Vishal Gupta of Diro Labs
Full video and transcript below.
On April 10th, Mattereum hosted the third Internet of Agreements® (IoA) conference at the Google Campus in London. IoA® is a vision for global supply chains and logistics, integrating national laws and regulation with international commerce through the application of technology such as blockchains and smart contracts.
Vishal opened his talk with the claim that identity is the biggest problem in the blockchain industry, perhaps even in technology as a whole, followed by a rapid survey of attempts to tackle the problem, starting in the earliest days of the Internet. He highlighted the identity siloes that are currently operational and the alarming $6 trillion cybersecurity problem they have engendered. The rest of his talk consisted of a brief explanation of Diro’s framework as well as two useful diagrams of the limitations and tradeoffs of any identity system.
Vinay joined him in a conversation that covered a broad spectrum of identity considerations including more details on Diro’s identity application, which allows for secure identity via crowdsourced contact directories and social recovery of credentials and keys.
Identity stuff is absolutely the most critical stuff you can ever imagine in the blockchain world and in the tech world. The Internet was basically a network of devices with storage, started in 1973, you kind of start connecting machines together and that’s what it was.
Decentralisation is a network of private keys and public keys. What blockchain is is you have this network of keys where you can exchange value, you can store value on it, it can be shared as property, anything. So the Internet was a network of data exchange, and ledgers is exchange of value.
This is how IP addresses looked in 1973, and this was how we used to use the Internet back in… I was not there, but still, it was all IP addresses. In 2009, this is how private keys and public keys look like even today.
In 1983, this is when we invented the domain name system and it became human readable, and this is how the blockchain is going to look in the future: it’s going to become aliases, probably similar to your contact database.
It took us another 10 years to realise how to discover these domain names on the Internet. In 1993 we came up with Yahoo! and we started discovering all these domain names. In blockchain there’s a privacy issue, you can’t really put a public database of identities, so most likely it’s going to be a private network and it’s going to be sitting in your contacts book. It could be you’re going to discover these identities based on your school, college, clients, vendors, user directories of office, home, family, stepfamilies — that’s where it’s all going to sit. Maybe it’s Facebook, but they need to decentralise. I don’t think people are going to now accept centralised systems anymore; we’re moving to a different, shared economy, shared communities, community-owned stuff, that’s where we’re headed.
Identity silos, this is how the world exists today. There are too many identity silos, contacts is on silo of the database, the starting point of the database. Then you have social networks which are most of the time disconnected from your contacts, then you have CRM/CIM systems running separately, they have identity systems running in them which are not connected to anything else. You have apps and cloud which ask for permission to get all your contacts, put them on the cloud, and the cloud services have their own identity databases. You have government IDs, AML/KYC stuff running around, which are disconnected again, you have wallets and passwords, you have password managers like LastPass or OnePass where you have all these passwords, and they are technically all identities, which are disconnected again. Then you have employee directories which are active directories, LDAP is mostly what it is. Then you have ERP and payroll systems running on the other side which are sometimes not connected to your active directory.
This broken identity system causes a six-trillion-dollar problem, it’s one of the largest problems we have right now. All the cybersecurity issues we see, where we have no idea where these packets are coming from, we don’t know who hacked your wallet and where the money went, this is because we can’t track those people, there’s no accountability in the system.
This is how we think the blockchain works. Currently there are solutions on blockchain which say they are solving identity problems, and they think that solving KYC and AML is good enough and that probably we’ll have our identity system working on blockchain, and then some of them go forward and solve the authentication problem along with identity, and this is where the whole industry is. Whenever we talk about identities, we have to talk about access management. The use case of identity is actually the access part: it gives you access to different services, systems, processes, and this is where the money is, this is where the industry exists, which we are ignoring today on blockchain. This is what the standard is in the access management, the global standard of. You need to have directories, you have contacts, you can enable services for large groups of people in one go, so you need to have LDAP and you need to have directories running — that’s what all the Fortune 500 companies use.
This is what people understand, this is what our moms and dads and friends and family and kids would understand: contacts is what they are used to in dealing with identities, they don’t deal with other things every day. This is where it’s going to all sit, so all these things will get linked together. When you have these contacts books, they also give you social graphs. When you’re using a phone, you’re calling your mom, dad, friends, family, clients, vendors, it kind of validates your identity every day, and that’s the best place to build an identity system, where it can be trusted and you can actually have a social recovery of your keys, social recovery of your credentials or whatever. That’s the place where validation happens, and it’s decentralised, you don’t need a central authority for that.
And when you are calling these people, Dialer is probably the best place it can sit, because we need human verification. You can’t rely on textual stuff; there has to be a little bit of biometric verification. For example, if I call my mom and talk to her for three minutes, she knows it’s me, and if the devices are signing each other in the background, decentralised, it’s pretty easy to kind of see that it’s a real person. Let’s say my password gets hacked tomorrow and somebody downloads the same app and my identity on another phone, they can’t talk to my friends and family, and therefore the system is going to know who is the real Vishal, you can distinguish and restore, so it makes it resistant in a way.
When you have contacts and phone books, the new standard of thought today… Evernym and Sovrin were here on the stage, they’ve been involved in developing the standard of thought here, which is DIDs. DIDs is the new standard of thought, that’s where identities exists, and all relationships are going to have different identities so that there’s no external correlation. Those DIDs need to sit somewhere, and most likely that’s going to be your phone, and that’s where all these keys are going to be exchanged in the background.
These directories are going to give contextual access in the world. It’s important for let’s say in the future, in the AR/VR world, you go to a restaurant, the system needs to know who the wait staff is and who’s the clients are, who the premium clients are, so the contextual access is driven by directories again. So the directory systems is pretty important for identity to exist and give contextual access.
Let’s talk about problem space, where the problem is. This is my personal thought, it’s not validated yet and I’m proposing it here. Transactions can either be private, or transparent or public. On the other side, identities can be either anonymous or pseudonymous, or on the other side they can be accountable. This kind of limits any decentralised system to one single edge. Any decentralised system will have the problem of privacy versus accountability, that’s where I think the whole government and people are struggling: do we build accountable systems, or do we build privacy? Unless you centralise that a little bit, it’s impossible to solve that problem. That’s what I’m struggling with personally in building our systems.
For example, if if you have privacy/anonymity here, you kind of create a Dark Web in a decentralised system which is censor resistant, and the governments aren’t going to like it, they’ll most likely regulate it out and shut it down eventually, if they can get their hands on it, especially when they’re linked to the financial system. We have this organisation called FATF, the Financial Action Task Force, and they are responsible for dealing with terrorism and money laundering and child trafficking all these things. They have been creating rules, the countries together have been creating rules how to stop the money flow and how to stop organised crime from skipping jurisdictions, and these guys really have the power to cut off fiat supply to for cryptocurrencies. Unless we solve this problem, I think we’re not heading anywhere, we can’t expect mainstream adoption. This is one of the biggest challenges we have in this space.
So transparency and accountability, that’s government stuff, and this is what we prefer: accountability with privacy. But that creates another problem, at least that’s my theory: if you have a decentralised system, you can either have privacy or accountability. If you try and to both, you have to kind of go less decentralised, so you need to kind of build an insurance. This is where indemnity insurance comes in so that there’s somebody who is taking the risk off the table.
Vinay: That covered a lot of ground really, really fast! [laughter]
Vinay: And I’m not sure anybody understands what it actually does. So, let us break down what it is that it actually does. You have an app that sits on your phone that pools all of your contacts into a structure that allows you to share address books with other people, and the cryptography keeps the address book sharing controlled.
Vishal: Yes. In a decentralised system you need somebody to manage the trust. We kind of trust the cryptography in the background to do its job so that nobody manipulates the stuff, and there’s no central control from the company side or the community side.
Vinay: So you have a set of protocols which are designed by the company in a central way, the application sits on the phone, and all of your information is only pooled with your friends.
Vishal: Yes, so it kind of creates a shared pool of contacts. We can create multiple pools like that, they can have a private pool.
Vinay: So every time that we have melodrama because somebody doesn’t have somebody else’s phone number inside of the company, like you have a new hire and somebody needs to call them and you don’t have their phone number, I think, “Why the heck are we not using Dira?”
Vishal: Yeah, it makes sense. We have the iOS version ready, and…
Vinay: I know, but we’re on Android. [laughter] So, this is the kind of base layer: that’s the app, that’s what it does. Talk to me a little bit more about the longer-term vision, and specifically how this looks in India as opposed to here, where we’ve got schemes like GOV.UK’s Verify system. Give me some notion for that picture.
Vishal: What we’re really trying to build I think is the equivalent of a domain name system for the Web. You need the identities to be human readable and human useable, and in the background the cryptography can run, but it has to be hidden from the users, so it has to be manageable. That’s one side. And whenever we talk about identity, we have to talk about access management; if you don’t talk about access management, you’re really doing an incomplete job. How I see identity is on one side you have the use case which is the access management, and on the other side you have the concerns, which is privacy and are these entities legal, are they correctly released?
Vinay: When you’re talking about identity here, identity is a word that means different things to different people. What we’re not talking about is hard, legal identities that are bound to passports. What we’re talking about is something which is much softer, closer to say Facebook’s model of identity than the tax office’s model of identity. Is that right?
Vishal: Yeah. We’ve put a different spin on this: I think where the blockchain is going… I agree that there’s different models of identities, but now I think we’ve arrived at a self-sovereign identity model where really it starts with the private key, where you own that private key and you have control of that private key, and you can park your public key on a blockchain which nobody can replace. That is the core seed of identity, and you can keep building layers on top of that.
Vinay: Blockchains are great for doing namespace management, they’re an excellent fit for DNS-shaped problems. If you only have one blockchain and you register a name in that blockchain for what it is that something is going to be or how it’s going to work, that’s a very good use case for blockchain, in the same way that certificate revocation is a good fit for blockchain; when something goes wrong and you lose a key, you publish the revocation to the blockchain and there’s only one place to look for it — they’re good for that.
But when you say identity, you don’t really… There’s a nuance here, which is it’s much more like the kind of InsurePal model of identity where you’re defined by your social relations, than the government’s model which is basically an SKU for humans
Vishal: This is where we are trying to take everybody into the future, where all these identities, you have a 360-degree view of the identity system. Once you have a self-sovereign identity, which is your public key and private key, and you start building things on top of that… One is the social KYC which verifies all the identities, and the second what we’ve built is actually a way to capture… This is a tech we built which is pretty new, and I think it’s pretty transformative. What it does is you can go to any website, we can ask the user to go to any website, you log into your bank account or your utility provider, and you do Ctrl+P and create a PDF. The PDF captures the SSL certificate along with the PDF, and it does a hash of the whole document and puts it on blockchain, not the document but the hash. So now you have this document which can be verified by anybody independently, and now you can insure such documents and you can insure the identity based on that.
Vinay: Let me break this down, because this is a completely magnificent hack, it’s one of the most awful things I’ve ever heard of; I remember the first time we talked about this, it was like an hour of me just going, “Oh no, you did not do that.” [laughter] If you go to a website that has the padlock on it, the padlock has encrypted the connection that you have with the website and you’ve proven that you’re talking to the right website, so there’s a measure of cryptographic security there, to which they basically added a secure screenshotting service that allows you to prove, with a reasonable degree of certainty, that the image that you are looking at on your screen can be shown to somebody else with the padlock in place, so it allows you to prove that you saw something on an encrypted website to third parties. It’s not military grade crypto all the way through, there is still a trust element, but it’s pretty impressive, and it could be built into the browsers in the next generation.
Vishal: We had to build a separate browser for this, because the existing browsers aren’t strong enough.
Vinay: Right, but in the future they could do it.
Vinay: That’s an example of taking the public key infrastructure of the Web and extending it in new directions. And the PKI on the Web is at this point 20 years old, so it’s quite surprising that there are any new tricks to discover there.
Vishal: Yeah. I was surprised that nobody figured it out before us.
Vinay: Frankly, it’s such a completely weird idea… It took me a long time to wrap my head around it, like “Wait, you’re just faking the document signature?” Because the Web as a standard could sign all the documents that came off encrypted websites.
Vinay: We could apply digital signatures, but we just don’t do it, because we, generally speaking, don’t use digital signatures. Part of the reason that there’s such a revolution of blockchain is because we’re just not using digital signatures in the way that we could. Every document you get from a government department, from a utility company, all the rest of that, all of that stuff could be digitally signed so you could prove what you were given when, but we don’t do it.
Vishal: Here’s what I’m dealing with: I think there’s a very, very strong urgency to solve this KYC problem, which is mostly a remote KYC problem, where they have non-face-to-face accounts, we have wallets running around… I think it’s all going to get shut down, if we don’t solve this problem, it’s one of the most hard-pressing problems we have. On the other side, we can’t expect the world to retool itself, so we need to come up with a hack which solves this problem right now and that government can accept, in a reasonable, accountable way.
Vinay: There’s two sides to the KYC problem: there’s the commercial risk, which is doing business with Nigerians is hard because there’s so much Nigerian scam mail, and then there’s the regulatory risk, which is you’re a bank and you lose your license because you took in money that you weren’t supposed to take in, and the regulatory risk is almost entirely defined by regulatory action. You have to lobby the government to change their regulations, if we’re going to change the way we do KYC for regulatory risk. For commercial risk though, it’s a different story; you just need enough information about somebody that you can trade with them.
Vishal: I’m more concerned about the regulatory risk, because if we don’t solve that, the government is going to come down pretty hard on it. I think we are due for an update from FATF, the G20 guys met last month and they deferred to FATF. And FATF already has a view on things, they published in 2013–2014, where they want all these non-face-to-face accounts to have… they’re classified as high risk, and just doing a customer due diligence, CDD and EDD, which everybody is required to do, is not possible today.
Vinay: This is the kind of paradigmatic shift, that while the blockchain was seen as being some weird nerd game, people like that didn’t worry about what was happening on the blockchain. The posterchild for this problem is Monero or Zcash, platforms where it’s impossible to KYC; Bitcoin, you could go through an identify source of funds. In fact, I have this discussion going right now, where I say to people, “Look, suppose that you’re somebody who mines Bitcoin in your bedroom in 2011, holds it for seven years and then sells it to a regulated hedge fund. There’s no doubt at all at this point that this is categorically clean money. In the same way, if the money went backwards and forwards through the Silk Road half a dozen times, it would be categorically dirty money.” What we don’t have is any comprehensive mechanism for cleaning Bitcoin, by verifying that it’s not contaminated by criminal activity. You could kind of see how this begins to look like the incentive structure for KYC in the existing Bitcoin balances, because if you KYC and the state will accept that they are clean, then you can re-onshore those funds. But if we’re in a position where it’s all default dirty and we don’t use the fact that the ledger tracks the transactions to do the audits, then we’re left in a position where all of the money is dirty. It’s not just the KYC process going forward that matters; it’s also the KYC process going backward, to take the existing Bitcoin fortunes and actually render them back into real money.
Vishal: I think we’ll have to do a compromise here, because there’s already too much dirty… I don’t know, we have no stats on this, we don’t know how much dirty money there is. Look, I think it’s definitely better than cash.
Vinay: On the order of 10% of the global economy is dirty money.
Vishal: I think blockchain is far better than using cash in the economy, so this definitely has to go mainstream, we just need to get the systems around it. There’s two things stopping it: one is regulatory risk, which is AML/KYC, and the second one is the user experience, which is we somehow need to hide the private keys and public keys.
Vinay: Yep. Do you think the AML/KYC problem is a lobbying problem? Is it a case of getting new regulations passed, or is there some other approach to it?
Vishal: I think they already have a structure in place called New Payment Methods, NPMs, and they already have a structure in place that they expect people to follow. It’s just that nobody was applying it to cryptocurrencies, and because of the big run-up last year we got the attention now.
Vinay: So you think that basically there’s enough money in the crypto ecosystem that these folks are starting to care.
Vishal: Yeah, everybody cares right now, I think blockchain is making all the big news and it’s going to continue to make bigger news.
Vinay: What do you think the interaction will be between the old political philosophy of the blockchain, which is libertarian and private and all the rest of that, and the incoming KYC/AML regimes? How do you think that interface plays out?
Vishal: We will have to find a way to coexist together. [laughter]
Vinay: With Zcash in play? Does that sound…
Vishal: These Dark Net systems are difficult to shut down, decentralised systems have this problem of accountability, so government needs to kind of… I think government does a good job. Sometimes central power is abused and it needs to be checked, so you need these parallel systems also to kind of stay alive at some point, but at the same time not cause problems for the whole world.
Vinay: This sounds like we’re basically saying that we’re going to muddle through, that it’s a process where the people that want to use the blockchain for real work will develop KYC systems that will kind of sort of work, and the people that are outright black hat crooks are going to wind up using platforms which provide total anonymity, and in between there will be some kind of grey area. Something like that?
Vishal: Yes. I think we don’t have a choice, because these systems are censor resistant, you can’t really shut them down
Vinay: I did some analysis on what the vulnerabilities were of Bitcoin, and yeah, you totally can. But that’s not a technical problem; that’s a regulatory problem. Before we wrap up, I want to go back to the Indian context. Talk a little bit about the interaction between this notion of a kind of phone book-based identity that’s only shared between you and your friends, and the Indian government biometric ID systems. Because it seems like these are…
Vishal: Opposite extremes?
Vinay: Yeah, exactly.
Vishal: Aadhaar has brought a sea change in how India is working today, it’s been a lovely change in terms of the user experience today. For example, last time when I went back to India I lost my SIM card, and all I had to do is just walk into a store, do my thumbprint and I got the SIM card, they didn’t even ask any questions, so it’s a beautiful user experience today.
Vinay: Wow — that’s miraculous!
Vishal: Yeah, it is.
Vinay: I mean, if we had that in London right now, how much better would our lives be?
Vishal: Imagine if you could just walk into a bank account, just do a thumbprint, your bank is open and you can just walk out. So the user experience is beautiful. The problem is 5–10 years from now, when all these Aadhaar numbers are going to be externally correlated and we’re going to get discriminated against, where people are using external data to reject your interviews or reject your insurance.
Vinay: Right, because biometrics plus Facebook’s mass surveillance is a whole different thing than biometrics where it’s only stored on your phone and a few people around you maybe for backups.
Vinay: It seems like there’s an assumption here that biometrics automatically rolls into largescale surveillance databases, either private, commercial databases or public, security databases. It doesn’t actually have to be that way, does it?
Vishal: I’ll tell you the big problem we have in this system: once you give up control to the central body, like Aadhaar or Facebook or the US government, the central state becomes so powerful that they start abusing their power and you have no option but to do it. Even if you vote Trump into power… I don’t know how much power he has today… It’s a good thing right now, but sometimes these powers are abused, and if government starts lying, we…
Vinay: Yeah, there’s certainly a very unfortunate history. The 20th century was one long story about government abuse of databases.
Vishal: If in India the government starts using Aadhaar data to kind of hack the democracy again, we would have a big problem. So decentralising is definitely the way to go in the long run.
Vinay: Okay. The last thing I should probably mention is we’re not related. [laughter] We often get this, and it’s quite funny.
Comment: Show us your phonebook.
Vinay: Yeah. There’s actually another Vinay Gupta who started a company in London called WhipCar, and for about two years after they launched I got emails congratulating me for my transport innovations. [laughter] Anything else you want to say before we wrap up?
Vishal: No. Thank you, thanks for having me here! [applause]
All materials from the conference: http://internetofagreements.com/identity/
Join the telegram https://t.me/mattereum