Author: David Attermann, Portfolio Manager at M31 Capital, CoinDesk; Translation: Bai Shui, Golden Finance
Centralized data networks (networks owned or managed by a single entity) have been structurally compromised over the years. Why? Single point of failure. If one entity (or even a few entities) has access to the database, then only one 'point' needs to be compromised to gain full access. This is a serious issue for networks storing sensitive data such as customer information, government documents, and financial records, as well as networks controlling infrastructure like the power grid.
In just 2024, billions of digital records have been stolen, resulting in an estimated loss of $1 trillion! Notable breach incidents include nearly all customer information and call records from AT&T, half of the personal health information of Americans, 700 million end-user records from companies using Snowflake, 10 billion unique passwords stored on RockYou24, and social security records of 300 million Americans.
This is not just a private sector issue—governments and critical national infrastructure also rely on centralized networks. Notable recent breaches include the theft of records of 22 million Americans from the U.S. Office of Personnel Management and sensitive government communications from multiple U.S. federal agencies.
Despite spending hundreds of billions of dollars on cybersecurity every year, the scale and frequency of data breaches have only increased. It is clear that incremental products cannot fix these network vulnerabilities— the infrastructure must be completely re-architected.
Artificial Intelligence amplifies the issues
Recent advancements in generative artificial intelligence have made automating everyday tasks and improving work efficiency easier. However, the most useful and valuable AI applications require context, which means accessing sensitive user health, financial, and personal information. Because these AI models also require substantial computing power, they are essentially unable to run on consumer devices (computers, mobile devices) and must access public cloud networks like AWS to handle more complex inference requests. Given the serious inherent limitations of centralized networks mentioned earlier, the inability to securely connect sensitive user data with cloud AI has become a significant barrier to adoption.
Even Apple pointed this out in its Apple Intelligence announcement earlier this year, highlighting the need for assistance from larger and more complex models in the cloud, and how traditional cloud models are no longer feasible.
They cited three specific reasons:
Privacy and security validation: Providers' claims (such as not logging user data) often lack transparency and enforceability. Service updates or infrastructure troubleshooting can inadvertently log sensitive data.
Lack of transparency during runtime: Providers rarely disclose software details, and even with open-source tools, users cannot verify whether services are running unmodified or detect changes.
Single point of failure: Administrators require elevated access for maintenance, which poses a risk of accidental data leaks or abuse by attackers targeting these privileged interfaces.
Fortunately, Web3 cloud platforms provide the perfect solution.
Confidential Cloud Orchestration for Blockchain (BOCC)
The BOCC network is similar to AWS, except it is built entirely on confidential hardware and managed by smart contracts. While still in early stages, this infrastructure has been developed over many years and is finally starting to support Web3 projects and Web2 enterprise clients.
This technology addresses all the concerns mentioned by Apple:
Privacy and security validation: Through public smart contract orchestration networks, users can verify whether user data is transmitted and used as promised.
Workload and program transparency: The network also verifies the work done in confidential TEE, cryptographically proving that the correct hardware, data, and software were used, and that the output has not been tampered with. This information is also submitted on-chain for public audit.
Single point of failure: Network resources (data, software, hardware) can only be accessed through the owner's private key. Therefore, even if one user is threatened, only that user's resources are at risk.
While cloud AI presents huge disruptive opportunities for Web3, BOCC can apply to any type of centralized data network (power grids, digital voting infrastructure, military IT, etc.), providing superior and verifiable privacy and security without sacrificing performance or introducing latency. Our digital infrastructure has never been so vulnerable, but blockchain orchestration can fix it.