A lot of effort has been put into building Web3's decentralized infrastructure. Connecting to Ethereum and other services such as decentralized storage or applications relies on decades-old protocols such as TLS, which in turn require heavily centralized services like Certificate Authorities. This existing centralized web security puts web3 at risk.

These protocols are limited by their dependence on location-based addressing (IP). As the web evolved, centralized services and infrastructure emerged to compensate for the limitations of IP addressing. Most of these services exist to associate and verify identity with location. In addition to Certificate Authorities, these now range from multi-factor authentication schemes (e-mail, SMS), to cookies (validated devices). Each additional service adds attack surface and vulnerability, which is amplified by centralization.

We have been researching and developing an encryption suite that uses cryptographic addressing (ECDSA key pairs, such as ETH wallets) as the root digital identity for securing publicly-stored files, end-to-end symmetric encryption, and proxy re-encryption. One encryption suite for securing web traffic with decentralized authority, cryptographic identity, and better security, for Web3.

We have identified three core encryption protocols, with possible use cases:

• Single-party Encryption: Encrypting data with a unique key for storage on public networks, only retrievable using an Ethereum keypair. Possible use cases include validator data back-up, privatizing single-owner digital asset(NFT) metadata, and secured decentralized file storage.

• Multi-party Symmetric Encryption (Handshake): Decentralized ID verification, key generation, and key distribution for symmetric encryption. Possible use cases include TLS connections, End-to-End encrypted messaging, shared access to decentrally stored files.

• Proxy Re-encryption: Using verifiable, networked secure hardware environments (TEE like Intel SGX) to manage distribution of digital assets stored on public networks. Use cases include digital rights management, streaming music, limited-access to content.