System Overview

LICEN is not a single application. It is five services that pass encrypted data and payment authorizations across trust boundaries.

The current hackathon build uses 0G Storage and 0G Chain directly and simulates the 0G Compute lifecycle. This is intentional: the public 0G fine-tuning path accepts a local dataset file or a 0G Storage dataset root hash, but does not currently expose the encrypted-input/key-release capability LICEN needs to guarantee that a private dataset is decrypted only inside the training TEE.

The production path is a 0G-compatible confidential compute node that adds attestation-gated key release on top of the 0G-style fine-tuning lifecycle.

The Five Services

┌─────────────────────────────────────────────────────────┐
│                      Web Application                     │
│  (Next.js · Publisher UI · Marketplace · Session Tracker)│
└────────────────────────┬────────────────────────────────┘
                         │ User actions (encrypt, publish, request)
                         ▼
┌─────────────────────────────────────────────────────────┐
│                   DataPolicy Contract                    │
│   (0G Chain · Usage-policy registry · Escrow · Settlement)│
└────────────────────────┬────────────────────────────────┘
                         │ AccessGranted events
                         ▼
┌─────────────────────────────────────────────────────────┐
│                    Envio Indexer                          │
│          (HyperIndex · GraphQL · Event streaming)         │
└────────────────────────┬────────────────────────────────┘
                         │ Granted job queue
                         ▼
┌─────────────────────────────────────────────────────────┐
│                     Orchestrator                          │
│  (Node.js · ECIES key custodian · 0G Storage · Dispatch) │
└────────────────────────┬────────────────────────────────┘
                         │ Fine-tuning task
                         ▼
┌─────────────────────────────────────────────────────────┐
│          0G-compatible Confidential Compute                │
│  (Demo simulation today · Attested provider node planned) │
└─────────────────────────────────────────────────────────┘

1. The Web Application

Built with Next.js and deployed on Vercel.

Publisher side:

Wallet connection via Privy (supports MetaMask, WalletConnect, or email/social login)
In-browser AES-256-GCM encryption — plaintext never leaves the user's machine
ECIES envelope generation (wraps the AES key with the Orchestrator's public key)
Uploads to 0G Storage via the @0gfoundation/0g-ts-sdk
Calls registerDataset() on the DataPolicy contract

Researcher side:

Marketplace view populated via Envio GraphQL
Session configuration (epoch count, cost calculation)
Calls requestAccess() on the DataPolicy contract, locking escrow

API routes (server-side):

/api/orchestrator/key-envelope — serves encrypted key envelopes to the Orchestrator (authenticated via ORCHESTRATOR_API_SECRET)

2. The DataPolicy Contract

DataPolicy.sol is the protocol's source of truth. Deployed on 0G Chain (Galileo Testnet).

Key state stored on-chain:

datasetRoot (bytes32) — Merkle root of the encrypted dataset
manifestHash (bytes32) — hash of the off-chain policy JSON
royaltyPerEpoch, maxEpochsPerRun, maxRunsPerRequester, accessTtlSeconds, policyExpiry, allowedPurposeIds — enforced at transaction time as the owner's usage policy
Per-job state machine: None → Requested → Granted → Running → Completed / Failed / Refunded

Key functions:

registerDataset() — publisher anchors dataset + policy on-chain
requestAccess() — researcher locks escrow, emits AccessGranted
startJob() — Orchestrator marks job as Running
confirmTrainingComplete() — Orchestrator settles royalties after TEE completion
markJobFailed() — Orchestrator triggers researcher refund

See Smart Contracts for ABI details and deployed address.

3. The Envio Indexer

Envio HyperIndex provides a real-time GraphQL API over 0G Chain events.

The indexer listens for:

DatasetRegistered — populates the marketplace
AccessGranted — feeds the Orchestrator's job queue
JobCompleted / JobFailed — updates session views and publisher earnings

This replaces raw RPC polling throughout the app. The Orchestrator queries Envio every 5 seconds for new Granted jobs.

4. The Orchestrator

The Orchestrator (packages/orchestrator) is a long-running Node.js process — the most security-sensitive component in the stack.

In the current demo it is the service that:

Holds the ECIES private key
Coordinates simulated 0G Compute dispatch and job state tracking
Calls settlement functions on the DataPolicy contract

Security invariant: The Orchestrator verifies on-chain job state (Granted) before it performs any key operation — even if the Envio event looks valid. The contract is the ground truth.

In production, this component should become a coordinator rather than a decryption point. Dataset keys should be released only after a 0G-compatible compute node presents a valid TEE attestation quote.

See The Orchestrator for the full dispatch flow.

5. 0G Compute Status and the 0G-Compatible Confidential Node

The public 0G fine-tuning docs describe a provider flow where the user supplies a dataset path or 0G Storage dataset root hash, the provider downloads/verifies the dataset, trains the model, encrypts the output model, and publishes the encrypted result. That is useful for verifiable fine-tuning, but it is not enough for LICEN's strongest privacy goal: encrypted datasets whose decryption keys are released only inside the compute TEE.

For the hackathon build, LICEN simulates the 0G Compute lifecycle:

createFineTuningTask({ datasetRootHash, requestedEpochs })

The simulated task UUID is stored as attestationRef on-chain. The UI and contract lifecycle still demonstrate dispatch, running state, result delivery, and settlement.

Production Compute Target

LICEN's planned production compute layer is a 0G-compatible confidential provider node:

The dataset owner encrypts the dataset locally and uploads ciphertext to 0G Storage.
The researcher pays escrow and receives an on-chain access grant.
A LICEN-compatible provider starts the training container inside a TEE/CVM.
The node generates a remote attestation quote that includes the container image hash, training code hash, TEE hardware evidence, and an ephemeral public key generated inside the TEE.
LICEN verifies the quote against an allowlist of approved worker images and release policies.
The dataset AES key is encrypted to the TEE ephemeral public key and released only to that attested node.
The node downloads ciphertext from 0G Storage, decrypts inside the TEE, runs fine-tuning, wipes plaintext, encrypts the model artifact, and uploads the result to 0G Storage.
The node signs a result manifest containing the dataset root, model root, code hash, attestation reference, actual epochs, and result hash.
The DataPolicy contract settles royalties using the signed completion reference.

This keeps 0G as the storage, chain, settlement, and target compute ecosystem while adding the missing confidential-input capability required for sensitive datasets.

Trust Boundary Summary

Service	What it knows	What it cannot see
Web Application	Encrypted dataset, sealed key envelope	AES key, plaintext data
DataPolicy Contract	Policy rules, job state, amounts	Encrypted content, keys
Envio Indexer	On-chain events	Off-chain data of any kind
Orchestrator	Demo job coordination, sealed envelopes, settlement authority	Web backend data, contract state beyond what is public
0G Compute simulation	Task lifecycle state	Real dataset plaintext
Planned confidential provider	Plaintext data only inside TEE during training	Dataset key before attestation, owner/browser secrets

No single service should have the full picture in production. The key design upgrade is moving plaintext access from the Orchestrator into an attested, measured, 0G-compatible TEE node.

System Overview

On this page