: 1
    @Luckybit, really interesting proposal. Looks like you wrote this almost three years ago. Have you implemented it since then? Or seen any other Ethereum-based NDA implementations?

    One of the biggest concerns I have is around the escrow amounts. If they are too low, they will do little to discourage infringement of the NDA. On the other hand, if they are high enough to have teeth (for example, 10% of annual profits), no entity will want to enter into the contract in the first place. Doing so with even one counterparty would tie up a lot of capital for potentially a long time (in the case of a typical NDA, certainly months and potentially years, to say nothing of the survival of certain obligations in perpetuity). Signing an NDA with each of ten counterparties (for example, ten prospective bidders for a contract) at this rate would tie up an entire year's profits!

    One other thought: how is the reputation of the arbiters established? Do the parties to a dispute rank their satisfaction? It would seem likely that the winner would be satisfied but the loser would be frustrated, regardless of the objective fairness of the judgment, though perhaps this could be worked around. And is there a need for an external system to handle the processing of the cases, and/or storage of the reputation data, or can this all be handled inside the smart contract, running on the EVM?

    Do the parties to the contract have any recourse to state/national judiciary systems and remedies? Or is the judgment by the system-assigned arbiter final? (Or is there an appeal mechanism within the smart contract system?)
Sign In or Register to comment.