Gridlock - outline [OUTDATED]

# Gridlock - outline [OUTDATED] > Confidential Multilateral Obligation Setoff (MOS) ## 1. Introduction **State of the art** - What is MOS? - Obligation is a pending tx that eventually has to be settled. - Focus on the example in Slovenia - Magnitude of parties involved (much more than a network of banks) - Savings achieved in terms of liquidity. Reduces the need for liquidity which might be expensive or not available [FDL20] - Forecasted saving if participation was higher [FD21] - Description of the algorithm used there [FD21] + maximum liquidity saving - Goal is to settle the maximum amount of obligations in terms of amount/liquidity saved - Describe gridlock scenario (example at [CYD+20]). **Problem** - Problem with low participation, might be due to lack of privacy. Low participation -> less benefits for the participant. MOS is highly reliant on network effects. **Solution** - Goal is to build a system for MOS that guarantees correctness and privacy to encourage higher participation - Confidential MOS, based on Secure Multi Party Computation - Guarantees privacy (explain what privacy is here) and correctness - Efficiency in terms of MPC performance, scalable to millions of parties, it can apply to real world. Slovenia example - Efficiency in terms of liquidity savings, maximum. **Related Work** - MOS in real life - Interbank payments [GGM18] - Energy grids [EPK+20] - Firms and their invoices [FDL20] - On MPC applied in the real world - [BCD+08] - [LDH+15] - [LJA+18] - [BKS+24] - Analyse the benefit in terms of privacy and the performance in real-world enviornment - Mention that they are all based on client to server model - On Confidential MOS - [CYD+20] with ZK - description of the logic - no full privacy - a lot of rounds of communication to achieve convergence - partial settlement - [ADM22] and [ASA22] with MPC - description of the logic - Explain security model - partial vs optimal settlement - briefly mention the benchmarks - All these implementation relates to the banking system which is way smaller in scale to the requirement of a network on firms. - Why not hardware to achieve this? Mention Damgaard for this **Organization of the paper** - ... ## 2. Preliminaries **Notation** - ... [FD21] **MOS algorithm** - Based on [FD21] - Goal: to find the algo that maximizes the percentage settlement.Goal of a MOS is to settle the maximum amount of obligations. In particular we measure it as Percentage Settlement = Total tx amount settled / Total tx amount input - Introduce algorithm - Explain that the solution is not unique - Requirement of no novation of obligations - Implementation with maximum efficiency in terms of percentage settlement (proof). This is the same as [ADM22] because it works with partial settlement - These 2 methods don't consider each tx as an irreducible monolith. Instead a transaction can be further reduced to obtain the maximum liquidity saving. Binary vs non binary settlement. - This comes at a cost of sacrificing fairness. Which can be achieved in FIFO order settlement. - More efficient in terms of speed vs [ADM22], which has a solution based on linear programming - Explain how the protocol would work in practice in Slovenia. (no privacy here but it is managed by a centralized party) - Definition of correctness in the protocol (check page 2 of [CYD+20]) - Add algorithm (#1) - Chosen algorithm that will be used in MPC **MPC** - Intro to MPC [L20] and security assumption - Add introduction/crash-course on MPC. Inspiration from [LJA+18] section 2. Main material from [L20] - Definition of correctness and privacy and other security assumptions on MPC [L20] - Explain differences between peer-to-peer or client-to-servers MPC model [LJA+18] Section 2. - Mention the concept of correctness to third parties and publicly auditable MPC. We believe that we don't need such machinery to achieve guarantee of correctness to parties submitting their invoices, which is a weaker notion of public auditability. Further analysis on that later - Define artihmetic black box of MPC with opening functions (to the public and to a specific party) (#2) - Explain how environment can decide if the correct value is actually delivered - All the operations that I am gonna use are defined here (without any reference to the application) ## 3. Gridlock - Confidential MOS Protocol **Protocol** - Specify Protocol as a whole. How the parties interact between each other, who send what to who and timing. **Setting** - Client to server - Honest majority - Mixed protocol **Algorithms** - It is important to mention if there's any information leakage in my implementation and any tradeoff that was attained to improve the performances (similar to paragraph 3.1 of [ASA22]) **Fraud Proof Protocol** - Mention how to achieve correctness to participants. We don't need public auditability. Public dispute/Fraud proof mechanism if the constraint are not met when the shares are reassembled by the party. **Benchmarks** - Benches in terms of computation and communication bandwidth cost ## 4. Open Issues and Future Directions - Attempt with FHE. Easier to play around with treshold and therefore can be made more secure. Increasing the parties to which the trust is shared. Drawback is that it would be slower. - Add fairness assumption to gridlock. We don't deal with that yet. ## 5. Conclusions - Achieved something that can be used for RW scenarios! ## Resources - Liquidity-Saving through Obligation-Clearing and Mutual Credit: An Effective Monetary Innovation for SMEs in Times of Crisis [FDL20](https://www.mdpi.com/1911-8074/13/12/295) - [AJPES 2002–2019](https://www.ajpes.si/Bonitetne_storitve/Vecstranski_pobot/Porocila#b671) - Mathematical Foundations for Balancing the Payment System in the Trade Credit Market [FD21](https://www.mdpi.com/1911-8074/14/9/452) - The economics of netting in financial networks [GGM18](https://link.springer.com/article/10.1007/s11403-018-0229-4) - Accessible Privacy-Preserving Web-Based Data Analysis for Assessing and Addressing Economic Inequalities [LJA+18](https://dl.acm.org/doi/abs/10.1145/3209811.3212701) - Secure Multi Party Computation [L20](https://eprint.iacr.org/2020/300) - Web-based multi-party computation with application to anonymous aggregate compensation analytics [LDH+15](https://open.bu.edu/handle/2144/21773) - Secure Multiparty Computation Goes Live [BCD+08](https://eprint.iacr.org/2008/068.pdf) - Short Paper: Privacy Preserving Decentralized Netting [ADM22](https://link.springer.com/chapter/10.1007/978-3-031-32415-4_19) - Large-Scale MPC: Scaling Private Iris Code Uniqueness Checks to Millions of Users [BKS+24](https://eprint.iacr.org/2024/705) - Private Liquidity Matching using MPC [ASA22](https://link.springer.com/chapter/10.1007/978-3-030-95312-6_5) - Privacy-Preserving Netting in Local Energy Grids [EPK+20](https://ieeexplore.ieee.org/abstract/document/9169440) - Decentralized Privacy-Preserving Netting Protocol on Blockchain for Payment Systems [CYD+20](https://link.springer.com/chapter/10.1007/978-3-030-51280-4_9)