Privacy-Enhanced Blockchains

HomePrivacy on Blockchains

Background

Companies across a wide spectrum of global industries are exploring paradigm-shifting innovations powered by distributed ledger technology, like blockchain, to help solve core business challenges. The ability to securely transact with untrusted parties and transfer digital assets over a synchronized, immutable ledger has broad appeal in the enterprise space, particularly within the supply chain, insurance and finance sectors:

Supply Chain — mitigates supply chain risk and facilitates product provenance

Insurance — expedites claim handling processes and reduces fraudulent claims

Finance — optimizes capital markets and shortens settlement and clearing times

While the potential for blockchain to transform industry processes and greatly improve market efficiencies is already clear, the transparent nature of DLT is a significant obstacle to wider adoption. Companies that join a blockchain consortium cannot openly expose sensitive transactional data on a shared ledger that is used by competitors. They are also constrained by local data privacy regulations such as the GDPR. A new type of privacy-enhancing solution is needed to guarantee confidentiality and protect business interests in the nascent blockchain era.

How can companies embrace DLT without leaking sensitive business information?

How can private transactional data be kept off a shared ledger without compromising the double-spend security assurances provided by blockchain technology?

Solution Description

QEDIT’s enterprise-grade Private Asset Transfer solution employs Zero-Knowledge Proof (ZKP) cryptography to make blockchains practical and accessible to enterprises. At their core, ZKPs allow one party (the prover) to assure another party (the verifier) their data is valid without exposing underlying confidential information about the data. In the context of an enterprise DLT, ZKPs can be used to generate mathematically-sound proofs that attest to the integrity of an asset transfer without revealing raw transactional details.

QEDIT’s blockchain privacy layer is powered by proof-generating ZKP nodes that are owned and operated by companies in a blockchain consortium, and can be deployed on top of any type of DLT infrastructure in a cloud or self-hosted environment. Horizontally scalable “proof-chaining” technology, which breaks large, computationally-heavy proofs into smaller proofs for fast parallel processing, facilitates excellent performance in a high-volume transactional environment.

Companies with a QEDIT node can issue and transfer assets by generating ZKPs for each transaction that gets executed on the network. Other nodes can confirm the validity of the proofs, but cannot see sensitive details like who transferred what, and how much, to whom. Public affirmation that no double-spends have occurred is achieved through the storage of openly verifiable ZKPs, rather than raw transactional data, on the blockchain ledger.

A QEDIT console that interacts with a company’s node can be used to generate wallets for issuing, sending and receiving fungible or non-fungible digital assets. QEDIT wallets support a broad range of enterprise-critical features including advanced auditing tools to uphold regulatory compliance, atomic swap functionality for instant clearing and settlement of asset transfers, receipt issuance to confirming incoming deposits, and the ability to assign a user-defined asset type to newly-issued tokens. A high-level SDK and API are available for app developers and third-party integration.

See how QEDIT’s Private Transfer Solution provides a privacy layer for the VMware Blockchain

TRY IT OUT

Blockchain privacy for supply chain companies

Supply Chain Use Case

In this example, competing manufacturers, distributors, resellers and logistics companies are members of an electronics supply chain consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to enhance supply chain traceability and ensure product provenance.

When a new order is received by an electronics chip manufacturer, the company uses its QEDIT wallet to issue new tokens — digital twins of the chips that will be sent to the customer — and a ZKP that attests to the validity of the token issuance that is broadcast to the network. Other nodes on the blockchain can validate the integrity of the proof but cannot see private details about the issuance.

Once the order is prepared for shipment, the manufacturer hands off the package to the designated forwarder and transfers the digital twins to the forwarder’s wallet. A ZKP generated by the manufacturer’s node affirms that custody of the package has changed hands. Proofs for all subsequent asset transfers are recorded on the blockchain until the package arrives at its final destination. No nodes, other than those owned by the direct parties to a transaction, can learn any confidential information about the manufacturer’s sales volume, pricing or trade partners.

Throughout the supply chain journey, the manufacturer has access to a private view key that enables them to track custody of the package while it is in transit. This key can be selectively shared with the customer, auditors or insurers to provide a time-stamped record that proves who was liable for the package at each leg of the journey.

As demonstrated in the example above, members of the supply chain consortium rely on a Zero-Knowledge blockchain to ensure provenance as assets move efficiently along the supply route. QEDIT’s privacy layer keeps sensitive business data belonging to network participants off the ledger and out of competitors’ hands.

Blockchain privacy for insurance providers

Insurance Use Case

In this example, competing health insurers, reinsurers and hospitals are members of an insurance consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to optimize the claims handling process and stop duplicate claim fraud — they seek to prevent an individual with multiple policies from reusing the same hospital bill to recover more than his or her out-of-pocket expenses.

When a client undergoes a medical procedure, the hospital uses its QEDIT-powered wallet to issue tokens that are equivalent to the value listed on the patient’s invoice. The hospital’s node simultaneously generates a ZKP that attests to the validity of the issuance and publishes it on the blockchain where other nodes can confirm the integrity of the proof but cannot see any underlying details about the issuance.

A private view key that reveals the hospital’s token issuance can be shared with relevant insurers to provide a time-stamped record of private transactional details that are necessary for claims processing.

Once invoice-backed tokens have been issued by the hospital, they are sent to a patient’s wallet and can be transferred to insurers when claims are filed. Whenever the tokens change custody, a ZKP is generated and propagated to the blockchain. These proofs provide security assurances against double-spends and ensure that the policyholder is never able to redeem more than 100% of the value of the original invoice.

As demonstrated in the example above, the possibility of duplicate claim fraud is prevented when using a Zero-Knowledge blockchain. Equally important, the policyholder’s privacy is preserved, and sensitive business information is kept off the QEDIT-secured ledger — competing insurers are unable to know whether they share customers or see what contribution other insurers have made to a specific claim.

Blockchain privacy for stock exchanges

Securities Trading Use Case

In this example, a stock exchange, banks, corporations, brokerage houses, and auditors are members of a securities trading consortium. Each participant is running a QEDIT node that is connected to an enterprise blockchain designed to enhance capital market efficiency and reduce clearing and settlement times from T+2 to T+0.

When securities are issued by a bank or corporation on the primary market, their QEDIT node creates security-backed tokens for subsequent trading on the secondary market. A ZKP is generated to authenticate the issuance as defined by the rules of the exchange and, if required for regulatory compliance, the details of the issuance are made public on the ledger.

In parallel to the issuance of security-backed tokens, the stock exchange can use its QEDIT wallet to privately issue and sell tokens representing currency, which are used by traders as a medium of exchange on the secondary market. When ZKPs are generated for these purposes, other nodes on the network can validate the integrity of the proofs, but cannot learn any confidential information about the transactions.

Traders in the secondary market can use their wallet’s built-in atomic swap functionality to execute asset transfers. QEDIT’s atomic swap protocol enables buyers and sellers to communicate directly, bypassing clearinghouses, and construct a transaction that gets committed to the blockchain upon signing by both parties. These transactions include a ZKP that attests to each party’s ability to transfer its assets to the other party. Once the off-chain construction of the swap is complete, the transaction is committed to the blockchain and immediately settled. ZKPs generated for atomic swaps provide security guarantees against double spends and, with the exception of the transacting parties, no other nodes can view private transactional details.

Each wallet owner possesses private view keys that reveal their confidential transactional history. These keys can be shared with authorized third parties, including auditors and regulators for compliance purposes.

As demonstrated in the example above, a Zero-Knowledge blockchain eliminates the need for manual reconciliation of accounting discrepancies between independently maintained ledgers. QEDIT’s privacy layer ensures a safe trading environment by keeping sensitive financial details off the blockchain, while atomic swap functionality eliminates the need for intermediaries and reduces clearing and settlement time to T+0.