Beacon Maps

Technical White Paper

Mar 20, 2023
Juan Soberanis

Overview

Beacon, an end-to-end encrypted location sharing app, has over 20,000 monthly active users. This proposal is to expand Beacon to Beacon Maps, an equitable consumer map app built on Solana that shares revenue with map contributors. It will utilize privacy-protecting HERE Technology maps to provide POI, directions, and navigation.

The Problem: Surveillance Capitalism

Shoshana Zuboff defines surveillance capitalism as “the unilateral claiming of private human experience as free raw material for translation into behavioral data.”

Wikipedia contributors go on to explain why surveillance capitalism is one of the most critical problems we face today. “Increased data collection may have various advantages for individuals and society such as self-optimization (Quantified Self), societal optimizations (such as by smart cities) and optimized services (including various web applications). However, as Capitalism has become focused on expanding the proportion of social life that is open to data collection and data processing, these may come with significant implications for vulnerability and control of society as well as for privacy.”

While surveillance capitalism can seem like an intractable problem, it has created pent up demand for alternative solutions that preserve privacy and empower users. The rise of blockchain and companies like DuckDuckGo, Brave, Signal, and Telegram serve as proof points in the market.

The trustless nature of Solana brings new possibilities for digital ownership and control. Where user data is currently hidden and siloed on corporate servers, Solana can provide trustless proof of data ownership. Coupled with on-chain and off-chain protocols for data management, users will have leverage over how their data is used and at what price. In short, companies are now in a position to offer users a better deal.

Current State of Maps

Existing digital maps provide great value to users. They deliver tiles, directions, navigation, and place discovery. They stay up-to-date on fast-changing physical world information, which is a sophisticated and expensive effort. They provide reliable, best-in-class user experiences at scale. Unfortunately, as our digital information becomes more ubiquitous and valuable, they also pose a threat to our privacy and sovereignty.

Google, Apple, and Yelp are estimated to soon generate $15 billion annually from their maps. Nearly all of that revenue comes from place search advertisements and the main driver of effective place search comes from user generated content such as ratings, reviews, and photos. Users who have contributed to the maps and created massive value, however, get no revenue in return nor do they have control over how their data is used.

Beacon Maps: An Equitable Map

Solana provides a trustless platform that can be used to solve these problems. The starting position is that all data generated by a user is owned by the user. In a free market, ownership of data entails the right to decide how it can be used and at what price. The challenge is how to organize and govern a large set of data that is owned by a large and disparate group of people (the users) in an effective and equitable way.

The problem is complicated by the fact that many companies that derive material revenue from user generated data do so in a symbiotic relationship with its users. That is, the value of the user data is greatly diminished without the application and the value of the application is greatly diminished without the user data. Therefore, providing a market of user data where price and terms are determined by open bidding would be of little to no benefit.

Given these challenges, this white paper details a technical approach to creating a map that is equitable to both company and users. We cover tokenization of user data, independent access and control over that data, and an on-chain protocol for managing privacy consent. How users organize and share revenue are outside the scope of this project, but continue to be developed internally.

Tokenized Place Reviews

Tokenized place reviews use a general purpose protocol that we’ve designed to safeguard user data ownership and control. The protocol does not put any requirements on where or how the data is stored and does not require authentication outside of wallet ownership. Assurance that the data provider conforms to the protocol must be done through licensing terms or other legal means.

An NFT will be created for each place review created by users as proof of ownership. The application server will provide a URI for each NFT as external_url. Authorized HTTP GET, PUT, and DELETE requests must be available on external_url.

Each resource associated with an NFT will contain a reference back to that NFT. When a GET, PUT, or DELETE is requested on the resource, it must have the following URL format.

<external_url>?signature=<wallet_signature>

where wallet_signature is the signature from signing external_url as a message encoded by the wallet. The application server is responsible for validating that the HTTP request has been signed by the owner of the NFT.

Self-custodial Privacy Consent

Overview

Users and the companies that rely on their data are in a symbiotic relationship. Features, reliability, and performance can be greatly improved with access to user data. Users are, therefore, incentivized to share some of their data to take advantage of these benefits. On the other hand, there are few to no limitations today on what companies can do with that data.

Since users own their data, they have the right to decide how that data is used and at what price. It follows that they must be able to have individual control over what data a company collects and how it can be used. The company, on the other hand, retains the right to reduce services or increase pricing depending on user privacy consent choices.

Disclosure and privacy consent will be done in a self-custodial and programmatic fashion using an on-chain protocol to ensure control remains in the hands of the user.

Privacy NFTs

To enable communication and control between Solana and the application server, a privacy NFT will be created for each user account that is associated with a wallet. The main function of this NFT is to provide self-custodial privacy consent management.

The privacy NFT will contain the following attributes (JSON Schema).

{

   "external_url": {

       "type": "string"    // URL to the JSON disclosure document

   },

   "privacy_consent": {

       "type": "object",

       "additionalProperties": {

           "type": "string",

           "enum": ["granted", "denied", "denied_permanently"]

       }

   }

}

external_url

The external_url property is set by the application server when a Solana wallet is associated with it. Sending an HTTP GET request to this URL will return a Disclosure json document, which defines what data is being collected and why. As with tokenized place reviews, GET requests must contain a signature query parameter for independent authorization.

privacy_consent

privacy_consent is a Consent json document that is set by the user to control which items in the Disclosure document the user consents to.

Flow of Control

Disclosure Schema

{

 "$id": "https://beacon.site/iucp_disclosure.schema.json",

 "$schema": "https://json-schema.org/draft/2020-12/schema",

 "title": "Disclosure",

 "type": "object",

 "additionalProperties": {

   "type": "object",

   "properties": {

     "description": {

       "type": "string"

     },

     "data_collected": {

         "type": "array",

         "items": {

             "type": "object",

             "properties": {

                 "type": {

                     "type": "string",

                     "enum": ["name", "birthday", "gender", "phone_number", "location", "other"]

                 },

                 "description": {

                     "type": "string"

                 }

             }

         }

     },

     "category": {

       "type": "string",

       "enum": ["essential", "functionality", "analytics", "machine_learning", "relicensing"]

     },

     "consent": {

         "type": "string",

         "enum": ["granted", "denied", "denied_permanently"]

     }

   }

 }

}

Consent Schema

{

   "$id": "https://beacon.site/iucp_consent.schema.json",

   "$schema": "https://json-schema.org/draft/2020-12/schema",

   "title": "Consent",

   "type": "object",

   "additionalProperties": {

       "type": "string",

       "enum": ["granted", "denied", "denied_permanently"]

   }

}

Beacon Privacy Consent

Disclosure

{

   "essential": {

       "description": "Phone number and name are necessary to create and operate an account.",

       "data_collected" : [

           {

               "type": "phone_number",

               "description" :""

           },

           {

               "type": "name",

               "description" :""

           },

       ],

       "category": "essential",

       "consent": "granted"

   },

   "analytics": {

       "description": "Anonymized usage data for analytics.",

       "data_collected" : [

           {

               "type": "other",

               "description" :"Anonymized usage data"

           },

       ],

       "category": "analytics",

       "consent": "denied"

   }

}

Default Consent

{

   "essential": "granted",

   "analytics": "denied"

}

Milestones

Milestone 1

Grant Funding: $14,000

Adoption: 5k MAU

• Open source the Beacon Maps code

• Replace Google Maps with Here maps for improved privacy and compatible licensing terms.

• Move sign up wall to appear only on initiation of location sharing

Milestone 2

Grant Funding: $14,000

Adoption: 8k MAU

• Solana wallet integration

• Tokenized place reviews

Milestone 3

Grant Funding: $14,000

Adoption: 15k MAU

• Privacy NFT

• Self-custodial privacy consent