The Findora Improvement Proposal That Will Bring Auditability to Privacy
FIP-2 is a recent community proposal that would create auditable assets on Findora. These assets could be audited by the issuer but would remain protected on-chain from public view.
Important Points
- FIP-2 proposes the creation of Auditable Privacy-Preserving Assets (APPA), tokens that issuers could track for the sake of regulatory compliance, internal audits, and forensic investigation.
- These tokens are an optional new class of asset, not necessarily a token standard, available for Web3 developers to use in their decentralized application.
- APPA opens many new use-cases for developers and institutions, especially for stablecoins, built on the Findora blockchain.
- FIP-2 is the first step in auditability using zero-knowledge proofs, and Findora hopes to use similar technology for on-chain IDs and KYC.
What is FIP-2?
FIP-2 is a comprehensive design for auditable assets and is one of the first constructions of its kind. It enables Findora to offer an asset class that no other project currently offers, though many have discussed it.
Essentially, FIP-2 creates a new asset class called Auditable Privacy-Preserving Assets or APPAs. Institutions that issue APPAs will be able to see their movements, even though their movements won’t be visible on-chain. Only APPA issuers can audit these assets and provide transaction data, if necessary, for standard reporting and/or criminal investigation.
FIP-2 is not a response to recent drama regarding blockchain privacy. It’s a feature that has long been on Findora’s roadmap and one that distinguishes Findora from other privacy projects.
Why Privacy Needs Auditability
Privacy is not only an expectation but also a financial primitive — businesses and individuals rely on it. However, safety, accountability, and trust are also financial primitives, ones that aren’t capable in many existing privacy projects. To build a financial system with privacy, there must be room at some point for auditability.
Many will probably ask such questions as: What is the point of auditability in a privacy chain like Findora? Isn’t the point to make it so that assets can’t be audited? Is this a case of a feature looking for a problem?
As it turns out, many institutions have been asking for something like FIP-2. It would allow them to move major capital into Web3, something they haven’t been able to do because of the inability to protect user data, guard proprietary trading secrets, and comply with the many stringent reporting regulations in the financial sector.
The primary use case for FIP-2 is centered around stablecoins issuers. They would be able to comply with OFAC regulations and keep liquidity in DeFi. The ability to audit their tokens would allow them to identify tainted tokens so that their users could reject them, and allow them to use stablecoins to set up prepaid debit cards for easy transactions.
APPAs would allow institutions to conduct internal audits, prevent money laundering, and expose any illicit activity or fraud happening with their assets. It’s another key feature on Findora that would make web3 more practical and attractive to institutional capital.
What FIP-2 Is Not
It is important to be clear about a few things FIP-2 does not do.
FIP-2 Is NOT Mandatory
FIP-2 is not a proposal to turn all assets on Findora to APPAs. Instead, it creates an optional class of assets that projects can choose to use if they want. Findora users can choose whether or not they want to use APPAs.
FIP-2 does NOT Apply to FRA
FRA is the native token of Findora and is completely decentralized. If a private transaction occurs with FRA, it cannot be tracked publicly. FIP-2 does not change that. Further, FRA cannot be frozen even by the Findora Foundation. Findora and its FRA native token would remain permissionless, accessible to all, and freely tradable.
FIP-2 does NOT Affect Decentralization
APPAs issued by a centralized entity, like USDC or USDT on Findora, could be frozen because any asset issued by a centralized entity can be frozen. APPAs aren’t creating a centralized asset, they are giving centralized or decentralized issuers another tool in the toolbox when issuing assets. If the issuer wants APPAs to be centralized, they will be. If the issuer is decentralized, so will be the APPA. In either case, the issuer will have the ability to track and audit the APPAs actions.
APPAs are Auditable, NOT Public
FIP-2 creates a class of assets that can be audited ONLY by the issuer. Transaction data involving APPAs will still be private on-chain so that not anyone can look it up or track movements. This allows businesses and trading firms to protect trade secrets while meeting regulatory requirements.
FIP-2, we believe, sends a strong message that while Findora will protect the rights of all people to privacy, it is not a suitable place for illicit activity. Criminal activity can be exposed on Findora, and Findora will always work to protect its users from it.
The Technical details
APPAs will work by adding an “auditor’s memo” to transactions that record the input and output data of the transaction.
There are two main privacy-preserving protocols on Findora that APPAs will need to work with: the Maxwell construction and the Zerocash construction.
The Maxwell construction is instantiated by Bulletproofs and normally allows for transactions where the amount and token type is hidden on-chain. However, when an APPA uses this construction, the token type will not be able to be shielded — only the transaction amount.
The Zerocash construction on Findora is used for Triple Masking, a way to shield the amount, token type, and wallet addresses involved in a transaction. For auditable assets, the triple masking protocol will enforce the sender to provide a correct “auditor’s memo,” while still having the same privacy guarantees as existing assets. The existing assets and auditable assets can be used in the same transaction, which enables interoperability and backward compatibility.
In FIP-2, for now, auditable assets would be restricted to the UTXO chain only and not permitted on the EVM chain until a future FIP extends the auditability to the EVM side.
For more details, read FIP-2 here.
An FIP-2 Future
FIP-2 is one of the first Findora FIPs and we believe a huge advancement for the project. Auditability is a key component of any financial system, and giving Findora users access to that functionality will be key. There are many use cases for such technology and many more are sure to come when it is deployed.
APPAs created by FIP-2 won’t affect the decentralization of the Findora chain and won’t affect FRA. FRA will remain a decentralized, permissionless asset anyone can use. APPAs are another tool that token issuers can leverage to comply with regulations, audit transactions, and create new web3 financial products.
But FIP-2 is only the beginning. As mentioned above, FIP-2 has long been on a roadmap that has many other exciting future stops. Findora hopes to one day use similar ZKP methods to make KYC more secure and less centralized. Instead of companies keeping vulnerable servers full of customer data, perhaps they can simply store the proof of that data. Instead of going through cumbersome and intrusive KYC procedures, maybe all users need to do is show proof of who they are, who they are not, and any other verifiable data without revealing it.
It will be exciting to move to a world where our relationship to data completely changes, from needing to deal directly with it to simply exchanging proofs of data.
That is still a long way off in the future, but APPAs and FIP-2 are the first steps in that direction. Findora welcomes community feedback and encourages comments and questions on Twitter, Discord, and Telegram.
