Opinions expressed by Entrepreneur contributors are their own.
You’re reading Entrepreneur India, an international franchise of Entrepreneur Media.
The first public blockchain—bitcoin—had anonymous users. This was largely because of its ambitious and subversive goal of creating an alternative to the US dollar. ‘Censorship resistance’ as it came to be known, this anonymity meant that governments couldn’t single out specific users and prosecute them. There were simply wallet addresses that interacted with each other in a trustless manner, owing to the brilliant architecture of decentralized consensus, blocks in a chain, proof of work and cryptographic signatures.
Crypto-assets have become lot more widespread now, especially since 2018 as DeFi (decentralized finance) became prominent, aided by the Ethereum blockchain. This anonymity has started to test the limits of compliance and the patience of regulators. The biggest worry that most regulators globally have regarding cryptocurrencies and crypto-economy is that money laundering is once again made extremely easy by the anonymous dealings of the crypto world. Most prominent example of such money laundering in the pre-crypto world was through some banks in countries such as Switzerland and other such ‘relaxed’ jurisdictions. Till about 2010, a money launderer or bribe giver could easily create a numbered account at some Swiss bank and send or receive proceeds of bribes, laundered money, over-invoiced exports and so on, without linking them to their true beneficiary.
FATF (Financial Action Task Force) and related global bodies have been fighting a long battle against various loopholes and safe havens for money laundering. They have met with some degree of success in recent years. However, the rise of cryptocurrencies has given a new lease of life to money laundering because a bitcoin or Ethereum wallet is very much like a numbered Swiss bank account. In fact, it is even better for anonymity because there is literally no regulation on who can hold what crypto-money in their wallet.
There is an inherent confusion between privacy and anonymity that proponents of cryptocurrencies have created and benefitted from. Censorship resistance and right to privacy is not automatically the same as anonymity. This is where the idea of decentralized self-sovereign identity comes into picture. The question to ask in the context of privacy is whether some central body has unquestioned and permanent access to one’s identity- confirming documents? Also, a related question on identity decentralization is whether only state can provide verification of one’s identity and in what ways does that limit financial inclusion, especially of the marginalized individuals in the society?
Privacy vs anonymity
Usually, a user of a wallet needs to create a proof of existence of identity documents by creating and submitting digital fingerprints of such documents. These fingerprints (called “hashes”) are submitted to the blockchain as a link to the actual documents. An individual’s fingerprints by themselves cannot point to their full picture. However, if an individual claims to have a certain fingerprint, such claim can be easily tested. Similarly, no one can find out what the documents contain based only on the hash of the document. However, once a document is shown and hashed again, it will match the previous hash – just like fingerprints. Using this property, the documents used by a user to create a hash can be verified as needed by a third party.
This removes anonymity, without compromising privacy. The user keeps the documents with herself but submits the hashes. This keeps verifiability intact but does not require users to share the actual documents.
A more ambitious aim is to go beyond government issued identity documents such as passports, driving license or Aadhar. This can be achieved through decentralization of the identification process. To understand this better, we need to go back to how a government itself confirms identity. To make one’s passport, one needs to submit a set of documents proving birth and current address. This can also be done by querying 100 other individuals who may know the person. If a hundred individuals claim that a given person is real and her name is so and so and she lives at such as such place, it is quite likely that the information is accurate. The obvious next question is how do the 100 confirming individuals themselves get the identity? The short answer is that each one of them gets their verification from the rest.
Since there is no one specific issuer of identity in this model, the expectation is that the community as a whole bootstraps the identity of its members.
This may seem arbitrary at first. However, once the idea is extended to the entire super-community of say 10 million individuals it starts to look more reliable that government issued identity. This does not require each person to be verified by 10 million others. It is enough that each one is connected to 100 or so others – each of whom is in turn related to 100 others. Even with overlap, very soon a social graph emerges that fits everyone in – each one with 20-500 reliable connections. This is the basis of decentralized identity.
The future is identity-aware
Leaving aside the world of crypto-native assets like bitcoin and ether, most real-life assets require their owners to be identifiable individuals – for various regulatory and compliance reasons. Most of these are reasons appealing to common sense and to the broad consensus on law and order based social organization. If blockchain technology is to become mainstream, identity needs to be addresses squarely and not in a footnote!
Swapnil Pawar is the founder of Newrl, a blockchain based financial service provider.