A Blockchain-Based Privacy-Preserving Auditable Data Structure Framework

Every digital process needs to consume some data in order to work properly. It is very common for applications to rely on external data sources, such as APIs. When data is not self-generated, the reliability of both the external data source and its produced data cannot be taken for granted. Therefore, ensuring the trustworthiness and verifiability of the received data is paramount. While authenticated data structures are commonly used to establish trust by authenticating the data source and generating proofs of data authenticity or integrity, they fall short in use cases like data notarization that require also verification of data history and its consistency. This problem seems to be unaddressed by current literature, which proposes some approaches aimed at executing audits by internal actors with prior knowledge about the data structures. In this paper, we analyze the terminology and the current state of the art of the auditable data structures, then we propose a general framework that makes use of a public blockchain as trusted anchor for notarizing data, thereby supporting privacy-preserving audits from both internal and external entities without prior data knowledge. A detailed description of the framework implementation, alongside with experimental results, is provided, showing the effectiveness of our framework in terms of proof generation and evaluation.