This Week's Headlines:
Self-Sovereign Identity Adoption Hopes on Blockchain Interoperability
While the Internet may be missing an identity layer, Self-Sovereign Identity empowered by the blockchain aims to address just that. Diar speaks to Danny Zuckerman, who heads up strategy & operations at uPort, and Drummond Reed, Founding Trustee of the Sovrin Foundation, who both agree that interoperability of the SSI ecosystem will vastly improve security and reduce redundancies of the centralized systems, aiming to provide the public with ownership of their own information.
Self-Sovereign Identity (SSI), a decentralized identity where each user stores and controls their own data, built on blockchain technology is aspiring to become the missing identity layer of the Internet. Instead of centralized services holding the personal data in data silos, SSI would allow users to hold their own data locally and then selectively permission who gets access to that specific piece of data.
The data that user holds about their identity can be created by themselves or contributed by other trusted parties that attest for the validity of the data. A trusted cryptocurrency exchange for example would theoretically be able to attest that the user has been verified on their platform and then the user wouldn’t have to redundantly verify their identity on other exchanges. The personal data combined with the attestations comes together and creates a digital reputation.
The SSI systems can vastly improve security and reduce redundancies of the centralized systems. The most prominent SSI systems are currently being developed by uPort and Sovrin. And while they may be viewed as competitors, the two outfits are actually working together along with the Decentralized Identity Foundation on interoperability and open standards to build a single ecosystem that supports SSI systems. Drummond Reed, Chief Trust Officer at Evernym and the Founding Trustee of the Sovrin Foundation told Diar that “SSI needs to be a coherent, interoperable ecosystem and I strongly disagree with anyone who says that we will have one proprietary solution that the whole world will use.”
And Danny Zuckerman at uPort, agrees that in the long run, there won’t be just one SSI system. Mr Zuckerman, speaking to Diar said “it is misleading to think of a SSI system as a single thing because it relies on so many different components and levels to operate and each of those has many opportunities for many different companies - consumer applications, enterprise applications, storage, hubs and reputation algorithms, consumers and providers of identity attestation. It’s unlikely that any one company went across all of these fields.”
uPort, which is being developed by ConsenSys, is building its system on Ethereum and is currently fully operational on all Ethereum testnets. Mr Zuckerman tells Diar that even though there is no firm timeline on the mainnet launch, it could very well be fairly soon. uPort already has functioning partnerships (GNOSIS, Status, Melonport among others) and Coinbase’s own Ethereum Browser, Toshi, also plans to implement uPort as its underlying SSI system. Mr Zuckerman commented that the partnerships that uPort is most focused on are those within the SSI ecosystem that would ultimately latch to interoperable standards that would see SSI systems work flawlessly together.
In the past year, uPort launched pilot programs with the city of Zug, Switzerland and also in Brazil. Mr Zuckerman is of the mind that “we will continue to see government projects and implementations. It will start off with smaller branches of the government and being used for a specific functionality but with time, the trust in the technology will grow, which will clear the way for wider scale government implementation.” Mr Reed think “it’s almost necessary for any successful SSI ecosystem to have governments as peers for validation.”
Evernyn, the company that built the code base for Sovrin, recognized that it needs to become a global public utility and donated the code to the Sovrin Foundation. Evernyn has done research for the U.S. Department of Homeland Security, which funded the original research for the open standards of SSI. The Sovrin Foundation is talking to other governments about implementing Sovrin - British Columbia in Canada, Illinois, Maryland and Arizona in the United States as well as Finland, Austria and the UK in Europe. The governments are incentivized by citizen enablement to pursue their digital economy as well as enhancing cyber security.
Sovrin is an international non-profit foundation created to govern a global public utility for SSI. Since early 2017, Sovrin’s code base is being contributed to Hyperledger Indy, which has allowed Sovrin to increase exposure to a much larger group of developers. In contrast to uPort, Sovrin is built on a public permissioned blockchain tailored specifically to identity done under a Trust Framework with open public governance. Mr Reed says that the decision was made because Sovrin “talked to the different parties that would need to rely on the SSI (credit unions, banks, health care agencies, universities, governments) and they didn’t want anyone to be able to run a node."
Indeed, “Sovrin Stewards” - the permissioned institutions that serve as nodes for the Sovrin network, are governed by the Trust Framework. The Sovrin Stewards already include IBM, Deutsche Telekom, Brigham Young University, law firms of BakerHostetler and Perkins Coie and Credit Unions.
Even though blockchain is a crucial component to the SSI systems, Mr Reed tells us that it is actually the smallest piece of the puzzle. “It’s the distributed agents and the wallets that actually make it self sovereign. What the blockchain does is to solve the problem of how can you be issued a credential that can be shown to a verifier. The verifiers then refer to the blockchain to verify the public key.”
Sovrin & Uport Key Points
|1||Blockchcain||Ethereum - Public Permissionless Ledger||Public Permissioned Ledger Tailored For Self-Sovereign Identity|
|3||Incentive Model||Inherent Gas Costs||Costs Of Validator Nodes|
|4||Key Management||Dpki, User Device||Dpki|
|5||Identifiers||Address Of A Smart Contract, Off-Ledger Ipfs||Stored Directly On The Ledger|
|7||Significant partners||Zug, Brazil’S Ministry Of Planning, Status, Gnosis, Melonport||Ibm, Evernym, Bakerhostetler, Deutsche Telekom|
Largest Centralized Data Breaches
|1||Yahoo||2013||3 billion||Names, Email Addresses, Dates Of Birth And Telephone Numbers|
|2||Adult Friend Finder||2016||412 million||Names, Email Addresses And Passwords|
|3||Myspace||2016||360 million||Usernames And Passwords|
|4||eBay||2014||145 million||Names, Addresses, Dates Of Birth And Encrypted Passwords|
|5||Equifax||2017||143 million||Social Security Numbers, Birth Dates, Addresses, License Numbers|
|6||Heartland Payment Systems||2008||134 million||Credit Cards|
|7||Target||2013||110 million||Credit Cards And Contact Information|
|8||2012||100 million||Email Addresses And Hashed Passwords|
|9||VK.com||2016||100 million||Usernames And Passwords|
|10||TJX Companies||2006||94 million||Credit Cards|
Decentralized Identity Foundation Members
Banks Look to R3 For Self-Sovereign Identity Customer Solutions
Banks want to play a role in self-sovereign identity. Blockchain consortium R3’s Abbas Ali tells Diar that self-sovereign identity can allow banks to remove the risk of holding information on behalf of customers. Instead of running on a public network, banks are more inclined to build in a private implementation of the network. And it seems that banks are also keen in getting involved in running data storage services specifically for identity information.
R3, a private company that leads the oldest blockchain consortium with more than 200 banks, financial institutions, regulators, trade associations, professional services firms and technology companies is also getting involved in self-sovereign identity (SSI). Diar spoke to Abbas Ali, Director of Identity Partner Solutions at R3, who says that R3 and its banks view SSI as giving consumers control over their own data. “The data can be stored anywhere, it just means that user control the keys that access and unlock that data. It’s about control.”
Banks are interested in SSI for multiple reasons Mr Ali explains. “By pushing the data back onto the customer through SSI, it allows banks to remove the risk and liability of holding information in behalf of customer. Banks are very interested in SSI and they think that if the industry is moving towards it, they don’t want to be left behind, which has happened frequently in the past specifically as they were late adopters. This time, they want to be ahead. In fact, they are making a big push to buy some smaller startups that are building things in the space because they think that’s the best way for the banks to keep up and stay relevant.”
With European regulations such as PSD2 and Open Banking, Mr Ali says the payments are going to become commoditized. For banks, SSI presents another opportunity to provide an additional service to the customers. Mr Ali is of the mind that “historically, the assets have been stored with banks. In the future, your biggest asset is going to be your identity. And what better place to store that than in your bank who you already trust with the rest of your assets. The banks see themselves as running data storage services specifically for identity information, which is another opportunity in the SSI space where consumers will not have to keep and manage copies of all that data. Banks can store the identity data on their behalves while still letting consumers retain control to the use of public and private cryptography.”
R3 cooperated with Sovrin on an interoperability project to build a Corda network that talks to the Sovrin network without losing any of the trust and privacy features inherent in both platforms (see story above). Even though the project just demonstrated a proof of concept, the code is available in Corda and R3 plans to open source it and release it to public so that the partners can build solutions on Corda that actually leverage Sovrin for identity management.
|| BANK IDENTITY SOLUTION?
Mr Ali says that a lot of banks are doing research and innovation projects with Sovrin in an effort to run their own identity network. The banks are essentially looking to have a network that uses the same self sovereign technology as Sovrin but is built in a private implementation as opposed to a public one.
IMF Assesses Crypto Asset Place in Regulated Financial System
The International Monetary Fund continues to weigh-in on Cryptocurrencies, which it has dubbed closer as Crypto Assets. The latest input comes from the organizations Global Financial Stability Report following Managing Director Christine Lagarde’s articles earlier this month. Ultimately, however, any sort of regulatory direction remains ambiguous at best with the IMF possibly gunning to be the orchestrator and oversight body of the new-born industry.
Whilst the IMF currently finds Crypto Assets “far from fulfilling the…basic functions of money,” they do find the prospect of immediate cross-border payments as a key threat should volatility be addressed. The IMF is of the camp that Central Banks would be well-advised to look into cryptocurrencies in the form of a Central Bank Digital Currency (CBDC) as “shortcomings could change with wider adoption and technological improvements, and some crypto assets may be able to perform the functions of money better, thus putting competitive pressure on fiat currencies” the report continued to state.
However, despite Bitcoin itself being less volatile than Facebook, Apple, Netflix, Google (FANG) stocks the report shows, the IMF looked at key metrics on how and if Crypto Assets pose any risk to financial stability more so than any immediate threat to fiat currencies and payments network.
“At present, crypto assets do not appear to pose risks to financial stability. However, regulators should be vigilant to the potential for financial stability challenges that could arise should crypto assets be used more widely.” Looking at current institutional vehicles, the IMF highlighted Leverage trading, possible introduction of ETFs and Futures as more of a substantial risk to the financial markets should Crypto Assets become more integrated into mainstream products.
US Regulators Opposing Views on Cryptocurrency Class
|2013||US||FinCEN||Currency||An administrator or exchanger is an MSB under FinCEN’s regulations, specifically, a money transmitter.|
|2014||US||IRS||Property||For federal tax purposes, virtual currency is treated as property. Under currently applicable law, virtual currency is not treated as currency.|
|2015||US||CFTC||Commodity||Bitcoin and other virtual currencies are encompassed in the definition and properly defined as commodities.|
|2017||US||SEC||Security||Virtual coins or tokens may be securities and subject to the federal securities laws.|
|| REGULATING AT THE SOURCE, IMF EYING EXCHANGES
Predominantly, the IMF assessed exchanges and market liquidity of major cryptocurrencies, but not without concern of reported numbers. Exchanges “are a major source of risk for investors, given their opaque and often unregulated nature….Data on trading volumes can be unreliable, especially since Crypto Exchanges operate under heterogeneous rules with different fee structures, investor bases, and levels of regulatory oversight.”
|| ICOs TO REMAIN IN PLAY?
The IMF noted that the cross-border nature of Crypto Assets has indeed posed problems in a clear definition of the asset class, citing the differences seen not only within the US specifically in the US where the IRS, SEC, FinCEN and CFTC have their own definitions (see table). However, it’s important to note that while regulatory bodies have yet to come to an international consensus, Initial Coin Offerings (ICOs) have not been scraped as a financial threat, but one that would need to meet “regulatory requirements to promote the transparency and integrity of ICOs and to strengthen the risk management and robustness of crypto-asset exchanges.”
SEC Registrations for Future Crypto Token Sales Rise
The US Securities and Exchange Commission has now seen an increasing number of registrations for token sales as the regulators continues its crack down on highly questionable ICOs and following an increasing amount of class action lawsuits (Diar, 26 February).
Jay Clayton's words now seem to have hit the mark more than ever when the Chairman said "I believe every ICO I've seen is a security."
SEC Form D Filings for Tokens or Token Convertibles
Goldman Sachs Backed Exchange Circle Adds ZCash
Circle, which a few months ago also purchased US-based exchange Poloniex announced that they have added ZCash alongside their other five current offerings on the platform - Bitcoin, Bitcoin Cash, Ethereum, Ethereum Classic and Litecoin. The announcement also made note that the exchange would be adding more cryptocurrencies over the coming three weeks.
Circle now seems to be breaking away from the pact with more offerings that also markedly overlap with major investor Digital Currency Group, who is also an investor in the outfit and has trusts in all the coins on the platform. Also notable is the fact that ZCash is also backed other major Circle investors Pantera and Fenbushi Capital - who have also invested in other cryptocurrencies.
|| OVERLAP POTENTIAL?
The potential upcoming additions are a good a guess as any. But there are some notable cryptocurrencies that overlap from Circle backers DCG, Pantera and Fenbushi (see table)
|4||Tieron||Blockchain Verification for Shared Data||+||+|
Receive Diar Every Monday – The Digital Assets & Regulation Trade Publication
Disclaimer: Unless otherwise specified, the content of the articles published on www.diar.co constitutes intellectual property of Diar Ltd and may not be reproduced or republished in whole or in part without prior written consent. The information contained in the articles published on www.diar.co does not in any way constitute financial or investor advice and is only intended for informative purposes. Readers may not rely on such information to decide on investment or financing options or otherwise rely on such information in making decisions with monetary or financial effects. Diar Ltd does not accept any liability of any kind with regards to the validity of the information or with regards to any damage suffered as a result of reliance on such information. © 2018 Diar Ltd. Contact: firstname.lastname@example.org