You may wish to build a protocol where third parties can asynchronously operate on user data. You may also want to have separation between the end app and the compute layer for legal or practical purposes. Finally, you may not want to store large payloads on client devices.
I'm giving you general reasons why this is the case. For our own app, we hope to build a protocol where third parties can operate async on user data (with consent).
Not at all. "S3" is only in the loop because that's what labs generally use. In production, when we have ongoing scale, we will not use S3 or anything like it to transfer data between labs and our infra, even if it means using sneakernet!
The whole point of our project is to keep people's data always under encryption so that nobody can sell the data even if they wanted to. Using MPC (and FHE) we ensure that nobody can decrypt your data without your permission.
You can also delete your data any time without needing any third party's permission using the latest versions of the libraries we use.
We are building all this go get away from the closed, exploitative model that 23andMe built. The way we are building our infra, our company could go out of business tomorrow and you'll still be able to use the protocol and have access to your data and insights.
Also, fun fact, genetic data from newborns is retained by the state in many industrialized countries. We need to get that data away from "trust me, bro" infrastructure to securing it using MPC and FHE.
Ok but the lab has access to the unencrypted data? You haven't removed the requirement that the user needs to trust the lab with their raw genome markers. This entire operation hinges on the lab's trustworthiness, does it not?
We are developing a solution that will allow cryptography for DNA molecules, allowing DNA to be secure in any lab. It fits well with Monadic's front end.
We address this point in the article. On the default path with existing rules and regulations some degree of trust in labs will always be required.
At-home sequencing could be a game changer.
The other reply also mentions molecular cryptography which could provide really strong anonymity and privacy guarantees. We hope to do a PoC accordingly some time in the neat future.
You're right about "anonymized" and "anonymous". We do point out avenues to reach anonymity.
The legalese is for informed consent since biological materials are involved, handling liability and pointing out that the exercise itself was experimental and an early step towards productionzation.
The physical token could be a UX nightmare and it could get expensive at scale. Using a more developed app which accept revocable public keys from the user might be more workable.
Think monad as in philosophy, less monad as in a programming burrito.
Our intention is to let each user be a self-contained, enclosed (through encryption) unit where they get insights tailored to their unique genome. At the same time, we want to aggregate data (securely and with consent) from all users to power medical and research findings.
It sort of also works in the programming monad sense as the data is always enclosed and encrypted and never "directly" operated on.
Open, secure personal genomics using fully homomorphic encryption.
With 23andMe bankrupt, I want to put out somewhere secure people can put their genomic data and receive insights. In a few months, I'll have a protocol in place to open up the data to third party apps (with user consent). The data does not have to be decrypted ever to be operated upon!
I recently posted about our first stab at this at https://vishakh.blog/2025/07/08/using-mpc-for-anonymous-and-....
We'll have a waitlist up pretty soon for people to sign up for a batch of private sequencing.
reply