Author: David Attermann, Portfolio Manager at M31 Capital, CoinDesk; Translated by: Bai Shui, Golden Finance
Centralized data networks (those owned or managed by a single entity) have been structurally compromised for years. Why? Single point of failure. If one entity (or even a few entities) has access to a database, then only one "point" needs to be compromised to gain full access. This is a serious issue for networks that store sensitive data such as customer information, government documents, and financial records, as well as networks that control critical infrastructure like the power grid.
In just 2024, billions of digital records have been stolen, resulting in an estimated loss of $1 trillion! Noteworthy breaches include nearly all customer information and call records of AT&T, half of Americans' personal health information, 700 million end-user records from companies using Snowflake, 10 billion unique passwords stored on RockYou24, and social security records of 300 million Americans.
This is not just a private sector issue - governments and critical national infrastructure also rely on centralized networks. Notable recent breaches include the theft of records of 22 million Americans from the U.S. Office of Personnel Management, as well as sensitive government communications from multiple U.S. federal agencies.
Despite spending hundreds of billions of dollars annually on cybersecurity, the scale of data breaches is growing, and their frequency is increasing. It is clear that incremental products cannot fix these network vulnerabilities - the infrastructure must be completely re-architected.
Artificial Intelligence Amplified the Problems
Recent advancements in generative artificial intelligence have made it easier to automate everyday tasks and improve work efficiency. However, the most useful and valuable AI applications require context, meaning access to sensitive user health, financial, and personal information. Because these AI models also require a significant amount of computing power, they essentially cannot run on consumer devices (computers, mobile devices) and must access public cloud networks like AWS to handle more complex inference requests. Given the serious inherent limitations of centralized networks mentioned above, the inability to securely connect sensitive user data with cloud AI has become a significant barrier to adoption.
Even Apple pointed this out in its Apple Intelligence announcement earlier this year, highlighting the need to access larger and more complex models from the cloud, and how traditional cloud models are no longer viable.
They listed three specific reasons:
Privacy and Security Verification: Provider claims (such as not logging user data) often lack transparency and enforceability. Service updates or infrastructure troubleshooting may inadvertently log sensitive data.
Lack of Transparency in Runtime: Providers rarely disclose software details, and even with open-source tools, users cannot verify that services are running unmodified or detect changes.
Single Point of Failure: Administrators require elevated access for maintenance, which poses a risk of accidental data leakage or abuse by attackers targeting these privileged interfaces.
Fortunately, Web3 cloud platforms provide the perfect solution.
Blockchain Orchestrated Confidential Cloud (BOCC)
The BOCC network is similar to AWS, except it is entirely built on confidential hardware and managed by smart contracts. Although still in its early stages, the infrastructure has been developed for years and is starting to support Web3 projects and Web2 enterprise clients.
This technology addresses all the concerns previously mentioned by Apple:
Privacy and Security Verification: By orchestrating the network through public smart contracts, users can verify that user data is transmitted and used as promised.
Workload and Program Transparency: The network also verifies the work completed in confidential TEE, cryptographically proving that the correct hardware, data, and software were used, and that the output has not been tampered with. This information will also be submitted on-chain for public review.
Single Point of Failure: Network resources (data, software, hardware) can only be accessed with the owner's private key. Therefore, even if one user is compromised, only that user's resources are at risk.
While cloud AI presents tremendous disruptive opportunities for Web3, BOCC can be applied to any type of centralized data network (power grids, digital voting infrastructure, military IT, etc.), providing exceptional and verifiable privacy and security without sacrificing performance or introducing latency. Our digital infrastructure has never been more vulnerable, but blockchain orchestration can fix it.