Aleo is building a user experience on the web that is both truly personal and truly private.
In the next decade, web services will be everywhere, living in more places than just your browser, and reason over every intimate detail of our personal lives. Our private lives have become a public commodity and as web services evolve to become more personal, to live everywhere, we need to rethink how we control our data.
If it lives online, somebody owns it. The web provides free services in exchange for personal data. This business model is obsolete and puts users at odds with web services. Users must hand over personal data in exchange for services to interact with one another in their daily lives. Service providers must manage sensitive data that risks their business if improperly stored, processed, or disclosed. This is problematic and should not have to be this way.
Over the past decade, new technologies to protect user data have become practical. For the first time, users have a choice. They are not constrained to giving up control of their data, and data breaches no longer have to be an inevitable price to pay. And for the first time, web services can use privacy-preserving technologies to protect users while expanding the possibilities of their web experience.
Instead of giving up control of your personal data, web services will reason about it without actually seeing it. Web services will no longer need to store sensitive data, and will outsource their work back to the user. In this manner, neither the user nor the service provider will know more than they should, and the control over personal data will remain with the user. This approach rethinks both the privacy guarantees that services offer and how users think about their data. This paradigm will fundamentally shift how the web works in ways we have yet to even see.
Unlike web technologies today, zero-knowledge cryptography presents a foundation for the web that is secure, compliant, and fair. New web standards built upon this technology offer users choice and will mitigate the impact of data breaches.
For example, rather than risk leaking a user's password, users can now hash their password (with salt and pepper) on-device, without ever having to send their password over to any web service. Not only does this keep user data on-device, it reduces access control overhead and eases the legal responsibility that web services must bear today.
For example, brokerages today not only learn the complete history of a user’s transactions, they also learn when a user performs a trade. Access to this data allows brokerages to sell valuable information to third parties, choose to deny service to specific users, and even front run their own users on exchange. This is a serious and unsolved problem. Users should not have to hope their brokerage behaves honestly, and regulators should have proof that brokerages adhere to their standards.
Web services should not have to possess users’ data in order to provide a valuable experience. Users should be able to interact with web services blind to their personal information. For example, if a brokerage cannot learn their users’ data, they cannot target any one user - whether to deny them service or offer an unfair price. The choice of handing data over should be one that users get to make.
Aleo defines a new standard for the web. It takes a radically new approach to security, privacy, and data ownership. Users no longer need to sacrifice information they can never take back, and web services no longer have to risk compromising their users’ data.
To write private applications on Aleo intuitively and easily, we built Leo, the first programming language for formally verified, zero-knowledge applications. Leo ensures users’ data is private-by-default and runs seamlessly on the web.
Leo Playground
Web developers publish their work to the Aleo Package Manager (PM), a registry that freely hosts and shares commonly-used code. With Aleo PM, developers can quickly import packages to assemble a new web application. Today, we are releasing a new Teams feature to enable developers to work together.
Aleo PM Teams
We believe this feature will make it easier for developers to collaborate on complex packages, such as SHA256 or AES, and easily publish their work for others to use. We’ve also introduced new security features to make it easy to bring attention to new bug fixes for all downstream packages.
With Aleo Studio, developers can now quickly search and import new packages to use in their application.
Once ready to deploy, the Aleo network hosts the application with 100% uptime and complete privacy. Our network enables developers to seamlessly bootstrap and deploy zero-knowledge applications without a degree in cryptography.
As more people come to use the web in their daily lives, applications will require greater security, compliance, and fairness. We want web developers to build applications powered by Aleo and make private applications standard in every users’ life.