A new partnership is creating an anonymous identity scheme to meet regulators and users in the middle when complying with KYC/AML regulations.
FATF’s Crypto Guidance
The Bitcoin community and friends flipped their sats over the Financial Action Task Force’s (FATF) latest nonbinding guidance for keeping tabs on cryptocurrency activity (essentially, the report recommends that cryptocurrency companies monitor user identities and share this information with regulators if called upon). Folks were particularly torn up over FATF’s prescription for crypto’s equivalent of the travel rule, a statute in banking that requires banks to share information on clients when they transfer over $1,000 to another institution.
This, as you could easily reckon, did not go over well with Bitcoin’s cypherpunk faithful. So, blockchain analytics company CipherTrace and attestation platform Shyft are developing an anonymous identity protocol which, the partners claim, will allow crypto service providers to share information without disclosing user identity. This would mean keeping regulators happy without having to sacrifice sensitive client information — unless regulators sniff out wrongdoing, that is.
Speaking to Bitcoin Magazine, CipherTrace CEO Dave Jevans said that, ironically, cryptocurrencies “coming under such regulation is a good thing” as “it shows that they have grown up and are making an impact on the global financial system.”
He also said that the doom and gloom response from the community is “both understandable [and] a bit overstated,” though “no current solution is in production.” That’s why CipherTrace and Shyft decided to roll their own.
According to a press release shared with Bitcoin Magazine, the partnership wants to mediate between government officials, crypto companies and cryptocurrency users by creating a proof-of-knowledge identity protocol that doesn’t relinquish user information. In function, this would resemble something like a zero-knowledge proof, which is a cryptographic function that allows one party to reveal that it knows certain information without conveying the information itself.
The solution involves a smart contract platform with shared access between exchanges and other relevant cryptocurrency service companies. This cryptographically secured tool will facilitate an identity hub that will satisfy FATF’s crypto travel rule while also keeping the true identity and information of each user concealed.
“A blockchain will be used as an identity database where all contents are encrypted, and key management is used to only allow access to receiving or sending parties as required. Using privacy preserving encryption we can fulfill requirements of verifying that sender and beneficiary information is recorded, and associated with VASPs, but the privacy of the counterparts is preserved,” Jevans told Bitcoin Magazine.
This doesn’t mean that exchanges and regulators won’t have access to personal info if the situation arises, however, but there needs to be “just cause” to do so. The data bridge will allow its overseers to disclose information “when compelled to do so by legal authorities,” though this is already something that happens today (see Coinbase forking over user information to the IRS, for example).
Though “regulators typically do not request client information,” Jevans told Bitcoin Magazine. “In very rare cases regulators may request client information if there is an action against a non-compliant company,” he continued,”but, regulators almost never do this. It’s typically the job of investigators or prosecutors to perform individual investigations.”
Jevans continued to say that the solution “complies with GDPR,” making it favorable to regulators in the EU, and he said that “there is general acceptance of privacy preserving technologies as long as regulatory requirements are met.” CipherTrace has been in talks with FAFT and other regulators since early 2019 about its ideas, and the company will be speaking with Congress on July 18th to share its solutions further.