Your links seem to relate to regular plaintext sequencing, storage and analysis.
We are building under full encryption.
vishakh82 4 hours ago [-]
Unfortunately, credible external audits are really expensive.
Our project is bootstrapped so we won't be able to afford a 100k audit for a while.
odyssey7 8 hours ago [-]
What makes Monadic DNA monadic?
vishakh82 7 hours ago [-]
Think monad as in philosophy, less monad as in a programming burrito.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
goopypoop 7 hours ago [-]
"Anonymized" ≠ anonymous
What is the contract with "some legalese" for?
Couldn't it be as simple as "pay, spit, receive unique physical token"? A disgusting vending machine, even
vishakh82 7 hours ago [-]
You're right about "anonymized" and "anonymous". We do point out avenues to reach anonymity.
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.
phoronixrly 7 hours ago [-]
So... It's just uploading your DNA to S3 but with extra steps this time? Before selling it off with the rest of the company assets later.
vishakh82 7 hours ago [-]
Not at all. "S3" is only in the loop because that's what labs generally use. In production, when we have ongoing scale, we will not use S3 or anything like it to transfer data between labs and our infra, even if it means using sneakernet!
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.
mbeavitt 2 hours ago [-]
Ok but the lab has access to the unencrypted data? You haven't removed the requirement that the user needs to trust the lab with their raw genome markers. This entire operation hinges on the lab's trustworthiness, does it not?
vishakh82 56 minutes ago [-]
We address this point in the article. On the default path with existing rules and regulations some degree of trust in labs will always be required.
At-home sequencing could be a game changer.
The other reply also mentions molecular cryptography which could provide really strong anonymity and privacy guarantees. We hope to do a PoC accordingly some time in the neat future.
Real_S 2 hours ago [-]
Excellent point.
We are developing a solution that will allow cryptography for DNA molecules, allowing DNA to be secure in any lab. It fits well with Monadic's front end.
I'd love to see the results of an external audit of the systems that touch personal DNA information.
https://www.frontiersin.org/journals/bioengineering-and-biot...
A publication from this year highlights the ongoing challenges:
https://ieeexplore.ieee.org/abstract/document/10930454/
We are building under full encryption.
Our project is bootstrapped so we won't be able to afford a 100k audit for a while.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
What is the contract with "some legalese" for?
Couldn't it be as simple as "pay, spit, receive unique physical token"? A disgusting vending machine, even
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.
At-home sequencing could be a game changer.
The other reply also mentions molecular cryptography which could provide really strong anonymity and privacy guarantees. We hope to do a PoC accordingly some time in the neat future.
We are developing a solution that will allow cryptography for DNA molecules, allowing DNA to be secure in any lab. It fits well with Monadic's front end.
https://www.geneinfosec.com/