Think monad as in philosophy, less monad as in a programming burrito.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
goopypoop · 1h ago
"Anonymized" ≠ anonymous
What is the contract with "some legalese" for?
Couldn't it be as simple as "pay, spit, receive unique physical token"? A disgusting vending machine, even
vishakh82 · 59m ago
You're right about "anonymized" and "anonymous". We do point out avenues to reach anonymity.
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.
phoronixrly · 53m ago
So... It's just uploading your DNA to S3 but with extra steps this time? Before selling it off with the rest of the company assets later.
vishakh82 · 46m ago
Not at all. "S3" is only in the loop because that's what labs generally use. In production, when we have ongoing scale, we will not use S3 or anything like it to transfer data between labs and our infra, even if it means using sneakernet!
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
What is the contract with "some legalese" for?
Couldn't it be as simple as "pay, spit, receive unique physical token"? A disgusting vending machine, even
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.