Storing and retrieving encrypted data in Hyperledger

[gorshenev]

Use case:

An Eternal Trusts user called “Bob” needs to use the dynasty support product (a crypto trust) for the benefit of his children. He wants to distribute 1 ETH per month among every child.

In order to do this, Bob has to provide information about himself and his children:

**Client-Data:** 
{
	“full_name”: “Bob Jonson”,
	“date”: “2018-07-08 11:23:0032”,
	“social_profiles”: [ {“key”: “facebook”, “value”: “https://facebook.com/bob_jonson”}, {“key: ”“linkedin”, “value”: “...”} ],
	“photo_id”: BINARY_DATA,
	“children”: [
		“full_name”: “Tom Jonson”,
		“social_profiles”: [...],
		“photo_id”: BINARY_DATA,
		“crypto_wallets”: [
			“key”: “bitcoin”, “value”: “...”,
“key”: “ethereum”, “value”: “...”,
“key”: “eos”, “value”: “...” 
]
]
}

This data should be encrypted and stored in the Hyperledger blockchain.
{“transaction_id”: ..., “date”: …, “encrypted_data”: BINARY_DATA}
Bob has a private key that he can use to decrypt his profile data.
The platform has 2 types of addresses in Hyperledger: the Client’s address (created for every new client) the Oracle’s address (always 5 addresses for the whole network).

When the platform receives a multi-signature transaction from the Oracle’s addresses, the chain code (smart contract) of Hyperledger will use the commit-reveal approach to randomly choose one Oracle address, whose private key can be used to decrypt and give access to the client's (Bob) profile information for several minutes.
In the end, the transaction from Oracle should be confirmed, until a new multisig transaction happens.

[rockyy11]

Use case Scenario - An Eternal Trust's user called “Bob” needs to use the dynasty support product (a crypto trust) for the benefit of his children. He wants to distribute 1 ETH per month among every child from January-2018 (Start-time) to December-2018(End-time) without disclosing this data to any central authority.

1. We will keep the time(on hyperledger), starting from which every month the amount will be transferred to his children accounts.
2. We will break the data into N number of data where N is equal to the number of months between starting time and the end time, depending on the duration of transferring.
3. For each file different AES keys will be generated and each file will be encrypted from one of the AES keys, the encrypted files will be stored in IPFS and their respective hashes will be stored on Hyperledger.
4. The AES keys we got from the 3rd step, we will use Shamir's Secrets sharding algorithm and break the AES key into N number of shard keys where N is the number of oracles. Each shard will be encrypted by respective oracle's public key (generated using RSA algorithm). All these encrypted shards will be stored on the hyperledger.
5. When the time meet for transferring the amount to children account, The oracles will get the encrypted shard keys from Hyperledger and decrypt it(shard key) using their respective private keys and if the majority of oracles agree for the transfer then they will give their respective decrypted shard key, and they together combine to decrypt the AES key stored in IPFS and decrypt the data with AES key and transfer the amount using EOS smart contracts.
6. Through this mechanism, we have kept the data safe from all the Oracle servers and also get the permissions of majority at the time of transferring.

[rockyy11]

I have added the technical solution to the above comments in #2