Create w3p-03.md

This commit is contained in:
Mykola Siusko 2023-10-19 14:47:44 +02:00 committed by GitHub
parent 9c1e1f21ac
commit a95df15948
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

32
w3p-03.md Normal file
View file

@ -0,0 +1,32 @@
<pre>
W3P: 3
Title: Privacy features audit concept for security audit organizations & whitehackers (research)
Status: preparation
Type: Research
Created: 2023-10-01
</pre>
## Contents
- [Context](#Context)
- [Privacy features to audit](#Privacy-features)
- [Additional](#Additional)
# Context
Research on how private web3-solutions are used within the Ukrainian-Russian war (with a focus on privacy-protecting currencies like Zcash). It covers both free & occupied Ukrainian territory & Russia. Where even a "like, share or tweet" is enough for prosecution. Meaning that privacy is the way for freedom of speech protection.
# Privacy features
| Feature | Observation |
| Selected privacy technology maturity | latest, old etc |
| Selected privacy technology delivery | state of the privacy tech: test-net, poor code execution etc |
| Default privacy | enabled, not |
| Privacy policies (data collection policies) | what data is collected & why; marking non-essential data collection practices |
| Non-consent data collection practices | IP, wallet, balance etc |
| Anonymous set | data "profile" service reveal about you |
| Third-party privacy tech maturity | If service is a part of ecosystem - security audit company comments on core tech privacy (Ethereum, Waku) |
| Traceability | How traceable are transactions |
# Additional
| Feature | Observation |
| Privacy risk | low, medium, high |