DECO is a privacy-preserving oracle technology developed by Chainlink Labs’ Chief Scientist, Ari Juels, at Cornell University. Through the use of zero-knowledge proofs (ZKPs) and an oracle, DECO allows users to authenticate personal information from an API or website without revealing sensitive information on-chain or to the oracle.
By verifying that a certain value exceeds an established threshold via cryptographic proof, DECO enables use cases such as confirming borrowers’ creditworthiness while protecting their personal information.
In a recent blog post, Juels outlined how DECO could also be used to improve private key management, allowing users to recover lost keys by authenticating to websites of their choosing while maintaining the same privacy standards.
Juels explained why better key management is crucial to mainstream crypto adoption:
In order to avoid the risk of losing assets to the failures of centralized institutions, crypto purists advocate self-custody through private keys. But private keys aren’t fool-proof, with an estimated 20% of Bitcoin relegated to crypto purgatory as a result of the world’s collectively lost keys.
“Crypto as a technology and social movement could ultimately fail unless self-custody – and thus key management – become dramatically easier for ordinary users,” wrote Juels.
Social recovery systems, by which users retrieve lost keys through designated family and friends, offer a partial solution to this problem. In Juels’ view, these systems still fall short.
“A number of my friends are professors specializing in information security, but I’m still not sure I’d trust them entirely as a help desk – even collectively – or recommend that they should trust me,” he explained.
While institutions are imperfect custodians, Juels detailed how leveraging their “state-of-the-art expertise on user authentication” could strengthen private key management to make self-custody a safer and more viable option for the average crypto holder.
DECO allows users to prove to a decentralized oracle network (DON) that they are logged into their account with a designated institution without revealing their account information to the DON or explicitly involving the institution in the authentication request. This allows institutions to play an important role in key recovery without any modifications to their existing infrastructure.
Juels shared examples of how DECO could be used to augment users’ existing social recovery schemes and summed up the fundamental value of this hybrid approach.
“It’s nice to be able to rely on friends and family as your virtual help desk for this purpose. Nicer still, though, is the ability also to enlist the help of the pros, the websites we use on a daily basis and already rely on for strong, usable authentication. With DECO, it’s possible in principle to do so in a privacy-preserving way with any site of your choosing.”
Read the full blog post here.