Privacy preserving KYC on Ethereum

1. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 1/20 Privacy-preserving KYC on Ethereum Alex Biryukov, Dmitry Khovratovich, Sergei Tikhomirov SnT, University of Luxembourg 9 May 2018 CWI, Amsterdam, The Netherlands

2. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 2/20 Outline Introduction A decentralized KYC-compliant identity Conclusion and future work

3. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 3/20 Identity is data that represents a user Identity is used for: Authentication: proves the user is who they claim to be; Authorization: ensure the user is eligible for an action. In cryptographic terms, user is represented by a private-public key pair.

4. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 4/20 Centrally managed identity Prevalent model today User delegate identity management to companies, get access using password Risks: identity theft, central point of failure

5. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 5/20 Decentralized identity Putting users in charge of managing their data Can be implemented using blockchains Does it respect privacy? Does it comply with regulations?

6. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 6/20 Bitcoin A decentralized digital currency [Nakamoto 2008] Combines cryptography and economics to prevent double spending without a trusted third party

7. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 7/20 Ethereum: generalized blockchain A blockchain-based application platform [Buterin 2014] Key feature: Turing complete programming

8. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 8/20 Ethereum tokens A popular use case for smart contracts A fungible unit of value maintained by a smart contract ERC20 is the de-facto standard token API Decentralized exchanges – a promising direction

9. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 9/20 ERC20 functions transfer – send tokens to an address approve – allow other user to transfer my tokens transferFrom – send other user’s tokens (only if approved)

10. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 10/20 A decentralized KYC-compliant identity Our identity management design for ﬁnancial services is: Decentralized (on-chain) Privacy-preserving Can be made compliant Extendable to many application types (consider a token exchange as an example)

11. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 11/20 Cryptographic accumulator A cryptographic primitive: absorbs algebraic objects Provides interface to verify whether a value was accumulated Preserves privacy: individual values are not disclosed

12. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 12/20 Accumulator-based identity workﬂow (1/2) A KYC Provider publishes a contract with an empty accumulator A User interacts with the Provider (possibly oﬄine) and gets their value accumulated The Provider issues a witness s.t. the User can later prove their eligibility

13. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 13/20 Accumulator-based identity workﬂow (2/2) To prove eligibility, a user submits an (atomic) zero-knowledge proof of the statement: I know the private key corresponding to msg.sender; I know a signature and a witness for some value which was previously accumulated.

14. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 14/20 KYC Provider interface add(user, token) – makes user eligible remove(user, token) – makes user not eligible isEligible(user, token) – check if the user is eligible

15. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 15/20 Use case 1: compliant exchange An exchange veriﬁes users before making transactions Traded tokens do not need to be aware of KYC

16. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 16/20 Use case 2: compliant token A token veriﬁes users before making transactions Services (exchanges) do not need to be aware of KYC

17. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 17/20 Implementation details A PoC implementation (not privacy-preserving): joint 1st prize at the Luxblock hackathon in May 2017 (The team also included: Daniel Feher, Dmitry Khovratovich, Aleksei Udovenko, Maciej Zurad) Accumulator implementation depends on new opcodes: currently Ethereum does not natively support all required cryptographic operations Updating the accumulator is expensive if done on-chain

18. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 18/20 Conclusion and future work Ethereum provides ways to encode and enforce digital agreements Cryptography allows for additional eligibility checks which minimally impact the users’ privacy Many technical challenges to overcome before realizing this idea

19. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 19/20 Research question Can we leverage sophisticated cryptography in public blockchains to provide stronger security and privacy guarantees?

20. Privacy-preserving KYC on Ethereum Biryukov, Khovratovich, Tikhomirov Introduction A decentralized KYC-compliant identity Conclusion and future work 20/20 Questions? cryptolux.org s-tikhomirov.github.io

Privacy preserving KYC on Ethereum

Privacy preserving KYC on Ethereum

Recommended

More Related Content

What's hot

What's hot(9)

Similar to Privacy preserving KYC on Ethereum

Similar to Privacy preserving KYC on Ethereum(20)

More from Sergei Tikhomirov

More from Sergei Tikhomirov(10)

Recently uploaded

Recently uploaded(20)

Privacy preserving KYC on Ethereum