feat(edge): Add Plaid local learning system for browser-based financial intelligence #99
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…al intelligence Implements a privacy-preserving financial learning system that runs entirely in the browser using WebAssembly. Key features: - PlaidLocalLearner: Browser-local ML engine with IndexedDB persistence - Q-learning for budget optimization and spending recommendations - HNSW vector index for semantic transaction categorization - Spiking neural network for temporal pattern recognition - Anomaly detection for unusual transaction flagging - Zero data exfiltration - all learning stays client-side Components: - examples/edge/src/plaid/mod.rs: Core Rust learning algorithms - examples/edge/src/plaid/wasm.rs: WASM bindings for browser - examples/edge/pkg/plaid-local-learner.ts: TypeScript API wrapper - examples/edge/pkg/plaid-demo.html: Interactive demo page - examples/edge/docs/plaid-local-learning.md: Comprehensive documentation Privacy guarantees: - Financial data never leaves the browser - Optional AES-256-GCM encryption for IndexedDB storage - User can delete all data instantly - No analytics, telemetry, or tracking
…g verification Implements ZK proofs that allow users to prove financial statements without revealing actual numbers. Key features: - Bulletproofs-style range proofs (no trusted setup required) - Pedersen commitments to hide actual values - Proof types: income, affordability, savings, overdraft, debt ratio - Complete rental application proof bundle - All proof generation runs in browser WASM Components: - examples/edge/src/plaid/zkproofs.rs: Core ZK proof system - examples/edge/src/plaid/zk_wasm.rs: WASM bindings for browser - examples/edge/pkg/zk-financial-proofs.ts: TypeScript API - examples/edge/pkg/zk-demo.html: Interactive demo Use cases: - Rental applications: Prove income ≥ 3× rent without revealing salary - Loan pre-qualification: Prove DTI ratio without revealing debts - Employment verification: Prove minimum salary without exact pay - Account stability: Prove no overdrafts without transaction history Privacy guarantee: Verifier mathematically CANNOT extract actual numbers from the proof - only learns whether statement is true or false.
Security Fixes: - Remove blinding factor from Commitment struct (was leaking secrets) - Add per-installation unique salt for key derivation (was hardcoded) - Add prominent security warnings to zkproofs.rs (demo-only crypto) - Document that ZK implementation is for API demonstration only Performance Fixes: - Fix memory leak: category_embeddings now uses HashMap instead of Vec - Add LRU-style eviction at 10k embeddings capacity - Prevents unbounded memory growth that would crash browser Code Quality: - Add max_embeddings configuration option - Better documentation for data structures - Add security audit report and optimization guides⚠️ IMPORTANT: The ZK proof cryptography is simplified for demonstration. For production use, replace with bulletproofs, curve25519-dalek, merlin crates.
…ial proofs - Add production crypto: bulletproofs 5.0, merlin 3.0, subtle 2.5, lazy_static - Implement zkproofs_prod.rs with real Ristretto255 Pedersen commitments - Add constant-time operations via subtle crate for side-channel resistance - Create zk_wasm_prod.rs with WASM bindings for browser-based ZK proofs - Fix bit size calculation (Bulletproofs requires power-of-2: 8, 16, 32, 64) - Fix memory leak: use rand crate instead of getrandom for non-wasm Security improvements: - Real cryptographic Bulletproofs (not demo hashing) - Fiat-Shamir transcripts via Merlin for non-interactive proofs - Constant-time comparison to prevent timing attacks - Proof expiration and integrity verification All 7 production ZK tests pass.
… proofs Security Fixes: - CRITICAL: Add zeroize on drop for FinancialProver to prevent memory extraction - HIGH: Fix WASM type import (ProdVerificationResult -> VerificationResult) - MEDIUM: Add input validation for zero rent/multiplier/budget values - Use checked_mul instead of saturating_mul for overflow detection Performance Optimizations: - Reduce generator memory from 16 MB to 8 MB (1-party vs 16-party) - Add zeroize dependency (1.8) for secure memory clearing Documentation: - Add comprehensive ZK performance analysis docs - Add benchmark suite for criterion testing - Add optimization quick reference and examples All 7 production ZK tests pass.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implements a privacy-preserving financial learning system that runs entirely
in the browser using WebAssembly. Key features:
Components:
Privacy guarantees: