Heima Docs
  • Overview — What is Heima?
    • Introduction
      • Heima
      • HEI Token
  • Background and Problem Statement
    • Problem
    • Our Solution
    • Current Chain Abstraction Systems and How Heima Solves Their Limitations
  • Core Concepts
    • Heima Layer 1 Network
    • Account Abstraction
    • Chain Abstraction
    • Agent Hub
  • Case Study(PumpX)
  • Developer — Build With Heima
    • Developer Overview
    • Key Components
    • Integration Guide
  • Ecosystem — Connect with Heima
    • Ecosystem
      • Parachain
      • Litentry Foundation
      • PumpX
  • Featured DApps
    • Web App
    • IdHub
      • User Guides
        • Getting Started with the IDHub
          • Setting up a Shielding Key
          • Linking a Web3 Account
          • Linking a Web2 Account - Twitter
          • Linking a Web2 Account - Discord
          • BRC 20 Sign-in
        • Generating Credentials
        • How to Stake, Bridge, and Unstake on IdentityHub (deprecated)
      • Direct Invocation
      • EVM Sign-In
      • Verifiable Credentials (VCs)
      • Identity Score
      • IdentityHub Client
      • Securing Privacy
      • IDHub FAQs
      • Rules of IDHub v0.8
      • Glossary of Terms
  • Resources — More about Heima
    • References
    • FAQ
    • Support
    • Brand Kit
  • Heima Whitepaper
    • Read Online
  • PDF Download
Powered by GitBook
On this page
  • Trusted Execution Environment (TEE)
  • Confidential storage of ID graphs
  • Request desensitiser
  • Decentralized data aggregation
  • Selective Disclosure

Was this helpful?

  1. Featured DApps
  2. IdHub

Securing Privacy

This page discusses how Heima will assure confidential identity data aggregation and computation.

PreviousIdentityHub ClientNextIDHub FAQs

Was this helpful?

The Heima parachain carries the confidential identity data aggregation and generates trusted identity data. The following technologies are put in place to assure the users data privacy.

Trusted Execution Environment (TEE)

The storage of ID graphs and the entire identity data aggregation process will be implemented by the TEE Sidechain of the Heima network.

A is an environment for executing code, it guarantees code and data loaded inside to be protected for confidentiality and integrity. The TEE is a secure area, also known as an "Enclave," that is isolated from the main operating system (OS).

It is designed to protect data and ensure that it is stored, processed, and kept secured by an isolated, cryptographic electronic structure that is resistant to malicious attacks and unauthorized access. The hardware manufacturer guarantees that no one - not even the system administrator or the operating system - has access to the keys or can read the memory stored within the TEE.

The Trusted Execution Environments contribute significantly to the security and privacy of IdentityHub by providing a secure enclave for the execution of sensitive operations, isolating critical data, and ensuring the confidentiality and integrity of identity-related processes.

Confidential storage of ID graphs

The IDHub Client will submit ID graphs to the blockchain and the blockchain will verify the ID graphs. Validated ID graphs will be stored in an encrypted on-chain TEE storage.

Request desensitiser

The request desensitiser is executed inside the TEE, it is designed for splitting accounts into separate queries and batching parallel requests belonging to different users aside from adding random addresses when sending it to external data providers. The request desensitiser makes it impossible for data providers to guess a user's ID graph based on the data requests.

Decentralized data aggregation

After sending data requests to data providers, the Heima network will listen to the results from data providers and aggregate the results. The data results will only include the relevant values and are aggregated according to the request ID. The user's address does not appear in the process or is not disclosed in the credential.

Selective Disclosure

A user will have maximal control over the amount of information they want to 'disclose' to a dApp. Heima's verifiable credentials allow the user to only disclose the minimum needed amount of information required for the specific use case.

Trusted Execution Environment (TEE)