Privacy on Blockchains
Secure and compliant blockchain transactions with Zero-Knowledge Proofs
Companies across a wide spectrum of global industries are exploring paradigm-shifting innovations powered by distributed ledger technology, like blockchain, to help solve core business challenges.
Supply Chain
Mitigates supply chain risk and facilitates product provenance
Insurance
Expedites claim handling processes and reduces fraudulent claims
Finance
Optimizes capital markets and shortens settlement and clearing times
The Privacy Challenge
While the potential for blockchain to transform industry processes and greatly improve market efficiencies is already clear, the transparent nature of DLT is a significant obstacle to wider adoption. Companies that join a blockchain consortium cannot openly expose sensitive transactional data on a shared ledger that is used by competitors. They are also constrained by local data privacy regulations such as the GDPR. A new type of privacy-enhancing solution is needed to guarantee confidentiality and protect business interests in the nascent blockchain era.
Solution Description
QEDIT's enterprise-grade Private Asset Transfer solution employs Zero-Knowledge Proof (ZKP) cryptography to make blockchains practical and accessible to enterprises. At their core, ZKPs allow one party (the prover) to assure another party (the verifier) their data is valid without exposing underlying confidential information about the data. In the context of an enterprise DLT, ZKPs can be used to generate mathematically-sound proofs that attest to the integrity of an asset transfer without revealing raw transactional details.
QEDIT's blockchain privacy layer is powered by proof-generating ZKP nodes that are owned and operated by companies in a blockchain consortium, and can be deployed on top of any type of DLT infrastructure in a cloud or self-hosted environment.
Companies with a QEDIT node can issue and transfer assets by generating ZKPs for each transaction that gets executed on the network. Other nodes can confirm the validity of the proofs, but cannot see sensitive details like who transferred what, and how much, to whom.
A QEDIT console that interacts with a company's node can be used to generate wallets for issuing, sending and receiving fungible or non-fungible digital assets.
Blockchain privacy for supply chain companies
In this example, competing manufacturers, distributors, resellers and logistics companies are members of an electronics supply chain consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to enhance supply chain traceability and ensure product provenance.
When a new order is received by an electronics chip manufacturer, the company uses its QEDIT wallet to issue new tokens – digital twins of the chips that will be sent to the customer. A ZKP that attests to the validity of the token issuance that is broadcast to the network. Other nodes on the blockchain can validate the integrity of the proof but cannot see private details about the issuance.
Once the order is prepared for shipment, the manufacturer hands off the package to the designated forwarder and transfers the digital twins to the forwarder's wallet. A ZKP generated by the manufacturer's node affirms that custody of the package has changed hands. Proofs for all subsequent asset transfers are recorded on the blockchain until the package arrives at its final destination. No nodes, other than those owned by the direct parties to a transaction, can learn any confidential information about the manufacturer's sales volume, pricing or trade partners.
Throughout the supply chain journey, the manufacturer has access to a private view key that enables them to track custody of the package while it is in transit. This key can be selectively shared with the customer, auditors or insurers to provide a time-stamped record that proves who was liable for the package at each leg of the journey.
As demonstrated in the example above, members of the supply chain consortium rely on a Zero-Knowledge blockchain to ensure provenance as assets move efficiently along the supply route. QEDIT's privacy layer keeps sensitive business data belonging to market participants off the ledger and out of competitors' hands.
Blockchain privacy for insurance providers
In this example, competing health insurers, reinsurers and hospitals are members of an insurance consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to optimize the claims handling process and stop duplicate claim fraud – they seek to prevent an individual with multiple policies from reusing the same hospital bill to recover more than his or her out-of-pocket expenses.
When a client undergoes a medical procedure, the hospital uses its QEDIT-powered wallet to issue tokens that are equivalent to the value listed on the patient's invoice. The hospital's node simultaneously generates a ZKP that attests to the validity of the issuance and publishes it on the blockchain where other nodes can confirm the integrity of the proof but cannot see any underlying details about the issuance.
A private view key that reveals the hospital's token issuance can be shared with relevant insurers to provide a time-stamped record of private transactional details that are necessary for claims processing.
Once invoice-backed tokens have been issued by the hospital, they are sent to a patient's wallet and can be transferred to insurers when claims are filed. Whenever the tokens change custody, a ZKP is generated and propagated to the blockchain. These proofs provide security assurances against double-spends and ensure that the policyholder is never able to redeem more than 100% of the value of the original invoice.
As demonstrated in the example above, the possibility of duplicate claim fraud is prevented when using a Zero-Knowledge blockchain. Equally important, the policyholder's privacy is preserved, and sensitive business information is kept off the QEDIT-secured ledger – competing insurers are unable to know whether they share customers or see what contribution other insurers have made to a specific claim.
Blockchain privacy for stock exchanges
In this example, a stock exchange, banks, corporations, brokerage houses, and auditors are members of a securities trading consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to enhance capital market efficiency and reduce clearing and settlement times from T+2 to T+0.
When securities are issued by a bank or corporation on the primary market, their QEDIT node creates security-backed tokens for subsequent trading on the secondary market. A ZKP is generated to authenticate the issuance as defined by the rules of the exchange and, if required for regulatory compliance, the details of the issuance are made public on the ledger.
In parallel to the issuance of security-backed tokens, the stock exchange can use its QEDIT wallet to privately issue and sell tokens representing currency, which are used by traders as a medium of exchange on the secondary market. When ZKPs are generated for these purposes, other nodes on the network can validate the integrity of the proofs, but cannot learn any confidential information about the transactions.
Traders in the secondary market can use their wallet's built-in atomic swap functionality to execute asset transfers. QEDIT's atomic swap protocol allows buyers and sellers to communicate directly, bypassing clearinghouses, and construct a transaction that gets committed to the blockchain upon signing by both parties. These transactions include a ZKP that attests to each party's ability to transfer its assets to the other party. Once the off-chain construction of the swap is complete, the transaction is committed to the blockchain and immediately creates ZKPs generated by both parties. These atomic swaps provide security guarantees against double-spends and, with the exception of the transacting parties, no other nodes can view private transactional details.
Each wallet owner possesses private view keys that reveal their confidential transactional history. These keys can be shared with authorized third parties, including auditors and regulators for compliance purposes.
As demonstrated in the example above, a Zero-Knowledge blockchain eliminates the need for manual reconciliation of accounting discrepancies between independently-maintained ledgers. QEDIT's privacy layer ensures a safe trading environment by keeping sensitive financial details off the blockchain, while atomic swap functionality eliminates the need for intermediaries and reduces clearing and settlement time to T+0.
