Joseph Weinberg at SFBW 2018: Battle for Trust — The Future of Identity
The following is adapted from remarks made by our Chairman, Joseph Weinberg, at his talk “Battle for Trust: The Future of Identity” at San Francisco Blockchain Week.
The concepts behind Shyft actually started to take shape about three and a half years ago. I was working on what was called the Liquid Network with a company called Blockstream. We were looking at early ways to build systems that allowed cooperation and collaboration to occur on Layer-2 and Layer-3 scaling solutions for the Bitcoin network, and from this question came a lot of other questions: how would you effectively enable competitors that had a requirement to also collaborate in environments like Bitcoin exchanges? How could you build federated systems that would allow us to do things a bit differently but still get the same results?
So this and these early kind of ideas and federated systems and federated design, we started to look at other applications and use cases beyond just scaling Bitcoin transactions. And so this is kind of where the early precursors of Shyft’s idea came from: how do you build more systems in the same kind of framework that would allow us to do different things like enable KYC or regulatory services but do it in a way that was more privacy-enhancing than how we do it now? I mean, this whole ecosystem is about sharing information. It’s also all about collaboration, and at the end of the day what we’re trying to do in this ecosystem is understand how to better communicate. This is what it’s all about: more private ways of communicating and sharing information. Money is just a form of information. It’s just data. So the question is how do we build new systems that allow us to do these things and for the majority of people in the world that have access to that. That’s the big question.
Of course the irony in this whole data problem is that as we began to rely more and more and more on devices and systems, we began to trust them less. There’s a couple of fundamental problems that we have today that I think our ecosystem is is positioned to transform and change, and of course data is highly insecure. That’s probably an understatement in most contexts. It is not handled properly and we basically are going through processes of replication every single time we, say, sign up for a new service or we try to go into work at a bank or whatever it might be. And the biggest problem is that data is not impartial, which means that it is actually not a reliable factor or methodology for building credibility. So there’s no ability for me to say I have certain pieces of data that I can trust more or less than others. So this is a big problem and informs how I think of identity.
I hate the word “identity.” If anyone is telling you they’re building identity on a public network, you should run immediately, because that is probably the worst thing to do. And I think that there’s a big conversation here that asks why, and is identity even the problem? In my opinion, It’s actually not the problem. I think it’s a different contextual problem. And at Shyft the way we’ve kind of looked at it is that we looked at what is really the issue: the issue is actually about trust and about credibility and trustworthiness in environments. What we believe at Shyft is that credibility should act as your collateral, not your identity information, in environments that require us to come to sign up to your services every day. So can I effectively pull things, using other systems to prove that I am who I say I am without ever having anyone know my name, my passport number, my birthday? This really came from the question that we initially solve, which is why does an ICO need my passport? That is probably the most insecure thing to give, but there’s not really that much of a better way of doing things.
What we’ve been working on at Shyft is a three-party system in any type of environment. Effectively what you have is you have a person that holds data or that owns their data. You have third-party providers, whether it’s a bitcoin exchange, a bank, a government service, a telco, it could be an ICO as well, that effectively we provide or collateralize our information with today, and then you have another party that is looking to effectively use that information capacity. So we should be able to use those other parties like that Bitcoin exchange to cross verify that, in fact, “Hi, Mr. ICO that I’m coming to sign up to invest in, I can actually attest or use proofs that you know Bitfinex has on my identity that I’ve already actually validated and stored with them to prove that in fact I am credible as a person an individual to do business with.”
This is kind of the big focus, and so what we wanted to do was to look at if you could rethink the way that identity works, what would you effectively do? And so the goal is at the end of the day as I said is to kind of build trustworthiness and credibility and to not allow information on who I am to actually be blinded. And so we we looked heavily at how you look at private and public key cryptography as a way to effectively validate or verify the authenticity of users or participants in a network, and basically assign attestation, or what we call proofs, that in fact that information is valid and that other parties can now attest to the validity of people or different institutions or scenarios as well.
The big misconception about the crypto space is that this is only about technology. I would disagree with that. The reality is is that these systems are working in environments start with humans. For those that do you don’t know, the OECD was formed right after the fall of Nazi Germany. The OECD was actually built by Western organizations in what was called the Marshall Plan. The Marshall Plan was the plan to rebuild Western Europe after the war, and the intent of what the OECD looked to do was to work on global governance with countries all around the world to ensure systems that dealt with governments, businesses, and people in any environment within those three were to ensure that there was better policies for better lives overall. And this is a really important thing. So about a year and a half ago what we started to do and what we started to recognize even earlier than that in the crypto space was that if we were not the ones involved in that conversation, we would effectively not be involved in the conversation that was going to regulate us either into existence to innovate or out of it. And this became a very glaring problem and I commend all the early companies in our space in the exchanges that dealt with the early days of regulation, because there was none, and it was some of the hardest times. It still is today in how we start to work with the traditional world.
What we really set out to do was to make sure that we had a seat at the table on behalf of our ecosystem as we were starting to see this regulatory conversation heat up. And so this is not just people behind closed doors. These are the grassroots people from this ecosystem that have been here since before crypto was cool, the early innovators in the space, from Blockstream to Rootstock and so on. And we effectively have been sitting there for the last six to eight months working with the G20 and the Financial Stability Board in order to ensure that the conversations within the G7 and G20 are actually ones that are based on education, the principles of what crypto and our ecosystem is really about, not what people just assume, because if we go with assumptions we won’t be here, and the innovations that can be built in the space will not be able to see their true potential. And so this is really what we focused on. Earlier this year myself and two colleagues actually independent of Shyft we wrote the first regulatory policies for the government of Bermuda. Within three months we effectively took ideations and whiteboards with all of the coordination that the government of Bermuda had and in three years passed the regulatory and legislative frameworks into law with the government.
What’s happened is that within OECD member countries and non-member countries, that legislative framework is now being adopted in multiple countries around the world. Mauritius has basically come out as the second country to date that is now working on that same framework. I’d say that by the end of next year, expect 13 to 15 countries with nearly universal legislation that gives clarity and comfort towards understanding, how do we regulate and how do we actually work in this space more globally as we start to integrate into the traditional world. And so we’ve been busy at Shyft as well; we’ve been working for about 16 months in core development. We’ve also been actually working on use cases, because what we recognize is that if you don’t have use cases, then it’s kind of useless. And so we’ve worked on a bunch of projects and a bunch of different kind of announcements across the board. What I want to highlight is with the government of Bermuda themselves, for the last eight months, we’ve been working on the identity system with the governments. That’s been in full development since our announcement, in coordination with financial institutions, telecommunications providers, central registries of the government of Bermuda, and their Department of National Security. This coming year you’ll actually see the first pilot deployments of that system for the whole country, and then expanding into the crypto companies that are actually coming to land in Bermuda, and so that’s a kind of an interesting real-world use case that’s actually underway. And so we have two more projects to announce today that we’ve been working on pretty heavily as well.
We’d like to announce two new countries we’re working with. So we’re following the creation of the Mauritian Legislative Framework in Mauritius with the announcement that the Financial Services Commission, which is effectively the SCC of Mauritius, will be onboarding as a trust anchor into the Shyft network, and both the FSC as well as all of its partner institutions across the country will be using the network to help us better onboard and provide more privacy and data services for companies that are coming into Mauritius, and hopefully that extends into wider use cases both within the country and across jurisdictions. The idea is for countries like Bermuda and Mauritius to all start speaking the same language as it pertains to our space. Last but not least, we’ve been working with the government of South Australia for both the better part of six months, and are today announcing a partnership with them and Data61, who actually invented Wi-Fi. They’re the research division of the Australian government, and we’ll be working with them to help the states in coordination of both identity and data services in their state and across jurisdictions as well, so there’s much more to come.
— — — — —
For more information on Shyft, please visit shyft.network.
Join our Telegram (https://t.me/shyftnetwork), follow us on Twitter (https://twitter.com/shyftnetwork), GitHub (https://github.com/ShyftNetwork) and other channels found on https://www.shyft.network
