Whistleblower and security engineer Chelsea Manning has joined privacy startup Nym as a security consultant, focusing on auditing their mixnet.Â
A mix network or âmixnetâ (taking its name from the proxy servers it employs, called âmixesâ) obscures the metadata left behind when data passes through a network, bringing a higher level of privacy to the table when it comes to network-level surveillance.Â
Manningâs audit will be completed before the Nym network launches on mainnet later in the year.Â
âAs methods for network traffic analysis have dramatically improved in the last decade, I have frequently called for research (since 2016) into alternative methods to Tor that avoid exposing the data within the network to such analysis,â Manning said in a statement. âNym is one such viable alternative worthy of research, and developmental implementation.âÂ
Manning was imprisoned for leaking documentation regarding military operations in Iraq and Afghanistan, which included the U.S. targeting of civilians.
By signing up, you will receive emails about CoinDesk product updates, events and marketing and you agree to our terms & conditions and privacy policy.Nymâs âinitial testnet, launched in April 2020, was the victim of a Sybil attack. A Sybil attack is when a single actor tries to take over a network by spinning up multiple nodes that validate data and transactions on the network. If one actor has a disproportionate amount of control over the system, it compromises the systemâs underlying integrity because the nodes under the attackerâs control could refuse to receive or transmit blocks on a blockchain.
âWhile trusting software with their money is one thing people are learning to do with Bitcoin and DeFi, brave whistleblowers and revolutionaries like Chelsea Manning have to trust software with their lives,â Nym CEO Harry Halpin said in a statement, adding:
âSo rather than âYOLOâ and launch only to wreck their users, weâre working with the best people alive to keep our users safe and secure.â
Over the next month, Manning is tasked with discovering new privacy leaks and setting parameters for âcover trafficâ on Nymâs mixnet. Cover traffic is traffic that can help confuse an internet service provider or other centralized entity that can attempt network-level surveillance.
Building on joint research with Ãcole Polytechnique Fédérale de Lausanne, Manning is working on parameters for cover traffic that help protect Nym against statistical disclosure attacks, Halpin told CoinDesk.
A statistical disclosure attack is when adversaries watch a network and can determine who is online at âroughly the same timeâ and then use that information to de-anonymize transactions.
âThis attack also works on Tor,â said Halpin. âLetâs say you hypothesize I send messages to a reporter even over Tor with a chat app like âOff the Record Messaging.â If the reporter is regularly online and using Tor to chat me, and weâre both online together at the same time, maybe it wonât get caught by an adversary the first time, but it will eventually get caught.â
Halpin said he was pleasantly surprised to discover Manning is keeping track of research into post-quantum cryptography.
âWeâd be happy to have her stay on after the audit in whatever form she wants, but right now we need everyone laser-focussed on securing our code,â said Halpin.
UPDATE (Aug. 25, 15:32 UTC): Adds further commentary from Nymâs Harry Halpin.
