Wow, Media Player Classic has come a long way. I knew it could play most types of videos but this is next-level compatibility.
For those who just read the comments, this is a joke. The MPC in the article refers to "multi-party compute".
I'm pretty sure it's model predictive control
It's great to see privacy-focused service using FHE.
I'd love to see the results of an external audit of the systems that touch personal DNA information.
We did an external audit of these systems and published on it a few years ago:
https://www.frontiersin.org/journals/bioengineering-and-biot...
A publication from this year highlights the ongoing challenges:
Your links seem to relate to regular plaintext sequencing, storage and analysis.
We are building under full encryption.
Unfortunately, credible external audits are really expensive.
Our project is bootstrapped so we won't be able to afford a 100k audit for a while.
So... It's just uploading your DNA to S3 but with extra steps this time? Before selling it off with the rest of the company assets later.
Not at all. "S3" is only in the loop because that's what labs generally use. In production, when we have ongoing scale, we will not use S3 or anything like it to transfer data between labs and our infra, even if it means using sneakernet!
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.
Ok but the lab has access to the unencrypted data? You haven't removed the requirement that the user needs to trust the lab with their raw genome markers. This entire operation hinges on the lab's trustworthiness, does it not?
Excellent point.
We are developing a solution that will allow cryptography for DNA molecules, allowing DNA to be secure in any lab. It fits well with Monadic's front end.
We address this point in the article. On the default path with existing rules and regulations some degree of trust in labs will always be required.
At-home sequencing could be a game changer.
The other reply also mentions molecular cryptography which could provide really strong anonymity and privacy guarantees. We hope to do a PoC accordingly some time in the neat future.
> Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries.
Do you have any sources for this?
What makes Monadic DNA monadic?
Think monad as in philosophy, less monad as in a programming burrito.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
"Anonymized" ≠ anonymous
What is the contract with "some legalese" for?
Couldn't it be as simple as "pay, spit, receive unique physical token"? A disgusting vending machine, even
You're right about "anonymized" and "anonymous". We do point out avenues to reach anonymity.
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.