Skip to content

COVA Protocol Overview

The Internet is only as smart as the data it carries. Right now, data is mindless, easily exposed and abused. Imagine a new Internet composed of Smart Data that remembers, keeps a secret, learns from its users, and is open for good. COVA contributes to the making of this new Internet.


Covalent is a new addition to the Internet protocol suite that specifies and enforces how data should be used. Under the Covalent protocol, data carries a "smart policy". Whereas a usual data usage policy is expressed in natural language and is only enforceable by law, a "smart policy" is specified in programming language and is enforceable by code.

In the process of solving the data access and secure, privacy preserving verifiable computation, COVA also found usable and practical solutions to these problems:

  1. A permissionless node exploring and joining algorithm for COVA Nodes
  2. A cryptographically secure private key storage system in the TEE nodes
  3. A distributed supercomputing system of TEE nodes which provide "trusted and verifiable" computing power


Covalent experiments with a "Hardware + Software" approach.

  • "Hardware" refers to the lower layer of "Trusted Execution Environments (TEE)". We first incentivize the creation of a network of TEE nodes which provides us with a scalable amount of "trusted" computing power. Having this "trusted" computing power allows us to make the important assumption about the program behavior of important "supervisor" programs. With this assumption, a much wider repertoire of tools for policy definition and enforcement becomes available to the upper layer.

  • "Software" refers to the upper layer of a Policy Specification Language (PSL) that specifies data usage policies in programming language and a Policy Enforcement Framework (PEF) that enforces the PSL through code. A reductive demo of the PSL + PEF setup is the implementation of usage policies commonly used in AI (e.g. that a patient’s CT Scan may be processed by an aggregate function and not rendered individually). We then work out a generalization where a wider range of data usage policies can be expressed and enforced.

System Arch