Regulated exchanges based in Singapore (and possibly other jurisdictions) are facing the prospect of being required to verify the at any withdrawals to, or deposits from, a self sovereign crypto wallet are being done by a user that they have KYC’d.
This requirement is problematic in that it would essentially prohibit transfers from the exchange by KYC’d users to third parties/platforms. In addition, even when a KYC’d exchange user wants to make a withdrawal to, or deposit from, a self sovereign wallet, the exchange will have to verify that they, in fact, are in control of they associated cryptographic private keys.
Under current conditions, an exchange will likely need to require any KYC’d user desiring to do such a withdrawal/deposit to prove they own the private key associated with the public key which will be involved in the transaction by requiring the user to make a small “test deposit” of a randomly assigned amount of the specific digital asset within a specified time frame. Users will need to make such test deposits for every different chain which they conduct withdrawals/deposits. In addition, if the user is using a deterministic wallet that rotates out public keys for each transaction, the user will have to continually make such test deposits. Each such transaction will cost the user funds for paying the underlying blockchain’s transaction fees which on some chains could be far in excess of the amount of the test deposit itself.
The FIO Protocol (https://fioprotocol.io/) is a delegated proof of stake blockchain that acts as a usability layer for the entire blockchain ecosystem. There are more than a dozen wallets and exchanges that have already integrated the FIO Protocol to enhance usability for users.
Among other capabilities, the FIO Protocol provides human readable wallet “names” called FIO Addresses that can be mapped to public addresses of any blockchain by the owner of the corresponding FIO Private Key. FIO Addresses are different from previous “wallet name” attempts in a number of ways. Most pertinent to the Travel Rule Discovery problem is the structure of FIO Addresses which includes the concept of a Username and Domain. The FIO Domain is a separate Non-Fungible Token (NFT) which has control over rules on how FIO Address NFTs can be created that utilize the FIO Domain NFT:
The FIO Protocol can enable a verify once for every chain solution for solving the exchange to wallet Travel Rule challenge.
FIO Addresses can technically be mapped to any character string. Today, they are mapped to the public addresses of associated blockchains being utilized by the owner. However, additionally, they could be mapped to a digital signature from any other blockchain that is generated by the user who owns the FIO Private key.
Such mappings would enable any centralized exchange to have a user do a one time verification deposit of a small amount of FIO Tokens to prove they own the FIO Address associated with their self Sovereign wallet. The FIO chain has very low transaction fees so such a test deposit would have a diminimis cost. Once the exchange has verifiable proof that a KYC’d user owns the private key associated with a specific FIO Address, in order to verify that users control and ownership of keys on other chains the exchange would merely do an API query to the FIO chain requesting the digital signature for that user associated with the specific chain in question (e.g., BTC, ETH, etc.). If the user’s public address in use changes, the wallet would update the mappings of public addresses to their FIO Address and update the digital signature on the FIO chain.
Below are diagrams that describe this process for: 1) the first one time verification of a user’s control of their wallet; 2) The withdrawing (sending) of coins/tokens from the exchange and ; 3) The depositing of coins/tokens into the exchange.
Process Flow: Verify Once Exchange to Wallet Travel Rule Compliant Transfers via FIO Protocol