Skip to content

google/private-compute-services

Private Compute Services

This repository contains the code for the Private Compute Services app, a suite of services that provide a privacy-preserving bridge between Private Compute Core and the cloud.

Android’s Private Compute Core is a secure environment that is isolated from the rest of the operating system and apps where close-source features can safely access ambient and OS data.

Since Android 11, the OS prevents Private Compute Core components from having direct communication with other apps, and forces its features to use a small set of well defined APIs in AOSP. These protections are already open-source and can be found here.

From Android 12 forward, features inside Private Compute Core do not have direct access to the network. Instead, these features communicate over a small set of APIs to Private Compute Services (defined in this repository). This ensures no private or identifying information is exposed outside of the device using a set of privacy preserving technologies including federated learning, federated analytics, and private information retrieval.

You can learn more about Private Compute Services in this blog post.

Current APIs

  • Private Information Retrieval: Enables downloading slices of a dataset without revealing to the server which slice it downloaded.
  • Federated compute: Enables privacy-preserving aggregate machine learning and analytics across many devices, without any raw data leaving the device.
  • HTTP download: Enables access to static resources like updated ML models.
  • Protected Download: enables downloading of resources to the device with support for a binary transparency log based verification, ensuring these are the official resources provided by Google.

Note on dependencies

This project depends on the following separate open sourced repositories, as well as a limited number of dependencies which remain closed source. All API definitions are included in the open sourced repos.

The open sourced dependencies are: