RFP: Private Reads / RPC Privacy

Why It Matters

• Metadata leakage is the "silent killer" of institutional privacy
• Query patterns can reveal more than transaction data (positions, limits, counterparties)
• Institutions often have strict internal rules about data access trails
• Aligns with PSE roadmap emphasis on "private reads" (ORAM/PIR research)

Scope

In-Scope

• Design space analysis for private read approaches:
  • ORAM (Oblivious RAM) for state access
  • PIR (Private Information Retrieval) for queries
  • TEE-based private RPC (with explicit trust analysis)
  • Mixnet/anonymization layers
• Benchmark harness for institutional query patterns:
  • Portfolio valuation (read-heavy, multiple token balances)
  • Eligibility checks (KYC gating, accreditation status)
  • Risk checks (position limits, concentration)
• "What leaks where" analysis:
  • IP address correlation
  • Timing analysis
  • Query volume patterns
  • Address clustering risks
• Minimal prototype for at least one approach

Out-of-Scope

• Full production implementation
• Network-level anonymity (Tor, mixnets) — mention but don't build
• Transaction privacy (covered by other patterns)

Deliverables

• Design space document comparing ORAM/PIR/TEE approaches
• "What leaks where" threat model for institutional RPC usage
• Benchmark harness for private read latency/throughput
• Minimal prototype (ORAM proxy or TEE-based RPC)
• Recommendations for institutional deployment

Dependencies

Requires:

• PSE ORAM/PIR research context
• Understanding of institutional query patterns

Enables:

• Complete privacy story (reads + writes)
• Input to custody and compliance workflows
• Foundation for "private RPC" infrastructure

See Also

• PSE Roadmap: Private Reads
• Pattern: Private Transaction Broadcasting
• Pattern: TEE-Based Privacy