Threshold Proxy Re-encryption (TPR) is a decentralized mechanism that enables secure and distributed data sharing while maintaining privacy and access control. With TPR, a group of participants collectively controls access to encrypted data and delegates the ability to re-encrypt the data to proxies. By providing the encrypted data and corresponding threshold re-encryption key to selected proxies, users can selectively share data with specific parties. The proxies perform re-encryption operations, transforming the data into a format that can be decrypted by the intended recipients. TPR eliminates the need for direct communication between data owners and recipients, providing a flexible and controlled approach to data sharing in a decentralized manner.

Insaanity's architecture for TPR consists of Insaanity-Proxy nodes, which act as intermediaries between data owners and consumers. These nodes handle re-encryption operations and enforce access policies on behalf of data owners. Each proxy node, operated by an independent operator, has a unique cryptographic key pair. Data owners encrypt and securely store their data in distributed storage, while data consumers interact with the Proxy Re-encryption API provided by the proxy nodes to request access to encrypted data. The proxy nodes validate access requests against defined access policies and perform re-encryption to make the data accessible to authorized consumers.

The key features of the protocol include the verifiability of keys and the correctness of transformations, ensuring the authenticity and validity of re-encryption operations. Additionally, the protocol enables recipients of re-encrypted data to validate the authenticity of the transformation process. It also provides mechanisms to identify misbehaving participants, facilitating accurate slashing for misconduct. In summary, Insaanity's TPR protocol offers a decentralized and privacy-preserving solution for secure data sharing, ensuring verifiability, correctness, transformation authorization, and fault identification to enhance the overall security and trustworthiness of the system.