User Owned KYC
Kinto is an L2 rollup designed to accelerate the transition to an on-chain financial system. It features permissionless KYC/AML and native account abstraction to solve the two biggest blockers to mainstream adoption: compliance and user experience.
One of the main differences between Kinto and other L2 blockchains is its KYC functionality. In Kinto, this KYC requirement is enforced at the blockchain level. Users are asked to KYC before they can send txs or create contracts. However, That doesn’t mean that Kinto is permissioned, has access to any data, or that the PII is tied to the user’s blockchain identity.
This blog post will explain how Kinto provides KYC functionality while remaining open, non-custodial, permissionless, and credibly neutral. Kinto puts the users in charge of the KYC process.
💪 Power to the people
Kinto network users are in control of the KYC process through two different mechanisms:
Governance of Kinto will curate the list of KYC providers available in the network. Network participants can onboard new KYC providers and increase the number of choices available.
When a user first visits an application on Kinto, she will be asked to identify herself. The user can then pick their desired KYC provider between the alternatives curated by governance.
You can see how this process works from a user perspective below.
👐 Everyone can join
It’s important to mention that neither Kinto nor any single KYC provider can prevent you from joining the network.
You don’t need permission from any single company or individual, yet all the other participants in the network require you to adhere to the same rules; you need to identify yourself before coming in. All the other participants and nodes in the network enforce this rule.
📁 How is user data stored
As we saw above, Kinto allows users to pick the data provider that they trust with their data. User data is handled according to three important tenets:
- Kinto doesn’t own or store any personal data. None. The smart contract Kinto ID only has flags identifying whether a user has KYC’d, accreditation, and whether or not there are AML violations in different jurisdictions.
- Personal data is stored in the KYC provider chosen by the users. Personal data include address, date of birth, and government ID. Only the most trusted and secure identity providers are available in Kinto. Information stored in these providers doesn’t include your wallet address so nobody can link your account. Even in the unlikely scenario that they suffer a security breach, your on-chain account is safe.
- Personal data can only be accessed with permission from the user. User needs to sign messages giving permissions to applications built on Kinto. These applications will call an API with the signature to receive the data granted from the user. You can read more about how this process works in the docs.
🚨 In case of an emergency (hack, fraud or an exploit), governance and only governance can send to the KYC provider the information needed to link the PII with the blockchain account of the user.
💳 Our KYC Partners
In order to remain credibly neutral and provide more control and protection for our users, we have decided to partner with different KYC providers versus operating one ourselves.
These partners are experts in securing personal data and take the utmost precautions safeguarding it. They have never suffered a security breach. We are happy to partner with Quadrata and Synaps as our initial KYC providers.
Quadrata is the Single Sign-on for Compliant Web3. They have quickly established themselves as one of the KYC leaders in the web3 landscape. A solution that has onboarded thousands of users onto crypto safely.
“The Quadrata Passport, empowers Web3 companies with an easy-to-integrate, privacy-first identity token. Streamline your KYC/AML, KYB, and wallet screening processes, U.S. accreditation, and geolocation & age-based controls”
Synaps is one of the undisputed leaders of KYC in the crypto ecosystem. They have performed millions of verifications for major players like Polygon, Moonbeam, Polkadot or 1Inch.
“Synaps is a crypto-native Identity verification provider and a decentralized identity protocol Issuer. Synaps offers solutions ranging from humanity validation to regulated KYC/AML and KYB processes”
We will continue to develop partnerships with the best providers to offer more choices for Kinto partners and users.
👨💻 Is KYC needed in crypto at all?
Finally, it is worth addressing the main elephant in the room:
Should KYC be needed in crypto at all?
DeFi has grown a lot in the last few years. However, it is still relatively small in market cap versus the asset management industry. We need to reach as many people as possible to maximize value creation. Providing a clear way for institutions to use open-blockchain networks that meet their regulatory and compliance requirements can increase the size of our industry by several orders of magnitude.
We want to onboard these institutions to public open infrastructure. We don’t want them to create a private network or panopticon-like CBDCS.
Currently, KYC is the standard for financial institutions and financial services companies to establish a customer’s identity and identify risk factors. KYC procedures help prevent identity theft, money laundering, financial fraud, terrorism financing, and other financial crimes.
Cryptographic and privacy technologies are advancing rapidly, and we hope that, in the future, better standards and technologies like Zero Knowledge Proofs will be accepted by regulatory bodies worldwide.
However, if we want to reach billions of people today rather than in the next decade, we need to offer a way for financial institutions to get on board right now. They need a way to meet their compliance and legal requirements today.
Kinto is coming soon.
Stay tuned — we’ll be announcing our launch soon! Follow us on Twitter and join our Discord to get the latest updates.
The best is yet to come!
