Ongoing Work

Co-Founder and CTO

Oasis Labs is building a new platform to use data without liability, easily comply with new regulations, and collaborate on shared data without risking privacy or losing control. With Oasis Labs’ tools your company can confidently share and analyze sensitive data without the risk of accidental leaks or violating privacy.

The foundation also supports the Oasis Network, a layer-1, proof of stake, blockchain that leverages secure computing techniques like secure enclaves to keep data private, and a cutting-edge architecture designed for scalability.

wwwCompany Website, wwwFoundation Website, codeGitHub

Selected Press:

Talek: Private Group Messaging with Hidden Access Patterns
UW Networks Lab - Raymond Cheng, Will Scott, Elisaweta Masserova, Irene Zhang, Vipul Goyal, Tom Anderson, Arvind Krishnamurthy, Bryan Parno,

Talek is a private group messaging system that sends messages through potentially untrustworthy servers, while hiding both data content and the communication patterns among its users. Talek explores a new point in the design space of private messaging; it guarantees access sequence indistinguishability, which is among the strongest guarantees in the space, while assuming an anytrust threat model, which is only slightly weaker than the strongest threat model currently found in related work. Our results suggest that this is a pragmatic point in the design space, since it supports strong privacy \emph{and} good performance.

Published in ACSAC 2020. pdfArxiv, pdfCryptology ePrint, texBibTeX

Mature Projects

Ekiden: A Platform for Confidentiality-Preserving, Trustworthy, and Performant Smart Contracts
UC Berkeley Security Research Lab - Raymond Cheng, Fan Zhang, Jernej Kos, Warren He, Nick Hynes, Noah Johnson, Ari Juels, Andrew Miller, Dawn Song,

Smart contracts are applications that execute on blockchains. Today they manage billions of dollars in value and motivate visionary plans for pervasive blockchain deployment. While smart contracts inherit the availability and other security assurances of blockchains, however, they are impeded by blockchains’ lack of confidentiality and poor performance.

We present Ekiden, a system that addresses these critical gaps by combining blockchains with Trusted Execution Environments (TEEs). Ekiden leverages a novel architecture that separates consensus from execution, enabling efficient TEE-backed confidentiality-preserving smart-contracts and high scalability. Our prototype (with Tendermint as the consensus layer) achieves example performance of 600x more throughput and 400x less latency at 1000x less cost than the Ethereum mainnet.

Published in IEEE European Symposium on Security and Privacy (EuroS&P) 2019
Commercialized at Oasis Labs
pdfIEEE, pdfArxiv, texBibTeX

Share Your Pathway to the Internet
UW Networks Lab and Jigsaw
uProxy is a browser extension that lets users share alternative more secure routes to the Internet. It’s like a personalized VPN service that you set up for yourself and your friends. uProxy helps users protect each other from third parties who may try to watch, block, or redirect users’ Internet connections.
wwwWebsite codeGitHub
Google E2E

For more up-to-date product information, check out the

website and GitHub

Diamond: Automating Data Management and Storage for Wide-area Reactive Applications.
UW Systems Lab - Irene Zhang, Niel Lebeck, Pedro Fonseca, Brandon Holt, Raymond Cheng, Ariadna Norberg, Arvind Krishnamurthy, Henry Levy,
Diamond is a new data management system for wide-area, reactive applications. Reactive applications give users the illusion of continuous synchronization across mobile devices and the cloud server. Diamond simplifies this task by providing applications with persistent cloud storage, reliable synchronization between storage and mobile devices, and automated execution of application code in response to shared data updates.
Published in 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI) 2016
pdfPDF1, pdfPDF2, pdfSlides, texBibTeX
wwwWebsite codeGitHub

Radiatus: a Shared-Nothing Server-Side Web Architecture
UW Networks Lab - Raymond Cheng, Will Scott, Paul Ellenbogen, Jon Howell, Franzi Roesner, Arvind Krishnamurthy, Tom Anderson,
Radiatus is a decentralized web framework for designing more secure web apps. In Radiatus, all application-specific computation running on the server is executed within a sandbox with the privileges of the end-user. By strongly isolating users we protect user data and service availability from application vulnerabilities.
Published in ACM Symposium on Cloud Computing (SOCC) 2016
pdfPDF1, pdfPDF2, texBibTeX
wwwWebsite codeGitHub

a New Baseline for the Web
UW Networks Lab - Will Scott, Raymond Cheng, Arvind Krishnamurthy, Tom Anderson,
freedom.js is a web framework for building peer-to-peer (P2P) web apps. Easily create social applications that work in modern web browsers, Chrome packaged apps, Firefox extensions, node.js, and native mobile apps. freedom.js apps are just JavaScript, so they can be distributed as packages on an app store or hosted on static web servers. We’re bringing peer-to-peer back, baby.
wwwWebsite, codeGitHub
UW CSE Tech Report: pdfPDF1, pdfPDF2, texBibTeX
Hotnets XI: pdfPDF1, pdfPDF2, pdfPDF3, texBibTeX

BladeDroid: User scripting on Android
UW Networks Lab - Ravi Bhoraskar, Michael Ernst
BladeDroid is a system enabling user customization of Android applications, using a novel combination of bytecode rewriting and dynamic class loading. Similar to browser extensions, BladeDroid allows arbitrary customization of Android apps, such as ad-blocking.
APSYS 2014
PDF, Slides, [BibTeX]

Unblock: Towards Blocking-Resistant Network Services
UW Networks Group - Will Scott, Arvind Krishnamurthy, Tom Anderson
Unblock is a privacy preserving overlay network, constructed from an augmented social graph. By leveraging the unique properties of trusted social links, Unblock performs multi-path and multi-hop routing over the social network, providing better performance and routing around failures to support a web browsing workload.
Technical Report (UW CSE) [BibTeX]
Project Webpage

SolocoRank: Social Signals for Local Search Quality
Google - Michael Schueppert, Hila Becker, Mayur Thakur
SolocoRank is a new ranking algorithm that leverages social media to rank
physical establishments such as restaurants and bars.
Technical Report (UW CSE), [BibTeX]

Kineograph: Taking the Pulse of a Fast-Changing and Connected World
Microsoft Research Asia, Systems Research Group - Lidong Zhou, Fan Yang
Kineograph is a new graph computation engine, optimized for processing
real-time social data. Our goal was to enable real-time applications
(such as user ranking and approximate shortest paths), such that new data
is reflected in the computed results within a couple minutes.
Microsoft Research Project Page
Published in Eurosys 2012
PDF, Slides, [BibTeX]

A Secure Peer-to-Peer Communications Platform
MIT CSAIL, PDOS - Prof. Kaashoek, Chris Lesniewski-Laas
WhanauSIP is a peer-to-peer VoIP communications platform that requires no centralized infrastructure. Instead, it uses the Whanau DHT to provide a Sybil-proof rendezvous mechanism among users, securing the system from a variety of attacks.
MIT Master’s Thesis
PDF, [BibTeX], GitHub

Solar Printer
MIT Media Lab, Tangible Media Group - Dr. Fletcher
The Solar Printer is an entirely self-sufficient printer system for the developing world. The system was designed to be low-powered and continuously operable using solar panels. Instead of using ink, the printer magnified sunlight to burn characters into photochromic paper.
Website, YouTube


Fuzhou Food
Fuzhou Food is a blog of recipes, assembled from family and friends from the Fuzhou, Fujian area of China. One of the 8 culinary cuisines of China, Fujian food is light, soft, and flavorful, featuring a wide range of seafood and soups.

Kingdom is an intelligent personal assistant, written to run locally on Node.js. All plugins, including speech recognition, are run locally. This way, you don’t need to send your voice data to the cloud to get simple things done.

Take Turns, Sally. WTF?
Take Turns, Sally is a meeting queue system for speaking order. Everyone opens up the app from their computer/smartphone and joins a common room. Select 1 leader and begin queuing up to speak.

File Drop lets you easily share files with your friends. Just drop the file into the page and your browser immediately become a server for that file. Share your unique URL to serve that file to friends directly in true P2P fashion.
GitHub Terminal
In 2008, before the days of Google powered by knowledge graph and Mozilla Ubiquity, I designed a website that reflected my favorite computing environment, a console interface. RAy SHell = RASH. It’s modular, simple, clean, requires no JavaScript, and certainly not for the faint-of-heart. Written entirely in server-side PHP. Discontinued as of 2013.