**Enrico***encrypts data on behalf of Alice* to produce the ciphertext (more specifically a MessageKit). In many cases (though not all!), **Enrico** is controlled by **Alice**.
**Ursula** serves as the "*proxy*" in this proxy re-encryption scheme and *re-encrypts the ciphertext encrypted under Alice's key to a ciphertext that will be decryptable under Bob's key*.
**Q: How much trust do we place in Ursula, the proxy?**
Ursulas are “semi-trusted” in the sense that Alice must trust Ursula to revoke a policy once it expires or if instructed to do so (by Alice). We also must trust Ursula to be responsive and perform the re-encryption correctly so that Bob can access the data.
**Q: Who pays Ursula? How is it done?**
Currently, Alice pays Ursula (since Ursula is doing work for Alice). Alice pays an ETH deposit into the PolicyManager contract when granting.
(However, we do imagine Bob paying in some models!)
**Q: How do we verify that Ursula has performed the re-encryption correctly?**
Every time an Ursula produces a re-encryption, she computes a zero-knowledge proof that proves that the re-encryption she just performed is correct, without disclosing any kind of secret information. This correctness proof is publicly verifiable, so in the event someone detects incorrect re-encryptions coming from an Ursula, these faulty proofs can be sent to a smart contract that will slash the stake associated with that Ursula. However, in a normal scenario, with Ursula working correctly, there’s no need for correctness proofs to be submitted on-chain.
**Q: How much trust do we place in Enrico?**
As mentioned above, Enrico is often (not always!) controlled by Alice. Enrico must be trusted to perform the encryption correctly and to not disclose the secret key. However, these things are out of our (cryptographic) control.
Additionally, Alice can decrypt (and thus read) anything encrypted by Enrico.
**Q: Who is the Staker in this narrative? Is it Alice or Ursula?**
The Staker can be thought of as a fiduciary administrator that holds NU and collects rewards.
Typically, but not always, Ursula and the Staker are the same party. Recall that Ursula is only “valid” (i.e. will be selected for work and able to earn inflation rewards) if she’s bonded to a Staker.
**Q: What kind of token is NU?**
NU is an implementation of the ERC20 standard deployed onto the Ethereum blockchain.
**Q: Why have the Staker and Ursula been split?**
We split them so that the Staker can hold NU offline in a hardware wallet.
**Q: What currency does Alice use to pay for re-encryptions? What currency does Ursula stake in (assuming Ursula is also the Staker)?**
Alice pays for re-encryptions in Ether. Ursula stakes in NU. Ursula will collect policy rewards in ETH and inflation rewards in NU.
What are the two streams of income Ursula can receive?
Inflation Rewards (NU) and Policy Rewards (ETH). We will soon refer to Policy Rewards as “Fees” to avoid confusion.
**Q: Why do you have a mix of NU and ETH?**
It’s much more convenient for Alice to simply carry ETH. If she has to acquire NU also, it sets a much higher barrier to entry.
**Q: How are Policy Rewards (ETH) determined?**
The reward is calculated with Confirm Activity taking into account the number of policies Ursula is enforcing.
**Q: How many Ursulas per period collect Inflation rewards (NU)?**
*These are questions related to setting up the NuCypher network on your machine.*
**Q: What are the recommended specifications for running a nucypher node?**
Worker nodes need to run ``nucypher`` and a local ethereum node. In total, you will
require at least 4GB for RAM. Nodes also need 24/7 uptime and a static, public IPv4 address.
For ``nucypher`` specific requirements, see `System Requirements and Dependencies <https://docs.nucypher.com/en/latest/guides/installation_guide.html#system-requirements-and-dependencies/>`_.
**Q: What is the network name for Incentivized Testnet?**
The network name is ``cassandra``.
**Q: Can my Staker and Worker address be the same?**
