Architecting a Confidential Web3: An Interview with Oasis Director Jernej Kos
Oasis Foundation’s Director Jernej Kos explains how Oasis is building the future of Web3 privacy.
The future of Web3 growth and adoption depends on better solutions for robust confidentiality. The engineering team at the Oasis Foundation understands the importance of this mission, which is why everything they build is designed to remove friction, improve interoperability, and accelerate acceptance of Oasis privacy technology, the only production-ready confidential EVM in Web3.
Jernej Kos, Director of the Oasis Foundation, shares his perspective on why privacy is important to Web3, how the team and community at Oasis can accelerate adoption of better privacy, and how the Oasis Network plays a strategic role in reshaping a more privacy-centric digital future. Answers in this post are slightly abridged and edited from a live event hosted by the Oasis community. Click here to watch a recording of the conversation.
What was your engineering background before Oasis? Why did you join?
Kos: There are a few different things to note here, actually. At one point in my career, I was working a lot on various systems programming things and developing software for routing and management of wireless mesh networks, which was an early passion for me. I was also developing firmware for embedded devices. I also did my PhD in the area of sybil-resistant decentralized routing protocols based on social graphs.
Around this time, my interest in and learning about decentralization and blockchain started. Together with Tadej, I was working on bioinformatics software that was based around supporting a dataflow computation engine for bioinformatic pipelines. And dataflow was actually one of the reasons how I got to know Prof. Dawn Song.
Initially, Prof. Song and I were working together on a very different project at the time. It was a dataflow-based no-code web authoring platform. This was a way for non-programmers to quickly build web applications. And this initial collaboration also resulted in me working on things like deep learning models and looking into adversarial examples and data extraction in various AI models. Those were the early days.
Finally, before Oasis, there was joint work I was involved in around using SGX for differential privacy pipelines and the early Ekiden platform, which actually served as a starting point for the Oasis Network in a way. From then on, my work has focused on building Oasis.
What are you currently building at Oasis?
Kos: My official title is Director of the Oasis Foundation. But I’m also the technical lead for Oasis Core, so basically, I’m making sure that things don’t break. And a lot of exciting things are happening at Oasis.
Earlier this year we launched Oasis Sapphire, the first confidential EVM platform that can support flexible privacy in a developer-friendly and user-friendly way. So, this basically means accessing privacy without the requirement of learning advanced cryptography. That’s our goal.
Our current focus is to make Sapphire and the surrounding ecosystem more prominent. We want to build up the whole ecosystem and showcase good use cases for the platform, which can also serve as examples and starting points upon which developers can build cool dApps.
Based on feedback from other ecosystem developers, we are also adding runtime improvements to reduce friction and facilitate compatibility with common cryptographic primitives that are often used in Web2, like zero-knowledge proof verification and others.
We also want to bring value to other existing ecosystems so that Sapphire is not a closed ecosystem only for the Oasis Network. These tools in the Oasis ecosystem can bring immense value to other ecosystems like Ethereum through the Oasis Privacy Layer (OPL), for example, which allows existing dApps to leverage Sapphire's confidentiality features without the need to move from their home ecosystem. Also, to further improve the developer and user experiences, we are exploring support for Ethereum light clients and off-chain attested compute committees to reduce latency and further increase decentralization.
Of course, the most immediate project for us is the upcoming Mainnet upgrade, which contains many changes and is currently being tested on the Oasis Testnet.
What are some of the technical challenges behind the scenes of building Oasis?
Kos: One of the main challenges we focus on is making sure our systems are robust and secure enough when they are released in production. This is especially the case when engineers deal with blockchains where you cannot easily revert something if it goes wrong – it might be too late, so this is important. Even more so when dealing with confidential systems, the most important thing for any engineer is making sure something doesn’t break irrevocably.
The main mitigation for these risks are principles like security mindedness for the entire engineering team. This means knowing how all the moving parts of a complex system work together and identifying any potential problems in advance. Also, this means adding multiple layers of tests, which help to mitigate these risks. We are constantly making sure that these are part of our engineering culture at Oasis.
What excites you most about the place Oasis has in Web3’s future?
Kos: The most exciting thing for me is Oasis technology unlocking cool use cases in Web3 that were not possible without confidentiality – without our technology.
Smart contracts that control secrets and have access to secure randomness make it possible to enable very cool things everywhere in Web3, like more seamless account abstraction, various gaming experiences, and easily integrating with Web2 technologies and other off-chain systems. These Web2 things include private AI models and large data stores. With confidentiality, engineers can connect these offchain things to onchain smart contracts and other entities. Another added benefit is enabling better, easier and faster interoperability within Web3 applications and protocols.
These are the sorts of things that excite me and that I think about regarding Oasis’ role in the future.
What advice do you have for engineers looking to join Web3?
Kos: I would just say to be curious. One nice thing about Web3 is that there are a lot of cool technical challenges that still need to be addressed. These challenges are just waiting for new ideas and approaches. It's not about programming languages or frameworks, but rather having a security and problem solving mindset. And this is true in general for engineering, but especially in Web3.
Keeping an open mind and exploring everything is a good guiding principle for engineers. Start with a small side project – something that you care about – and building it from the ground up is a good way to learn, even if the project is simple.
What’s the biggest challenge to winning the fight for mainstream privacy online?
Kos: I think the biggest challenge is making privacy in Web3 very user-friendly and developer-friendly, and doing it enough so that people don't need to think twice before using it. A good example of this is with HTTPS in Web2. It’s just there and it just works.
If we achieve this in Web3, it will be a big step forward to mainstream privacy adoption. It is also important to realize that privacy is not black and white. It’s a spectrum, so there needs to be flexibility for the wide spectrum of use cases. That’s what we at Oasis call Smart Privacy.
Oasis in particular are well positioned to overcome some of these challenges and bring usable privacy tools to the mainstream.