The intermediate architecture was described in D5.3 which focused primarily on the integration of the SSI components, the design of the front-end and back-end, and the integration with the educational data infrastructure. This document focuses on the other hand on the extensions subsequently designed, namely the mobile apps, the infrastructure to assign and control institutional affiliation for individual users and the integration with the SMPC components.
Based on feedback received on previous iterations of the architecture and during the periodic review, the updated architectural scope now includes functionalities aimed at reducing the risk of fraudulent use of the marketplace especially in the areas of forged or otherwise tampered data products offered for sale by malicious actors. In that sense the permissioning system running on the Lynkeus blockchain was extended to include data provenance tracking functionalities also supporting the staking (escrow) against the quality of a data product.
A challenging architectural decision was resolved after intense and protracted discussions with partners regarding the implementation of two apps instead of an integrated one, encompassing both the SSI and the marketplace functionalities. While the resulting choice may slightly decrease the overall usability of the system, the separation better guarantees security of the authentication process leaving the SSI app as general-purpose identity management module.
A major focus in recent design work which led, in our view, to a highly innovative solution, is the integration of the SMPC with the marketplace front-end and back-end. The resulting architecture now defines an end-to-end secure, pay-for-computation system which, leveraging the underlying permissioning layer, orchestrates distributed computations in conjunction with a payment system powered by the Streamr DATA token. To our knowledge this is the first real world implementation of a system that directly ties the extent of data access to the economic value of the information that is gathered from it using a token-based payment system. In this regard the KRAKEN Marketplace realizes a working implementation in which privacy, the value of information and its actual price are all technically and operationally connected.