Ongoing Work
Hypercerts Foundation
Head of Engineering
To solve the challenges we face this century, we need scalable and sustainable financing models for public goods that reward contributors for the positive impact they create.
Hypercerts are a new protocol for funding and rewarding positive impact. Every hypercert is a public claim on a discrete piece of work and impact resulting from that work. Projects can create hypercerts and distribute them to contributors. Funders can own hypercert fractions — and the rights that come with them. Impact evaluators can create value for projects and funders by assessing the quality of hypercerts and offering ratings.
Hypercerts create interoperability by serving as a single, open, shared, decentralized database for impact claims and funding mechanisms. This allows funders and projects to create a scalable, interoperable and transparent funding environment for innovative public goods.
MASQ Foundation
Co-Founder and President
The MASQ Foundation exists to build and support security and privacy for the public good. We research, engineer, and promote widely-accessible technologies that protect individual users’ security and privacy in both the digital and physical worlds.
Mature Projects
Founding Engineer, Head of Engineering
Plasmic is a visual builder for the web. Non-developers can build pages or parts of pages, and developers can integrate these into any website or app codebase.
The goal is to empower and unblock non-developers such as marketers and designers, while freeing up developers from pixel-pushing. Teams can thus move faster, iterate more, and ship higher quality products.
Plasmic as a page builder and “visual CMS” is its simplest and most common use case. Editors can create and update content in Plasmic without code, and publish this into their production site without needing to block on developers.
Beyond website content, Plasmic can even be used to create frontends for complex web applications (such as Plasmic itself, which was built in Plasmic). This is possible because—despite being easy to start with—Plasmic gives you full visual control and works deeply with code.
Co-Founder and CTO
Oasis Labs is building a new platform to use data without liability, easily comply with new regulations, and collaborate on shared data without risking privacy or losing control. With Oasis Labs’ tools your company can confidently share and analyze sensitive data without the risk of accidental leaks or violating privacy.
The foundation also supports the Oasis Network, a layer-1, proof of stake, blockchain that leverages secure computing techniques like secure enclaves to keep data private, and a cutting-edge architecture designed for scalability.
Company Website,
Foundation Website,
GitHub
Selected Press:
- Wired: “How a Startup is Using the Blockchain to Protect Your Privacy”
- WSJ: “Oasis Labs Building Cloud Computing on Blockchain With $45 Million”
- Forbes: “Big Hitter Crypto Funds Pile Into Privacy-Enhanced Smart Contract Startup Oasis Labs”
- MIT Technology Review: “Meet Oasis Labs, the blockchain startup Silicon Valley is buzzing about”
- New York Times: “How the Blockchain Could Break Big Tech’s Hold on A.I.”
Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts
UC Berkeley Security Research Lab -
Raymond Cheng, Fan Zhang, Jernej Kos, Warren He, Nick Hynes, Noah Johnson, Ari Juels, Andrew Miller, Dawn Song,
Smart contracts are applications that execute on blockchains. Today they manage billions of dollars in value and motivate visionary plans for pervasive blockchain deployment. While smart contracts inherit the availability and other security assurances of blockchains, however, they are impeded by blockchains’ lack of confidentiality and poor performance.
We present Ekiden, a system that addresses these critical gaps by combining blockchains with Trusted Execution Environments (TEEs). Ekiden leverages a novel architecture that separates consensus from execution, enabling efficient TEE-backed confidentiality-preserving smart-contracts and high scalability. Our prototype (with Tendermint as the consensus layer) achieves example performance of 600x more throughput and 400x less latency at 1000x less cost than the Ethereum mainnet.
Published in IEEE European Symposium on Security and Privacy (EuroS&P) 2019
Commercialized at Oasis Labs
IEEE,
Arxiv,
BibTeX
Talek: Private Group Messaging with Hidden Access Patterns
UW Networks Lab -
Raymond Cheng, Will Scott, Elisaweta Masserova, Irene Zhang, Vipul Goyal, Tom Anderson, Arvind Krishnamurthy, Bryan Parno,
Talek is a private group messaging system that sends messages through potentially untrustworthy servers, while hiding both data content and the communication patterns among its users. Talek explores a new point in the design space of private messaging; it guarantees access sequence indistinguishability, which is among the strongest guarantees in the space, while assuming an anytrust threat model, which is only slightly weaker than the strongest threat model currently found in related work. Our results suggest that this is a pragmatic point in the design space, since it supports strong privacy \emph{and} good performance.
Published in ACSAC 2020.
Arxiv,
Cryptology ePrint,
BibTeX
Share Your Pathway to the Internet
UW Networks Lab and
Jigsaw
uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It’s like a personalized VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections.
Website
GitHub
Google E2E
For more up-to-date product information, check out the
website and GitHub
Diamond: Automating Data Management and Storage for Wide-area Reactive Applications.
UW Systems Lab -
Irene Zhang, Niel Lebeck, Pedro Fonseca, Brandon Holt, Raymond Cheng, Ariadna Norberg, Arvind Krishnamurthy, Henry Levy,
Diamond is a new data management system for wide-area, reactive applications.
Reactive applications give users the illusion of continuous synchronization
across mobile devices and the cloud server. Diamond simplifies this task by providing
applications with persistent cloud storage, reliable synchronization between storage and mobile devices,
and automated execution of application code in response to shared data updates.
Published in 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2016
PDF1,
PDF2,
Slides,
BibTeX
Website
GitHub
Radiatus: a Shared-Nothing Server-Side Web Architecture
UW Networks Lab -
Raymond Cheng, Will Scott, Paul Ellenbogen, Jon Howell, Franzi Roesner, Arvind Krishnamurthy, Tom Anderson,
Radiatus is a decentralized web framework for designing more secure web apps.
In Radiatus, all application-specific computation running on the server is
executed within a sandbox with the privileges of the end-user.
By strongly isolating users we protect user data and service
availability from application vulnerabilities.
Published in ACM Symposium on Cloud Computing (SOCC) 2016
PDF1,
PDF2,
BibTeX
Website
GitHub
a New Baseline for the Web
UW Networks Lab -
Will Scott, Raymond Cheng, Arvind Krishnamurthy, Tom Anderson,
freedom.js is a web framework for building peer-to-peer (P2P) web apps. Easily create social applications that work in modern web browsers, Chrome packaged apps, Firefox extensions, node.js, and native mobile apps. freedom.js apps are just JavaScript, so they can be distributed as packages on an app store or hosted on static web servers. We’re bringing peer-to-peer back, baby.
Website,
GitHub
UW CSE Tech Report: PDF1,
PDF2,
BibTeX
Hotnets XI: PDF1,
PDF2,
PDF3,
BibTeX
BladeDroid: User scripting on Android
UW Networks Lab -
Ravi Bhoraskar,
Michael Ernst
BladeDroid is a system enabling user customization of Android applications,
using a novel combination of bytecode rewriting and dynamic class loading.
Similar to browser extensions, BladeDroid allows arbitrary customization
of Android apps, such as ad-blocking.
APSYS 2014
PDF,
Slides,
[BibTeX]
Unblock: Towards Blocking-Resistant Network Services
UW Networks Group -
Will Scott,
Arvind Krishnamurthy,
Tom Anderson
Unblock is a privacy preserving overlay network, constructed from an augmented social graph. By leveraging the unique properties of trusted social links, Unblock performs multi-path and multi-hop routing over the social network, providing better performance and routing around failures to support a web browsing workload.
Technical Report (UW CSE)
[BibTeX]
Project Webpage
SolocoRank: Social Signals for Local Search Quality
Google -
Michael Schueppert,
Hila Becker,
Mayur Thakur
SolocoRank is a new ranking algorithm that leverages social media to rank
physical establishments such as restaurants and bars.
Technical Report (UW CSE),
[BibTeX]
Kineograph: Taking the Pulse of a Fast-Changing and Connected World
Microsoft Research Asia, Systems Research Group - Lidong Zhou, Fan Yang
Kineograph is a new graph computation engine, optimized for processing
real-time social data. Our goal was to enable real-time applications
(such as user ranking and approximate shortest paths), such that new data
is reflected in the computed results within a couple minutes.
Microsoft Research Project Page
Published in Eurosys 2012
PDF,
Slides,
[BibTeX]
A Secure Peer-to-Peer Communications Platform
MIT CSAIL, PDOS - Prof. Kaashoek, Chris Lesniewski-Laas
WhanauSIP is a peer-to-peer VoIP communications platform that requires no centralized infrastructure.
Instead, it uses the
Whanau DHT
to provide a Sybil-proof rendezvous mechanism among users, securing the system from a variety of attacks.
MIT Master’s Thesis
PDF,
[BibTeX],
GitHub
Solar Printer
MIT Media Lab, Tangible Media Group - Dr. Fletcher
The Solar Printer is an entirely self-sufficient printer system for the developing world.
The system was designed to be low-powered and continuously operable using solar panels.
Instead of using ink, the printer magnified sunlight to burn characters into photochromic paper.
Website,
YouTube
Hacks
pm-tools
Issue trackers (e.g. GitHub issues, Jira, Shortcut, etc) are incredibly useful project-management tools for any team. However, they are proprietary closed systems, which means:
- Difficult to customize: Take it or leave it. As your team grows, your needs evolve. If the tool doesn’t satisfy your needs, you are left with trying to migrate.
- Annoying to transfer: Migrations are painful. They often require custom scripts and never fully capture all of the metadata from the original system.
- Proprietary: Open source code deserves open source project management. Projects should be able to move as easily as switching their git remote.
pm-tools is an open source project-management tool with the following goals:
- Portable: All of the data should exist in a git repository, like your code. In the future, we can consider using standard content management systems as well.
- Markdown-first: Users should be able to use any editor that supports Markdown, from vim to HackMD.
- Open-source tooling: Anyone should be able to build visually-rich functionality (like Gantt charts), as a front-ends to the data.
AutoDapp
AutoDapp helps developers use existing, mature web stacks to build decentralized apps (dApps), enabling them to switch between a centralized cloud deployment and a decentralized deployment with only a single line of code change. AutoDapp can also be used to instantly convert existing web apps into dApps. Let’s AutoDapp-ify the Web!
sql-proxy-rs
Programmable Postgres/MariaDB Proxy for Rust
Fuzhou Food
Fuzhou Food is a blog of recipes, assembled from family and friends from the Fuzhou, Fujian area of China.
One of the 8 culinary cuisines of China, Fujian food is light, soft, and flavorful, featuring
a wide range of seafood and soups.
https://www.fuzhoufood.com
Kingdom
Kingdom is an intelligent personal assistant, written to run locally on Node.js.
All plugins, including speech recognition, are run locally.
This way, you don’t need to send your voice data to the cloud to get simple things done.
GitHub
Take Turns, Sally. WTF?
Take Turns, Sally is a meeting queue system for speaking order. Everyone opens up the app from their computer/smartphone and joins a common room. Select 1 leader and begin queuing up to speak.
http://taketurns.sally.wtf
GitHub
FileDrop
File Drop lets you easily share files with your friends. Just drop the file into the page and your browser immediately become a server for that file. Share your unique URL to serve that file to friends directly in true P2P fashion.
http://filedrop.freedomjs.org
GitHub
RaymondCheng.net Terminal
In 2008, before the days of Google powered by knowledge graph and Mozilla Ubiquity,
I designed a website that reflected my favorite computing environment, a console interface.
RAy SHell = RASH. It’s modular, simple, clean, requires no JavaScript, and certainly not for
the faint-of-heart. Written entirely in server-side PHP. Discontinued as of 2013.
GitHub