Rosetta is a privacy-preserving framework built on TensorFlow, designed for AI practitioners who want to leverage sensitive data without deep cryptographic expertise. It enables the transformation of standard TensorFlow code into privacy-preserving computations using secure multi-party computation (MPC) and zero-knowledge proofs (ZKPs).

How It Works

Rosetta operates by intercepting and modifying the TensorFlow data flow graph. Native TensorFlow operations are replaced with "SecureOps," which are then executed by specialized backend kernels implementing cryptographic protocols like SecureNN, Helix, and Mystique. This approach decouples AI development from cryptography, allowing developers to focus on model building while Rosetta handles the underlying secure computation.

Quick Start & Requirements

• Installation: Clone the repository, install tensorflow==1.14.0, then build and install Rosetta using ./rosetta.sh compile --enable-protocol-mpc-securenn; ./rosetta.sh install.
• Prerequisites: Ubuntu 18.04, TensorFlow 1.14.0 (CPU-only). Windows is not supported.
• Configuration: Network topology must be configured for distributed communication.
• Resources: Requires setup of multiple communicating nodes.
• Documentation: Tutorials, Deployment Guide, User API.

Highlighted Details

• Integrates SecureNN and Helix protocols for 3-party MPC in the semi-honest model.
• Includes Mystique, an efficient ZKP protocol for secure inference on models like ResNet.
• Supports 128-bit integer data types via environment variable and compile flags.
• Minimal code changes required to adapt existing TensorFlow code.

Maintenance & Community

• Developed and maintained by LatticeX Foundation.
• Contributions are welcome under LPGLv3.
• Community support available via Slack.

Licensing & Compatibility

• Licensed under GNU Lesser General Public License v3.0 (LGPLv3).
• Permissive license suitable for commercial use and linking with closed-source applications.

Limitations & Caveats

• Currently limited to TensorFlow 1.14 and CPU execution.
• Windows OS is not supported.
• MPC protocols are secure in the semi-honest model, not the malicious model.