berkus
/
wifi-densepose
mirror of https://github.com/ruvnet/wifi-densepose.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
wifi-densepose/docs/research
History
rUv 28d97e8f6a
adr-106: differential privacy + biometric primitive isolation for federation (#718) 
Direct extension of ADR-105. Closes both items deferred from ADR-105:
(1) member-inference defence, (2) biometric primitive isolation
enforcement.

Three-layer defence:
1. PRIMITIVE ISOLATION (R15 binding) -- API-level tagging of on-device-
   only tensors. Compile-time error when  tagged tensors are passed
   to submit_delta().
2. GRADIENT CLIPPING (Abadi 2016) -- per-sample L2 norm <= C (default
   C=1.0) before delta computation.
3. GAUSSIAN NOISE (DP-SGD) -- N(0, sigma^2*C^2*I) added to aggregated
   LoRA delta before transmission.

Privacy budget via Moments Accountant (delta=1e-5):
- Conservative (medical-grade): sigma=1.5, 50 rounds, epsilon=2.0
- Standard (typical RuView):    sigma=1.0, 100 rounds, epsilon=5.0
- Lenient:                      sigma=0.5, 100 rounds, epsilon=8.0

On-device-only primitive list (R15-binding):
- Raw CSI window
- Gait stride frequency
- Breathing rate (per-subject)
- HRV rate signature
- RCS frequency response curve
- Limb timing vector
- Per-subject embedding centroid

Implementation budget: +300 LOC on top of ADR-105's 500 LOC = total
~800 LOC ruview-fed crate. 3-week effort estimate.

Composes:
- R3: Layer 1 blocks per-subject embedding centroid transmission
- R7: mincut compatible with DP-noised deltas (operates on noised graph)
- R12/R13 negative results: informed the noise-vs-structure-detection
  design choice (treat adversarial deltas as outliers from noisy
  distribution, not structural-detection problem)
- R14: privacy framework now has formal (epsilon, delta) backing
- R15: requirements basis = on-device-only primitive list made executable
- ADR-105: DP-SGD slots into step 4 of federation protocol

Closes the privacy story: R3 + R14 + R15 + ADR-105 + ADR-106 = complete
chain from physics (R6) -> embeddings (R3) -> personalised features (R14)
-> trained how (ADR-105) -> defended how (R7) -> privacy-bounded how
(ADR-106).

Honest scope:
- sigma values are recommendations, not measurements (per-cog tuning needed)
- (epsilon, delta)-DP is worst-case bound; auxiliary info changes practical leakage
- Moments Accountant is conservative
- Subject-level DP not formalised (household of 4 = K=4 subjects)
- Side-channel timing leaks out of scope (future ADR)

Explicitly deferred:
- ADR-107: cross-installation federation w/ secure aggregation

Coordination: ticks/tick-15.md, no PROGRESS.md edit.
 		2026-05-22 02:48:16 -04:00
..
architecture docs(research): three-tier Rust node design + 2026-Q2 SOTA survey + decision tree 2026-04-25 20:41:14 -04:00
arena-physica feat: ADR-069 ESP32 CSI → Cognitum Seed RVF pipeline (v0.5.4-esp32) 2026-04-02 19:32:18 -04:00
neural-decoding feat: ADR-069 ESP32 CSI → Cognitum Seed RVF pipeline (v0.5.4-esp32) 2026-04-02 19:32:18 -04:00
quantum-sensing feat(nvsim): full simulator stack — Rust crate, dashboard, server, App Store, Ghost Murmur [ADR-089/090/091/092/093] 2026-04-27 12:41:01 -04:00
rf-topological-sensing chore(repo): rename rust-port/wifi-densepose-rs → v2/ (flatten to one level) (#427) 2026-04-25 21:28:13 -04:00
sota docs(research): three-tier Rust node design + 2026-Q2 SOTA survey + decision tree 2026-04-25 20:41:14 -04:00
sota-2026-05-22 adr-106: differential privacy + biometric primitive isolation for federation (#718) 2026-05-22 02:48:16 -04:00
sota-surveys feat: ADR-069 ESP32 CSI → Cognitum Seed RVF pipeline (v0.5.4-esp32) 2026-04-02 19:32:18 -04:00