Investors still want a piece of the #blockchain. #Ripple, the enterprise blockchain startup, today announced that it raised $ 55 million in Series B funding to accelerate customer adoption of its #technology. That brings Ripple’s total funding to $ 93.6 million since its launch in 2012, according to Crunchbase. “I think there’sRead More
Bank Innovation
#Lykke, a Swiss startup seeking to build a global marketplace powered by #blockchain #technology, has begun its Initial Coin Offering (ICO) campaign as the company #looks to #raise CHF 1.5 million.
Lykke seeks to sell 30 million Lykke coins at the price of 0.05 CHF each. Lykke coins represent ownership of Lykke, an exchange for trading financial instruments built on top of blockchain technology.
“Lykke is looking for investors who want to change the face of the global market,” Richard Olsen, co-founder and CEO of Lykke, said.
&8220;Our goal is to upset the inefficiency and unfairness of the existing financial system, giving people a better way to manage their money and their assets.&8221;
The #crowd #sale is available to anyone over 18 years old (except for US citizens) and will run until October 10, 2016. Individuals can purchase these tokens using the Lykke Wallet application for iOS or Android devices using Swiss francs, US dollars, bitcoins and ether, the native #cryptocurrency of Ethereum. (more information here)
The Lykke Wallet lets users purchase &8220;any kind of financial instrument,&8221; trade them in a peer-to-peer manner, with &8220;second-by-second interest payments.&8221;
&8220;We want to give our customers and those who believe in our vision a chance to participate in owning part of the company,&8221; Olsen said.
Launched in 2015 and headquartered in Zurich, Lykke is building a single #marketplace where any sort of financial instrument can be traded and settled. Unlike the structure of traditional markets, Lykke aims at being a &8220;level playing field to which anyone with an Internet connection can have access.&8221;
By using blockchain technology, Lykke offers immediate settlement and direct ownership for zero commission. According to the company, revenues will come from providing liquidity, offering issuance services, and supporting institutional clients.
Lykke uses the Colored Coin protocol to list financial instrument on the blockchain in the form of a digital tokens. Colored coins follow the idea of &8220;coloring&8221; a specific #bitcoin – the issuer guarantees to hand out the underlying assets to the person, who returns the colored coin.
According to its whitepaper, all of the software underpinning the Lykke Exchange are being developed in open source.
The Lykke ecosystem will be composed of several elements: the Lykke Wallet for core currency trading with 0% commission; the Lykke Exchange, a semi-centralized online exchange for trading financial instruments issued in the form of colored coins and a marketplace for retail and institutional clients; as well as the yet-to-be launched Competition Platform, which will allow users to crowdsource the most innovative ideas.
Lykke also plans to partner with #banks, corporations, and municipal entities to speed up adoption of its software wallet though white-labeling.
Lykke Exchange was developed since December 2015 and went live in beta on March 2016 with wider industry testing starting in May 2016. The exchange was initially launched with the Lykke coin, shares of Lykke, and started two innovative projects: colored coins for music rights and colored coins for CO2 certificates.
The company is looking to include several asset classes such as future and options on digital assets, crowdfunded loans for retail and private equity financing for Small and Medium-Sized Enterprises (SME), contracts for difference, zero coupon bonds and other fixed income, and natural capital bonds, among others.
Lykke received initial seed funding in 2015. Philipp Netzer, an investor in the country says that &8220;Lykke is the begging of a giant movement that will trigger a lot of very important changes in the financial industry.&8221;
Prior to founding Lykke, Olsen was the chairman and co-founder of OANDA, a Canadian-based foreign exchange company.
You can be part of Lykkes Initioan Coin Offering here,.
The post Blockchain Marketplace Lykke Begins Crowd Sale; Looks to Raise 1.5M CHF appeared first on Fintech Schweiz Digital Finance News – FintechNewsCH.
A new group focused on promoting #blockchain tech within the city of #Shanghai’s business and #technology sectors has been established.
CoinDesk
With significant support from the government, the UK is poised to become the #fintech capital of the world, generating already £6.6 billion (US$ 8.7 billion) in revenues as of 2015 and employing over 60,000 people, second only to California with 74,000, according to Sonovate.
Digital is one of the fastest-growing sectors of the UK economy and according to the Global Financial Centres Index, #London ranks first as a global financial center ahead of New York, Hong Kong and Singapore.
Image credit: City of London by QQ7, via Shutterstock
Additionally, London-based fintech startups benefit from tax breaks and programs designed to foster growth, such as R&D tax incentives that are available to companies that employ fewer than 500 people, according to Tech City UK, and it is believed that a fintech company in London can reasonably expect to go from idea to operation much more quickly than in other countries.
This makes the UK, and London in particular, fertile ground for fintech development.
Today, London hosts some of the most successful fintech innovators in the world: payments startups TransferWise, WorldRemit and Bankable, peer-to-peer lending marketplace Funding Circle, online investment management service Nutmeg, forex startup Currency Cloud, as well as digital challenger banks and neo-banks Atom Bank, Tandem, Mondo and Starling, are just a few of them.
In 2015, the UK VC-backed fintech investment activity reached an all-time high with US$ 962 million through 61 deals, according to KPMG and CB Insights’ The Pulse of Fintech 2015 in Review report. London alone attracted over US$ 743 million in venture capital through 50 deals with the largest ones being Funding Circle&8217;s US$ 150 million Series E round, Atom Bank&8217;s US$ 128 million Series B round and WorldRemit&8217;s US$ 100 million Series B round.
Today, we take a look at London&8217;s leading fintech #investors.
Founded in Geneva in 1996, Index Ventures is a Europe- and San Francisco-based global venture capital firm focused on making investments in information #technology and life sciences companies.
The firm has invested in 160 companies in 24 countries and employs over 35,000 employees worldwide. Its principal offices are located in London and San Francisco.
Index Ventures&8217; portfolio of fintech companies includes iZettle, Clinkle, TransferWise, Xapo, Swipely, BitPay, iZettle, CrowdRise and Funding Circle.
Launched in May 2007 by a group of 30 European investors, Seedcamp invests capital into pre-seed and seed stage startups, providing up to €200k and a lifelong platform of learning, networking and capital to support the most ambitious founders.
As of September 2015, Seedcamp has a portfolio of 192 companies and is backed by over 30 institutional venture capital firms and angel investors.
Seedcamp&8217;s portfolio of fintech companies includes Transferwise, Monese, Finance Fox, WealthKernel, Traderion, Elliptic and Zercatto.
Balderton Capital is a London, UK-based venture capital firm that invests between US$ 1 million to US$ 20 million into early-stage, primarily in Europe-based technology and Internet startup companies.
Originally founded in 2000 as Benchmark Capital Europe, Balderton Capital became fully independent in 2007. It has made over 100 early-stage investments since 2000 and currently manages over US$ 2.2 billion in assets.
Balderton Capital&8217;s portfolio of fintech companies includes Zopa, Wonga, Nutmeg and Crowdcube.
The London Co-Investment Fund is a government-backed fund launched in 2014. It is founded and managed by Funding London and Capital Enterprise.
The London Co-Investment Fund has raised £25 million from the Mayor of London’s Growing Places Fund to co-invest in seed rounds between £250,000- £1,000,000, led by selected co-investment partners.
The London Co-Investment Fund&8217;s portfolio of fintech companies includes Droplet, Stockflare, Curve and StockViews.
Founded in 1996 and with offices in London, New York, Stockholm and Oslo, Northzone is a venture capital firm investing in tech startups.
So far, Northzone has invested in over 100 companies and is managing over US$ 1 billion in assets.
Northzone&8217;s portfolio of fintech companies includes Klarna, Market Invoice, iZettle, Auka, BehavioSec, Crosslend and Qapital.
Founded in 1999, Octopus Ventures is a London and New York-based venture capital firm that does seed, early-stage venture, and later stage venture investments.
Octopus Ventures invests between US$ 200K to US$ 25 million into promising ventures from the commerce and marketplaces, financial services, hardware and infrastructure and software and services sectors.
Octopus Ventures&8217; portfolio of fintech companies includes Currency Fair, Calastone, Elliptic, Mi-Pay and Semafone.
Founded in 1983, Accel is an American venture capital firm investing in companies from inception through the growth stage. The company manages over US$ 8.8 billion from its US offices in Palo Alto, California and San Francisco, California. It has separate operating funds in London, India and China.
Accel&8217;s portfolio of fintech companies includes Circle, Card Spring, Gumroad, Clinkle, Lenddo, Braintree, Nomi and Yodlee.
83North, formerly Greylock IL, is a global venture capital firm with more than US$ 550 million under management. The fund invests in European and Israeli entrepreneurs, across all stages of consumer and enterprise companies. It has offices in London and Tel-Aviv.
83North&8217;s portfolio of fintech companies includes Payoneer, Wonga, iZettle, Marqeta, BlueVine and Ebury.
Founded in 2006, Draper Esprit is a Pan-European venture capital fund that invests into disruptive tech companies at the early and growth stages.
Draper Esprit is a member of the Draper Venture Network, the largest venture capital network in the world with 140 investment professionals and over 600 portfolio companies.
Draper Esprit&8217;s portfolio of fintech companies include MoPay and Crowdcube.
Founded in 2010, Anthemis Group is a venture capital firm that invests in seed, early-stage and later stage ventures that are tackling financial services and related technologies and infrastructures.
Anthemis Group has invested in Betterment, Moven, Simple, Vericash, Currency Cloud, and Fidor Bank.
Passion Capital is a London-based early stage venture capital firm launched in 2011 as a private-public hybrid fund with an initial fund of US$ 60 million, of which US$ 40 million was from the United Kingdom government.
Passion Capital has funded 50 early-stage tech startups, backing over 100 founders who have grown their teams to include over 700 team members.
Passion Capital&8217;s portfolio of fintech companies include Mondo, Coinfloor, Flattr, Ginmon, GoCardless and Native.
Notion Capital focuses on fintech, digital marketing and adtech, business intelligence, Big Data and cybersecurity, among other sectors.
Notion Capital&8217;s portfolio of fintech companies include Currency Cloud, GoCardless, DealFlow, TradeShift and Demyst Data.
As of early 2015, General Atlantic has approximately US$ 17.4 billion in assets under management and more than 100 investment professionals based in New York, Greenwich, Palo Alto, Sao Paulo, London, Munich, Amsterdam, Beijing, Hong Kong, Mumbai and Singapore.
General Atlantic&8217;s portfolio of fintech companies include Adyen, Avant, Klarna, Insurity, IIFL Wealth Management, Network International and Options House.
London fintech scene has been going hot with lots of Fintech events in the upcoming months. Some of the notable ones for you to consider to go:
Special Offer: Enter Coupon Code FTN10 when purchasing passes to claim your 10% discount
The European RegTech Congress will provide a platform for the discussions really needed to move the space forward. With a dedicated track to exploring the realities of Regtech adoption, how to harmonise wide ranging platforms and the standards the technology needs to meet. Our practical ‘RegTech in Action’ track featuring dedicated seminars on topics such as the impact the move to Mifid II will have and how RegTech can manage Post-Brexit uncertainty. For more information, visit http://www.regtechevent.com
Special offer: Sign up now with code FNS16VIP to get 15% discount!
The 3rd annual LendIt Europe conference and expo will take place at the InterContinental London – O2. This year’s event will bring together more than 1,000 industry leaders and include the region&8217;s largest online lending expo with more than 2,500 square metres of exhibition space.
Special Offer: Register now with code FINTECHNEWS to get 20% discount!
The event includes a comprehensive conference programme with keynotes, multiple track sessions, a large exhibition and welcomes over 1,000 delegate and 120+ speakers. In addition, Brexit & Global Expansion Summit will play host to a series of high level one-to-one meetings, a range of networking activities and deep dive workshops.
The post Top 13 Fintech Investors in London appeared first on Fintech Schweiz Digital Finance News – FintechNewsCH.
Kevin Simback and Josie Lee seeded the list of US companies using #technology in the broad #Digital #Mortgage #Market – MortgageTech. I keep the conversation categorization and add on a few names. 1 – Mortgage Enterprise Solutions – this includes offering lending operating system (LOS) providers, marketing/lead gen/application/underwriting/fulfillment/closing platforms, servicingRead More
Bank Innovation
UK tech startup, habito, has launched the #world’s #first artificially intelligent Digital #Mortgage Adviser (DMA) allowing millions of consumers to discuss their mortgage needs from any connected device, 24/7, without requiring a human broker.
Built using AI #technology and habito’s market-leading algorithm, the DMA marries all the elements of a customer’s financial life (e.g. employment, salary and personal life plans) with real-time market mortgage rates to calculate an indicative monthly payment. The DMA explains the impact consumers’ decisions will have on each mortgage configuration as a traditional mortgage broker would, but in a fraction of the time (average 10 minutes). Habito has the ability to search hundreds of products (versus a handful), so once the #advice is complete consumers can be sure they’re on the best mortgage for them, which can result in savings of thousands of pounds per year*.
In designing the new system, habito analysed hundreds of advice interviews in order to understand what consumers needed and what formed the basis of informative advice. As a result, the DMA’s #chat-like interface provides an unbiased, conversational experience, without the need for lengthy in-person queues, waiting on hold or paying a premium for advice.
Daniel Hegarty, CEO and Founder, habito
“Finding the right mortgage product in the UK is like finding a needle in a haystack. Britons are crying out for some innovation and clarity in an outdated and overwhelming mortgage market,” said Daniel Hegarty, CEO and Founder, habito. “Our digital mortgage adviser is a huge step forward in making mortgage advice accessible for consumers in the way they need it most: unbiased, always available and most importantly free.”
Habito’s digital mortgage adviser is a direct response to the FCA’s Financial Advice Market Review Report calling for greater, more accessible financial services advice for British consumers. Habito plans to roll out additional interactive features later this year, such as remortgage alerts, that will continue to optimise the mortgage application process for consumers across the country.
habito Team, from https://www.habito.com/
* According to an analysis of SVR mortgage holders by HSBC, Nov 2015
Feature image: from habito
The post World’s First AI Mortgage Advice Chat Bot appeared first on Fintech Schweiz Digital Finance News – FintechNewsCH.
The House of Representatives has passed a resolution calling for a national #technology policy which includes language for digital currencies.
CoinDesk
One of the bigger trends in the #blockchain world, particularly when it comes to financial services and specifically capital markets operations, has been a need for #privacy and confidentiality in the course of daily business. This has meant that blockchain solutions are being designed with this primary need in mind. This has led to all the private blockchain solutions being developed today.
When you build for privacy and confidentiality there are tradeoffs that come with that. Mainly you lose transparency, which was the major feature of the the first blockchain: #Bitcoin. As originally designed a blockchain is a transparency machine. In this system, the computers are distributed and no one entity controls the network. Not only this but anyone can be a validator and anyone can write to or read from the network. Clients and validators can be anonymous and all the data gets stored locally in every node. (replication). This makes all transaction data public. The security of Bitcoin is made possible by a verification process in which all participants can individually and autonomously validate transactions. While Bitcoin addresses the privacy problem by issuing pseudonymous addresses, it is still possible to find out who’s addresses they are through various techniques.
This is the polar opposite of what is happening in the private blockchain world, where decentralization and transparency are not deemed as necessary for many capital markets use cases. What is important is privacy and confidentiality, latency (speed) and scalability (able to maintain high performance as more nodes are added are added to the blockchain). Encrypted node to node (n2n) transactions where only the two parties involved in the transaction receive data. In many of these systems there are opt ins for third party nodes (regulators) to be a part of the transaction. Other systems being developed for similar purposes, which have been written about on this blog, have one designated block generator which collects and validates proposed transactions, periodically batching them together into a new-block proposal. Consensus is provided by a Generator that applies rules (validates) agreed to by the nodes (chain cores) to the block and designated block signors.
In these systems, decentralization is simply not necessary because all the nodes are known parties. In private blockchains the nodes must be known in order to satisfy certain regulatory and compliance requirements. The focus has been on how to preserve privacy and confidentiality while achieving speed, scalability, and network stability. Therefore, there are ways for legal recourse even between parties who don’t necessarily trust each other.
What is Cryptography and Encryption?
As noted above with privacy and confidentiality being pivotal, encryption has become a major focus for all blockchains. Many of these solutions are using advanced cryptographic techniques that provide strong mathematically provable guarantees for the privacy of data & transactions.
In a recent blog post titled “A Gentle Reminder About Encryption” by Kathleen Breitman of R3CEV, she succintly provides a great working definition:
“Encryption refers to the operation of disguising plaintext, information to be concealed. The set of rules to encrypt the text is called the encryption algorithm. The operation of an algorithm depends on the encryption key, or an input to the algorithm with the message. For a user to obtain a message from the output of an algorithm, there must be a decryption algorithm which, when used with a decryption key, reproduces the plaintext.”
If this encryption uses ciphertext to decrypt this plaintext, you get homomorphic encryption and this (combined with digital signature techniques) is the basis for the cryptographic techniques which will be discussed in this post. Homomorphic encryption allows for computations to be done on encrypted data without first having to decrypt it. In other words, this technique allows the privacy of the data/transaction to be preserved while computations are performed on it, without revealing that data/transaction. Only those with decrypt keys can access what exactly that data/transaction was.
Homomorphic encryption means that decrypt(encrypt(A) + encrypt(B)) == A+B. This is known as homomorphic under addition.
So a computation performed on the encrypted data when decrypted is equal to a computation performed on the encrypted data.
The key question being asked is: How can you convince a system of a change of state without revealing too much information?
After all, blockchains want to share a (change of) state; not information. On a blockchain, some business process is at state X and now moves to state Y, this needs to be recorded and proved while preserving privacy and not sharing a lot of information. Furthermore, this change of state needs to happen legally, otherwise there is a privacy breach.
Cryptographic techniques like zero knowledge proofs (ZKPs), which use different types of homomorphic encryption, separate:
1) reaching a conclusion on a state of affairs
2) the information needed to reach that state of affairs
3) show that that state is valid.
The rest of this post will discuss how the trend towards privacy has led to cryptographic techniques, some old and some new, being used to encrypt transactions and the data associated with them from everyone except the parties involved. The focus will be on Zero Knowledge Proofs, zk SNARKs, Hawk, confidential signatures, state channels and homomorphic encryption.
The privacy problem on a blockchain is the main gap for deployment for all of the cryptographic solutions talked about below.
Outside of a blockchain, there are examples of homomorphic encryption in practice. CryptDB is an example of system that uses homomorphic encryption and other attribute preserving encryption techniques to query databases securely. It is used in production at Google and Microsoft amongst other places. It does have limitations though: you have to define the kinds of queries you want ahead of time and it is easy to leak data. CryptDB provides confidentiality for data content and for names of columns and tables; however CryptDB does not hide the overall table structure, the number of rows, the types of columns, or theapproximate size of data in bytes. One method CryptDB uses to encrypt each data items is by onioning. This allows each data item to be placed in layers of increasingly stronger encryption.
Gregory Maxwell designed a cryptographic tool (CT) to improve the privacy and security of Bitcoin-style blockchains. It keeps the amounts transferred visible only to participants in the transaction. CT’s make the transaction amounts and balances private on a blockchain through encryption, specifically additively homomorphic encryption. What users can see is is the balances of their own accounts and transactions that they are receiving. Zero knowledge proofs are needed to demonstrate to the blockchain that none of the encrypted outputs contain a negative value.
The problem with Confidential Transactions is that they only allow for very limited proofs as mentioned above. zkSNARKs and Zero Knowledge Proofs (ZKPs) which will be described in detail below, allow you to prove virtually any kinds of transaction validation while keeping all inputs private.
Zero Knowledge Proofs (ZKPs) are not new. They were first conceptualized in 1985 in a paper “The Knowledge Complexity of Interactive #proof Systems.” A ZKP is a cryptographic technique which allows two parties (a prover and a verifier) to prove that a proposition is true, without revealing any information about that thing apart from it being true. In the case of cryptocurrencies and blockchains this will generally be data about transactional information.
“A zero-knowledge proof must satisfy three properties:
The first two of these are properties of more general interactive proof systems. The third is what makes the proof zero-knowledge.”
A zk-SNARK (zero-knowledge Succinct Non-Interactive Arguments of Knowledge) is a Zero Knowledge proof that is a way to prove some computational fact about data without revealing the data. Zk-SNARKs are the underlying cryptographic tool used in Zcash and Hawk both of which are building blockchains with ZKPs and both will be explained later. In the case of Zcash these SNARKs are used for verifying transactions and in the case of Hawk they are used for verifying smart contracts. This is done while still protecting users privacy.
A zk-SNARK is a non-interactive zero-knowledge proof of knowledge that is succinct and for which proofs are very short and easy to verify. They can be thought of as little logic circuits that need to generate a proof of statement to verify each and every transaction. They do this by taking a snapshot of of each transaction, generate a proof and then need to convince the receiving side that the calculation was done correctly without revealing any data except the proof itself. The basic operation of a SNARK execution is a coded input into this circuit which can be decrypted.
Since zk-SNARKs can be verified quickly, and the proofs are small, they can protect the integrity of the computation without burdening non-participants. It should be noted that this #technology is just now starting to mature but still has limitations. They are very CPU intensive to generate proofs and it takes up to 1 minute to generate new proofs, so scaling is still an issue that needs to be resolved.
The very first data points for zk-SNARKs will be Zcash which is a combo of distributed state and proof that you own the assets.
Zcash can be described as an encrypted open, permissionless, replicated ledger. A cryptographic protocol for putting private data on a public blockchain. Zcash can be thought of as an extension of the bitcoin protocol. Basically Zcash added some fields to the bitcoin transaction format to support encrypted transactions. Zcash uses SNARKs (ZKPs) to encrypt all of the data and only gives decryption keys to authorized parties to see that data. This could not be done on a public blockchain until now because if you encrypted everything in the past it would prevent miners from checking to see if transactions are valid. ZKPs have made this possible by allowing the creator of a transaction to make a proof that the transaction is true without revealing the sender’s address, the receiver’s address and the transaction amount. Zooko describes this by saying bitcoin has 3 columns, which are the three mentioned above (sender address, receiver address, transaction amount) and Zcash has 4. The 4th column proof doesn’t know the sender address, the receiver address and amount transferred, but it does know that nobody could have created the proof that comes with the encrypted values unless they have a secret key which has sufficient value to cover the amount amount being transacted. This is a proof that the data inside the encryption correctly satisfies the validity constructs. This allows the prevention of double spends and transactions of less than zero.
Zcash is mostly the same as bitcoin. The miners and full nodes are transaction validators. Zcash uses POW that has miners checking ZKP’s attached to each transaction and getting a reward for validating those transactions. Full nodes are the same except that if you have the private keys you can detect if some transactions have money that is there for you. SNARKs make it so that miners can reject a transaction from someone if their private key doesn’t have enough money for that transaction. By keeping all data private except for the 4th column it omits information from leaking onto a private blockchain which allows for everyone to view information about transactions. zCash has selective transparency while bitcoin has mandatory transparency. This means that Zcash can reveal specific things to specific people by permissioning. It reveals specific transactions that anyone looking at them can verify in the blockchain.
Some differences from the zCash whitepaper include:
“Value in Zcash is carried by notes, which specify an amount and a paying key. The paying key is part of a payment address, which is a destination to which notes can be sent. As in Bitcoin, this is associated with a private key that can be used to spend notes sent to the address; in Zcash this is called a spending key.
A payment address includes two public keys: a paying key matching that of notes sent to the address, and a transmission key for a key-private asymmetric encryption scheme. “Key-private” means that ciphertexts do not reveal information about which key they were encrypted to, except to a holder of the corresponding private key, which in this context is called the viewing key. This facility is used to communicate encrypted output notes on the block chain to their intended recipient, who can use the viewing key to scan the block chain for notes addressed to them and then decrypt those notes.
The basis of the privacy properties of Zcash is that when a note is spent, the spender only proves that some commitment for it had been revealed, without revealing which one. This implies that a spent note cannot be linked to the transaction in which it was created.”
Zcash is what’s known as a decentralized anonymous payment schemes (DAP schemes). A DAP scheme enables users to directly pay each other privately: the corresponding transaction hides the payment’s origin, destination, and transferred amount. In Zcash, transactions are less than 1 kB and take under 6 ms to verify — orders of magnitude more efficient than the less-anonymous Zerocoin and competitive with Bitcoin. However the privacy achieved is significantly greater than with Bitcoin. De-anonymizing bitcoin has become much easier through services that track and monitor bitcoin movements and the data associated with it. Mixer services allow for coins to be changed as they move through the system via a central party but this still is not sufficient enough. The zCash whitepaper states:
“mixes suffer from three limitations: (i) the delay to reclaim coins must be large to allow enough coins to be mixed in; (ii) the mix can trace coins; and (iii) the mix may steal coins. For users with “something to hide,” these risks may be acceptable. But typical legitimate users (1) wish to keep their spending habits private from their peers, (2) are risk-averse and do not wish to expend continual effort in protecting their privacy, and (3) are often not sufficiently aware of their compromised privacy.”
The major motivations for ZKPs and the Zcash protocol are 1)privacy and 2)fungibility. Fungibility is being able to substitute individual units of something like a commodity or money for an equal amount. This can be a real problem when some units of value are deemed less because they are considered “dirty”. Hiding the metadata history doesn’t allow for a coin with a bad history to be rejected by a merchant or exchange. Gregory Maxwell said “Insufficient privacy can also result in a loss of fungibility–where some coins are treated as more acceptable than others–which would further undermine Bitcoin’s utility as money.”
Zcash is expected to launch soon and with that the genesis block of the Zcash blockchain. This will allow, like the bitcoin blockchain anyone in the world to mine, for Zcash. It will be an open, permissionless system (fully decentralized). Users will be able to send it to anyone using zero-knowledge privacy.
ZCash’s use of cutting edge cryptographic techniques comes with substantial risks. A cryptographic attack that permits the forging of zero knowledge proofs would allow an attacker to invisibly create unlimited currency and debase the value of Zcash. Attacks of this kind have been found and fixed in the recent past. Fortunately, the metadata hiding techniques used in Zcash tread are more production-hardened and can be considered less risky.
Andrew Miller in his whitepaper: “Hawk: The Blockchain Model of Cryptography and Privacy-Preserving Smart Contracts” has developed a programmable smart contract system which works in much the same way as zCash for smart contracts. Hawk does not store financial transactions on the blockchain and keeps the code of the contract private, data sent to the contract and money sent and received by the contract from the public. It is only the proof that can seen and all other useful information is hidden. Like Zcash, transparency is selective in Hawk and wouldn’t need to be used by all smart contracts but based on use cases and the preferences of the parties involved. It also aims to tackle the isssues of privacy and fungibility in much the same way as the zCash protocol.
The Hawk whitepaper does a great job of describing the motivation for contractual security it seeks to provide for financial transactions:
“While on-chain privacy protects contractual parties’ privacy against the public (i.e., parties not involved in the financial contract), contractual security protects parties in the same contractual agreement from each other. Hawk assumes that contractual parties act selfishly to maximize their own financial interest. In particular, they can arbitrarily deviate from the prescribed protocol or even abort prematurely. Therefore, contractual security is a multi-faceted notion that encompasses not only cryptographic notions of confidentiality and authenticity, but also financial fairness in the presence of cheating and aborting behavior.”
According to Andrew Miller, Hawk is based on several cryptographic primitives. It uses the same zero knowledge proof library as Zcash, which is called libsnark. Hawk also uses custom implementations of a lattice-based hash function, and public key encryption. Hawk uses a jSnark tool which is open sourced.
In Hawk, each party generates their own secret keys. Miller stated that “For each contract, there is also a trusted public parameter, similar to Zcash. The only way to generate these parameters is a process that involves generating a secret value in an intermediate step, which needs to be erased at the end of the protocol. To borrow Zcash’s term for this, it’s like a “toxic waste byproduct” of the setup procedure, and like all industrial waste, it must be securely disposed of. There are many options… we could do what Zcash does and use a multi-party computation to generate these parameters, simply let a trusted party do it (the trusted party only needs to be used once and can go offline afterwards), or use trusted hardware like SGX.”
Miller has said there are some differences between Ethereum contracts and Hawk contracts. Unlike Ethereum, the input language for private contracts in Hawk is C code. A private Hawk contract is not a long running stateful process like an Ethereum contract, but rather a 1-shot contract that proceeds in phases, where it first receives the inputs from each party, and then it computes the outputs for each party. After the outputs are computed, the contract is finished and no longer holds any balance. So, it is a slightly different computing model. Hawk supports both private contracts as described above, as well as public contracts which are exactly like those in Ethereum. (No privacy guarantees are provided for the public contracts, though).
As in Zcash, there are some challenges to blockchain scaling and optimizing cryptographic schemes so they are efficient when using ZKPs. Hawk tries to do as much computation off chain as possible. This is done because in public blockchains on chain computing gets replicated to every node and slows things down dramatically. Producing the proof can take up to several minutes (which is long) and can be costly. Nodes checking the proof only take milliseconds to do that. Data from the whitepaper: In Hawk, it takes about a minute of CPU time for each participant in a Hawk contract. On chain computation takes about 9 to 20 milliseconds.
Hawk has not announced a release date yet as they are still working on optimizing their snark compiling tools to enhance performance.
State channels allow for a payment channels that are off chain and allow for updates to any type of applications that have a change of state. Like the Lightning Network, two or more users can exchange payments that would normally require a blockchain transaction without needing to publish them on the blockchain or wait for confirmations except when setting up or closing out the channel.
Vitalik Buterin explains this in his paper for R3CEV “Ethereum Platform Review“
“State channels are a strategy that aims to solve the scalability challenge by keeping the underlying blockchain protocol the same, instead changing how the protocol is used: rather than using the blockchain as the primary processing layer for every kind of transaction, the blockchain is instead used purely as a settlement layer, processing only the final transaction of a series of interactions, and executing complex computations only in the event of a dispute.
State channels are not a perfect solution; particularly, it is less clear how they extend to massively-multi-user applications, and they offer no scalability improvements over the original blockchain in terms of its ability to store a large state size – they only increase de-facto transaction throughput. However, they have a number of benefits, perhaps the most important of which is that on top of being a scalability solution they are also a privacy solution, as the blockchain does not see any of the intermediate payments or contracts except for the final settlement and any disputes, and a latency solution, as state channel updates between two parties are instant – much faster than any direct on-blockchain solution, private or public, possibly could be, and potentially even faster than centralized approaches as channel updates from A to B can be secure without going through a centralized server.”
State channels aim to address the scalability issues, privacy issues and confirmation delays associated with public blockchains while allowing actors who don’t necessarily trust each other to transact.
For many people all of these cryptographic methods which mask all of the transactional data will come as a surprise. The blockchain is supposed to be a transparency machine in which anyone can join the network and as a result view all information on that network. Even in private blockchains, there is a more open view into the data then the protocols that have been mentioned in this post. Another question which might come to mind is if consensus is even needed since everything is private but the proof. If the proof is only between the two parties involved in the transaction why is consensus needed and why use a public blockchain. It may seem counterintuitive, but the answer is that yes a public blockchain is needed and so is consensus and its due to the privacy of the proofs. Essentially, complete transparency is needed to maintain the privacy of the proofs.
ZKPs and blockchains complement each other. You can’t just use one to replace the other. A blockchain is used to make sure the entire network can agree on some state which may or may not be encrypted. ZKPs allow you to be confident about some properties of that state. In this scenario, you still need a canonical source of truth. A view key that reveals all incoming transactions but not outgoing ones. In order for this to happen, you need a fully decentralized ledger with consensus where everyone agrees with the data written there.
For example, Zcash has data which contains information which is useless and unreadable to most actors. It’s a database of commitments and opaque pieces of data. It’s just a way to synchronize data between actors. (Zooko Wilcox has publicly stated that if Chainalysis graphed this out it would just be a series of timestamps of when a transaction occurred.) In cases where the number of transactions are low, then timing attacks could reveal the originator of transactions, imagine this to be equivalent of just one node connected to a Tor network.
The real emphasis is on the wallet side for actors because this allows them to spend money and move assets around, in bitcoin you can take a private key and move bitcoin. Now it’s more. It’s a private key and a set of secrets you keep to prove previous proof and generate a new proof that you use to convince others. For this, a fully decentralized ledger is needed with consensus where everyone agrees with the data written there.
A blockchain is necessary because you need consensus layer from everyone: It is necessary to have an agreement of proofs in the ledger to move assets around later on, if that proof isn’t available in every node then you can’t convince anyone of the proof when you need to move assets later on. These proofs need to be stored in an open way so the proofs can be seen as being verified and accepted by receiving parties.
There are two different layers: 1) Needs to be agreement on what proofs everyone accepts 2) Needs to be agreement on what you can prove and what happens on proof of zero knowledge and what happens once you know the information. How do you generate proof and pass that information to the next person? The key is to get authority of the transaction by adding a proof or metadata to the transaction with some type of conditional script (if then statements for transaction acceptance). This code contains transaction validity rules. A person sees proof from outside but they don’t know if the rule itself has been triggered or not. Now that have you privacy from ZKPs, in order to comply with the transaction, you need to prove that the transaction abides by the rules. So you can take 2 proofs and create new proofs that the person receiving them can point at and verify that the proof is accepted by the entire network. Once the proofs have a meaning to you based on the rules, you can agree they were proved in the past and can be used in the future to transact and transfer money.
ZKPs are moving out of the realm of theory and becoming production strength. Now is the time to see how practical they are. They are only now going to start having really world tests and they still suffer from big scalability issues. The work of developing a proof is enormous and has massive computation costs. As mentioned before, in Zcash in order to create a proof and move money from someone else it takes between 45 seconds and 1 minute on a really strong computer. Presently, people are working on making SNARKs and ZKPs more efficient by allowing for more proofs per second or for more elaborate proofs in the same amount of time.
Deep changes need to be made architecturally in blockchain technology in order to understand knowledge of ZKP architecture. You need to understand the constraints of what you can prove and at what scale.
Very Special Thanks to Zaki Manian (@zmanian), Andrew Miller (@socrates1024) Jonathan Rouach (@jonrouach), Anish Mohammed (@anishmohammed)
Hawk section provided by Andrew Miller from a series of questions I asked.
[linkedinbadge URL=”https://www.linkedin.com/in/georgesamman” connections=”off” mode=”icon” liname=”George Samuel Samman”] is Blockchain Consultant & Advisor
It’s that time of year again! Today #FinovateFall debuted in New York, where thirty-nine #fintech companies debuted their newest toys to an appreciative, fintech-hungry audience. The #technology presented ranged from the latest in #biometrics, including voice and facial recognition, the latest in how to create insights for big #data use–andRead More
Bank Innovation
#PayPal famously split from eBay Inc. last year leaving many to wonder what their next move would be. Over the years the online-payments pioneer had picked a few unwise fights with heavyweights such as #Visa and #MasterCard. But there finally seems to be a change of strategy.
PayPal sealed deals with Visa and MasterCard that will soon allow customers to select their credit or debit cards as default payment methods rather than just their bank account or PayPal balance.
By calling a truce on their battles with the major card issuers in the industry, it seems the initiative is to promote PayPal as a universally accepted method of payment both online and offline.
It’s refreshing to see #banks, credit card companies, and PayPal putting their differences to one side. Traditional banking had made no secret about being resentful of PayPal’s free bank transfers and heavily promoting its online payment system over conventional banking.
The recent deals seem to satisfy all parties as they realize they are all stronger together than apart. Ultimately, PayPal will enjoy lower fees and obtain a visibility in physical stores for quick and easy payments. MasterCard and Visa will get their hands on customer data they were previously locked out of. But more importantly, they should see a massive increase in online and #mobile payments.
The strategic decision by PayPal enhances their reputation as a universally accepted payment method while card issuers receive much-needed help with their mobile payments initiatives.
PayPal is encouraging its customers to pay using their service as a mobile wallet. The blurry line between online checkouts and those we find in physical shopping malls is close to being torn down. In many ways, 2016 is proving to be a watershed moment regarding payments as users begin to embrace smartphone and contactless payment cards.
Numerous reports suggest the recent deals could subject PayPal to losses in the short term. But it’s clear the online payments giant is playing the long game here. With 157 million active account holders worldwide and widely known as one most common online payment methods, getting Visa and MasterCard on board to pursue the high street is a very shrewd move.
All consumers are essentially carrying around a super computer in their pockets. The ability to book a restaurant table, cab or accommodation on the other side of the world with a few taps of a smartphone screen has changed everything.
The bottom line is that all consumers now have a simple set of 21st-century demands. The choice to pay when, where and how we want in a seamless, simple and secure method. The easier companies make exchanges, the faster they will happen.
The biggest obstacle to widespread mobile payments is industry fragmentation. Platforms such as Apple Pay, Android Pay, and Samsung Pay are all heavily reliant on devices and software. This is not the way it should be. If you replace your smartphone, it should not affect how you pay for items online or offline.
Bluntly put, people want a universal platform that will make it easy to share and spend money. Maybe other businesses will begin to follow the positive example set by Visa, MasterCard, and PayPal.
The simplification and personalization of everything shouldn’t be labeled disruptive. Technology is being interwoven seamlessly and invisibly into our daily lives. If anything, it’s the opposite of disruption. It’s imperceptible.
Businesses that team up in this way and merge their forces have a better chance of underpinning consumer’s lives from the ground up. This unity is a point in case.
[linkedinbadge URL=”https://www.linkedin.com/in/anuragharsh” connections=”off” mode=”icon” liname=”Anurag Harsh”] is Founding Executive at Ziff Davis
Reply