Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PMT-Explainer] Update Private model training explainer. #1407

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

[PMT-Explainer] Update Private model training explainer. #1407

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
037aa64
explainer change
HabibiYou Mar 10, 2025
088a676
typo
HabibiYou Mar 10, 2025
c486d3f
small addition
HabibiYou Mar 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 21 additions & 8 deletions PA_private_model_training.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,9 @@ function reportWin(...) {
modelingSignalsConfig: {
destination: "https://ad-tech.example/id=123",
aggregationCoordinatorOrigin: "...",
payloadLength: 256, // payload will be padded with null bytes
// payload will be padded with null bytes.
// Maximum payloadLength allowed is 10000
payloadLength: 256,
}, // Extensible for future configs (e.g. for Private Aggregation API)
});
} else {
Expand All @@ -65,22 +67,20 @@ function reportAggregateWin(aggregateWinSignals, modelingSignalsConfig, <reportW
let processedModelingSignals = process(aggregateWinSignals);

// Will POST the encypted modeling signals to the specified destination in modelingSignalsConfig.
// The format of this input is still TBD.
sendEncryptedModelingSignals(processedModelingSignals)
// The format of this input is an ArrayBuffer.
sendEncryptedTo(processedModelingSignals)

// The Private Aggregation API may be used here.
// The Private Aggregation API may be used here in the future.
}
```

## Payload format

The POST payload format is still up in the air and is subject to change with feedback. Currently we are considering encoding it in [CBOR](https://cbor.io/) with the following format:
The POST request payload will be encoded using [CBOR](https://cbor.io/) with the following format:

```javascript
{
// shared_info is used for privacy budgeting purposes, used as authenticated data in
// the encrypted payload. Similar to aggregatable reports in Private Aggregation API.
"shared_info": "<bytes>", // format unspecified for now, but likely nested CBOR
"shared_info": "<bytes>", //nested CBOR, more info below
"aggregation_coordinator_origin": "...",
"aggregation_service_payload": {
"payload": "<raw encrypted bytes>",
Expand All @@ -89,6 +89,19 @@ The POST payload format is still up in the air and is subject to change with fee
}
```

### Shared info
`shared_info` is used for privacy budgeting purposes, used as authenticated data in the encrypted payload. Similar to aggregatable reports in Private Aggregation API. `shared_info` will have the following format:

```javascript
"shared_info": {
"report_id": "...", // random UUID
"reporting_origin": "...", // URL that called reportWin()
"scheduled_report_time": 1741633200011 // Milliseconds since Unix epoch
"version": "1.0"
"api": "private-model-training"
}
```

# Training private models with `encryptedModelingSignals`

Just like in the Aggregation Service, we can support a query interface where encrypted reports are processed in a trusted server. Unlike Aggregation Service, the functionality provided by this Trusted Execution Environment (TEE) server will not compute aggregate histograms, but rather machine learning models.
Expand Down
Loading