Versions Compared

Old Version 1

changes.mady.by.user Luke Stokes

Saved on

compared with

New Version 2

changes.mady.by.user Luke Stokes

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The traditional financial world, for better or for worse, requires a works with verified identity through KYC (Know Your Customers) and AML (Anti-Money Laundering) compliance requirements. Even though this is only 0.1% effective at preventing crime, it is the reality we live in today (until we change it). Some examples of the problem:

If And yet, if FIO wants to help the billions of unbanked people who want access to decentralized open finance tools while also providing a decentralized (as opposed to centralized or federated) solution for those who still have to play the KYC/AML game, we should look at creating verified FIO handles. Depending on the need, this may end up driving the decentralized business strategy for the FIO Protocol which benefits all participants as the network effect grows. Billions of people and the many thousands of organizations that want to serve them have a problem FIO is uniquely positioned to solve.

...

I want to interact with a real human being, not someone claiming to be someone else (or 1,000 someone else's). I don’t want to store the KYC or profile information for that human on my servers. I may not want to do KYC at all and just want verification that some other organization I trust did do you KYC. If I do KYC, I want a mechanism to, with the permission of the human, expose aspects of that KYC to third parties, and be rewarded for it.

...

index

scope

data

0

aaaaaaaaaaaa

<encrypted text>

with With data decrypted as:

fio_handle

voucher_secret_key_path

voucher_data_secret_key_path

voucher_type

john@doe

m/44'/194'/0'/0/1

m/44'/194'/0'/0/2

1

The voucher type of 1 would mean full KYC. Other voucher types are described later.

The derived keys are then used to encrypt parts of a message on chain essentially saying “We’ve KYCed john@doe and collected the following information.” This message data on chain might look likebe stored in a vouchers table:

Table: vouchers

index

scope

voucher

voucher_data

0

aaaaaaaaaaaa

<encrypted text>

<encrypted text>

The voucher content is encrypted with the secret from voucher_secret_key_path (the key from m/44'/194'/0'/0/1) and the voucher_data content is encrypted with voucher_data_secret_key_path (the key from m/44'/194'/0'/0/2). With each new entry, a new set of keys on the key path are used.

voucher
(decrypted via voucher_secret_key_path)

voucher_data
(decrypted via voucher_data_secret_key_path)

Code Block
{
	"account": "abcdefghijkl",
	"fio_handle": "john@doe",
	"data": ["first_name", "last_name", "date_of_birth", "country_of_citizenship", "country_of_residence"]
}

Code Block
{
	"account": "abcdefghijkl",
	"fio_handle": "john@doe",
	"data": ["John", "Doe", "1/1/1980", "United States", "Puerto Rico"]
}

kyc@a then presents information for john@doe to encrypt and sign which essentially says “Here’s the table index where kyc@a vouched for john@doe encrypted with this secret key.”

Code Block
{
	"data": [{
		"validator_account": "bbbbbbbbbbbb"
		"validator": "kyc@b",
		"vouchers_index": 0,
		"voucher_secret": "5KN6kXyaxs68b9QqauTf1g13FkawCPL4baVzwLy9NcozyzNcLtu",
		"voucher_data_secret": "5JM3esqkLk79MsF3pq9mYvjLRUciK4DUrCrj2GdAVfdNJhtaGRu"
	}]
}

...

This process is be repeated for organizations B (kyc@b), C (kyc@c), and D (kyc@d).

Organization E (kyc@e) authenticates john@doe and instead of asking for KYC, it presents a list of KYC validators or combinations of validators it will accept instead. For example, it could ask for Organization A (kyc@a) or Organization B (kyc@b) and Organization D (kyc@d) together or maybe some combination like “3 from the following list…”.

john@doe decides they trust Organization E (kyc@e)to know they have a relationship with kyc@b and kyc@d, but they’d prefer to keep their relationship with kyc@a private. john@doe encrypts a message on sends an encrypted message via the chain with their shared key with kyc@e (similar to a FIO Request), with the following:

...

Organization E then saves a new record in the vouches table but with voucher_type 2 which essentially says “We acknowledge the identity of john@doe using previous validations”validations we trust”:

New entry for vouches table:

index

accountscope

data

1

<account for kyc@e>eeeeeeeeeeee

<encrypted text>

with data being:

...

Type 2 vouchers do not include voucher_data.

voucher
(decrypted with voucher_key_path/0)

voucher_data(decrypted with path/1)

Code Block
{
	"account": "john@doe",
	"data": ["kyc@b", "kyc@d"]
}

Code Block
...
Upon login to Organization D, if any of the validations used for verification have been updated for liveness, a new, updated record can be saved for that organization.
...
Useful Data
Each of these Some organizations presumedly wants some identifiable want additional information about the user like their name , or maybe their country, email, age, income, purchasing preferences, etc. Each time this information is requested, instead of giving it to the company which would then have to store it in a central location which becomes a target for data breaches and GDPR concerns, it is can be stored encrypted on chain.
...
Organizations can request specific data based on the fields in the profile or requests request a new entry be added. The value_secret can be shared with them so they can decrypt the content in the value field. They can not decrypt the content of the vouchers field. Both the vouchers and the value_secret are encrypted by john@doe’s private key.
...
Ideally we could add a “request for request” which would allow the validator to say “Send me a request for this amount so I can pay you for releasing this information to this organization.” The micro payment amount the organization pays to the validator when requesting the information would be more than the micro payment made to the validator person and the difference would be the validator’s profits.
...
This plan outlines a way for users to selectively validate their identity and personal information with multiple KYC vendors who don’t have to store the information on their local servers. Organizations requesting information can do so directly from the individual and receive a key to decrypt that information from the chain anytime they want it. They can also request validation of that information from a the KYC provider that validated it. The user has the control to selectively expose which validators have verified their information and who can access that information in the future. The security focus of the validation company can now be entirely about key management instead of data management.
...
  • Zero knowledge proofs to ask questions about the data without needing the data itself.
  • Key rotation requirements to keep data freshly encrypted.
  • Potentially using transaction_id and the block log via history nodes instead of table indexes.
  • Get the correct key derivation path for FIO and/or a better approach as the examples here are most likely wrong.