zCloak Space Script: How does Real-World Identity (RWI) Aid DeFi Projects to Develop?
zCloak Network organized an online panel at 8 p.m. Beijing time on June 3, 2023, titled “How does Real World Identity (RWI) Aid DeFi Projects to Develop?” The founder of zCloak Network, w3tester, the founder of dForce, Mindao Yang, and the founder of Chaintool, Yi, attended this online panel. The following is a documentary transcript of it.
【Introduction of the Speakers and Projects】
Cassiel: We will mainly discuss two keywords tonight: RWI and DeFi. Most audiences are quite familiar with DeFi, it remains one of the fastest-growing business models in the Web3 industry. For RWI, most of the audience may not be that familiar. And zCloak has always been committed to providing Real-World Identity infrastructure for Web3 users, so let’s look forward to w3tester’s sharing. Meanwhile, if the audience has any questions or ideas, you can communicate with our guests during the Q&A session at the end. We will invite 1–2 audiences to connect and exchange ideas. Next, let’s have our guests say hello and introduce themselves and their related projects to the audience.
w3tester: Frankly speaking, we are a Real-World Identity project, what we are trying to do is to make users’ Web2 identity data available in the Web3 world. During this process, we found that Web2 has a varied range of data, so zCloak tries to provide services for users based on different scenarios, for example, for personal data, we focus on helping users use their own data on-chain while protecting their privacy by our zk-SBT technology; for organizational data, we use multi-attestation to help bind the institution’s identity and on-chain address together. Thus, we can realize the RWI services for RWA. And I’m really looking forward to discussing with Mindao and Yi how to use RWI technology in the current environment.
Mindao Yang: Hello everyone, I am glad to be with you today. dForce has been working on DeFi since 2019, our business covers stable coin lending, DEX as well as RWA. As early as 2020, we issued a gold token, converting the gold token from ounces to grams. The RWA topic is particularly hot recently, so we are also working on some integration cooperation with zCloak. The main point is how to introduce “identity” into DeFi, what’s more, the industry is introducing T-Bill assets as the underlying collateral for DeFi. So I’m delighted to discuss RWI and DeFi with you and share some of my views and experiences.
Yi: Hello everyone, in short, Chaintool is a one-stop risk control platform for Web3. You can also take it as a platform to provide Anti-Money Laundering(AML) services for the Web3 community. Of course, AML is only part of our services, and the other part is anti-fraud service. For Chaintool, our ultimate vision is to build an identity system that combines on-chain and off-chain information, or a Web3 credit score system. Going back to today’s topic, I believe the most relevant point is the need for KYC. Traditional KYC may seem like an invasion of privacy, but considering compliance or safety, I think we have to make a choice. And based on some on-chain technological developments, such as zCloak’s Zero-Knowledge Proof(ZKP) technology, we think that we can make it a foundation for future KYC service development. Let’s look forward to its development.
【General Question Discussion】
Cassiel: Once again, I‘d like to thank all of our guests for taking the time to join us for today’s discussion. Let’s start with the first question: As one of the core business forms of Web3, how do you see DeFi’s development trend? And does its development meet the expectations of investors and project parties? Besides, Mindao just mentioned that dForce has always been committed to building a unified open financial protocol network, in other words, a one-stop financial platform. So shall we start with your opinion, Mindao? Do you think the development of DeFi projects in the future will tend towards a more unified form, or will it tend towards a more flexible combination of small and medium-sized specialized projects?
Mindao Yang: Before I got into the DeFi industry, there were already DeFi applications from 2013 to 2014. And BitShares appeared earlier than Ethereum which only launched its main net in 2015. Although there was no DeFi at that time, some financial practices were already present. Looking at the entire Crypto industry now, I believe that only the financial sector got developed, i.e., DeFi. From dForce’s first lending protocol in 2019 to June 2020 and up to last year, we have actually gone through a cycle in DeFi, and that cycle has ended. What’s more, I also think the last cycle’s crypto bull market was driven by DeFi. And we can see that TVL rose from about $1 billion in 2020 to a peak of $200 billion before falling back down, so I think DeFi has made an indispensable contribution to the entire Crypto world.
Later we launched GOLDx, which was the first project to bring Real-World Assets(RWA) on-chain, mainly using gold tokens. Now after the whole DeFi Summer, the competition in DeFi is fierce, and the projects are becoming more and more specialized. But if we look at the whole cycle, we can clearly see a strong trend of integration in the industry, including both horizontal and vertical integration. For example, Arweave developed its business from stable coin to lending; then Curve’s project ranges from DEX to making stable coins, and Maker DAO worked from publishing stable coins to lending, and it may also do DEX in the future, so I think this is a very clear trend. And I think this is mainly due to DeFi’s primary principle, capital efficiency. Therefore, DeFi projects will ultimately compete in terms of capital efficiency. To improve capital efficiency, we need to improve on every track, and obviously, making a protocol matrix or integrating multiple protocols together can achieve the best capital efficiency. Just like us, we can make a reserve for stablecoins, can be used for lending and DEX, so this is a very obvious trend.
As for RWA or RWI, we saw some projects making related attempts in the last cycle, but after FTX failed, it caused a chain reaction to the DeFi projects‘ failure, which actually greatly affected institutional lending businesses, causing a large number of bad debts. So I think later we can also analyze which RWI models are viable and which models may need to be validated.
Cassiel: Thank you for sharing, Mr Yang. Now, do w3tester or Yi have any thoughts on the future development of DeFi projects?
Yi: In fact, I have communicated with Mindao several times, mostly to understand and learn about DeFi projects. As he just shared, the future direction of DeFi is definitely towards a unified, full matrix due to the primary principle. From our perspective, there might be a problem with current DeFi projects, most of them generated profits on-chain, and traditional DeFi projects have lost much of their appeal, whether from a systemic risk or security perspective, especially compared to some offline assets like the US dollar or risk-free, high-return products such as T-Bills. In this case, we think RWA could become a significant advantage. Essentially, it makes more users reach and enjoy such high-quality assets through DeFi. Therefore, I believe the combination of DeFi and RWA is a great opportunity. Maybe w3tester can share some ideas then.
w3tester: Many thanks to Yi. I’d like to mention a little bit of the background: Mindao is totally an OG in the domestic DeFi industry. There’s no one in the DeFi world who doesn’t know him. And then I’d like to echo what Mindao and Yi have shared. As Yi said, if we compare the current on-chain DeFi market’s total value locked (TVL) with the running financial systems in the real world, it’s almost negligible. But DeFi has many advantages, like dealing with various issues in the real financial world, such as settlement delays, the complexity of cross-border transactions, tracing the flow of capital in a supply chain, confirming everyone’s participation activities, etc. DeFi has a natural advantage. So, we think DeFi can do more than just yield farming or trading, although these are important parts. If we can bring RWA into DeFi, even just a part of it, I believe RWA could circulate with the help of DeFi protocols and its excellent infrastructure. And it will greatly assist the development of the entire DeFi world, even the Crypto world. So today, we also want to discuss how we can get this done.
Yi: I’d like to summarize the shares of w3tester and Mindao. Previous DeFi was more of a platform or a tool. It circulated more Crypto assets. Now things may be getting different, we can treat it as a platform, or focus on its tool attributes, and use such tools to enable regional assets to circulate globally, promoting the entire asset trade, including its high-efficiency clearing and settlement capabilities and cross-border payment capabilities. I think this might be the significance of RWA and RWI. But there are many bottlenecks in this process, which I think is one of the points we may discuss today.
Cassiel: Thanks to Yi for the addition and also many thanks to w3tester and Mindao for the wonderful sharing on the first question. As we can see from the sharing of our guests, the expansion of our current DeFi projects still has lots of limitations. After all, at this stage, credit business is still guaranteed by high collateral or over-collateralization to ensure the capital safety of the projects, and this may be essential due to the trust issue of Web3 not being perfectly solved. If we can somehow connect users’ offline financial data with the DeFi projects effectively, could this help our DeFi projects realize a future low or even zero collateral model? When it comes to RWI, which should be a field where zCloak excels. So next, I’d like to invite w3tester to share with us how ordinary users understand RWI and what visible applications it may have in the future DeFi or even the Web3 world.
w3tester: Recently, Real World Assets (RWA) have become very popular, which is not only popular in the Web3 industry but also in public opinion, including news, and everyone’s daily discussions. Before this, we also observed that various big moves have emerged in the industry. Some large head exchanges like Binance and other projects have developed very well. Regarding RWA, we think that without the help of RWI (Real-World Identity), it is difficult to make RWA sense. Everyone knows that the real world of finance has certain rules. Each country has its own regulatory rules and laws. Although we hope to trade freely in the market, all these financial activities take place within the existing legal and regulatory framework.
But now in the Web3 world, everyone is very accustomed to the “mighty wallet”, after connecting the wallet, all functions can be used, which brings every Web3 user a permissionless experience. This is also a key point that attracts many users to DeFi. So when we introduce RWA into DeFi, we find that some real-world rules will also come to the DeFi world. For an asset, who is qualified to issue it, who is qualified to package it, sell it to others, and even who is qualified to buy this product? All these questions come along with it. A simple example will be easier to understand, as Mindao just mentioned, it is similar to projects like government bonds, most of the U.S. government bond tokenization projects on the market require KYC on clients and then allow participation in the project. That is to say, the rules for trading an asset in the real world extend to the Web3 world with the on-chain of RWA. However, the traditional Web3 world is permissionless. Everyone may have some on-chain identity information, but these are not related to their off-chain identity, such as nationality, investor level, risk tolerance, etc. Therefore, we found that when we want to introduce RWA into the DeFi world, it seems necessary to provide a new infrastructure, that is RWI infrastructure, a mechanism for Real-World Identity for Web3, which allows everyone to use their real-world identity information in the Web3 world.
Besides, Blockchain is naturally public and transparent. The information on it can be seen by everyone. However, when such an infrastructure is used for identity, there is an inherent problem that is difficult to solve the issue of privacy. Users definitely do not want to reveal their names, ID, and home address to everyone, even a piece of transaction information. So the first problem we face is how to help these traders use their real-world identities while protecting their privacy. This is the first level.
The second level is for investors, who are qualified to carry out RWA activities or sell related assets in the Web3 world. Each country has its administrative regulations on asset tokenization and asset certification. When a project party publishes these projects to the public, they need a license, for example in Hong Kong. We have been discussing what can be tokenized before and found that most of the actions must fall within the scope of regulation. When an asset is sold on chain, how can users see the identity of the institution behind this asset? Which regulatory agencies have approved or audited it? Have they been checked by accounting firms? Is there insurance protection from insurance companies? All these endorsements and checks in the real world are actually also related to identity and need to be expressed on chain. In terms of the on-chain trading environment, lots of on-chain assets are based on smart contracts, so whether the code is written correctly or not involves auditing issues. If there is a problem with the code, it may cause great loss to users. So when we interact with on-chain assets, how can we value the security of these assets? zCloak thinks we can introduce a new concept, which is also part of RWI, that is asset identity, such as a token, a security issued on chain, or a mortgage, all of these assets can have their own identity. Its identity may include the rating results, insurance profile, audit results, and a summary of related information. And we hope that when users interact with these assets, they don’t have to go to some websites or other places to find that information, they can directly find them on chain and then invest with confidence. There are a few points I just mentioned, the first is the identity of the investor, the second is the identity of the asset issuing organizations, and the third is the identity of the asset itself. zCloak’s RWI infrastructure wants to solve all of the identity problems based on these three levels. Thank you.
Yi: I’d like to share my views on the identity problems, based on previous private communications I had with w3tester. I think identity largely refers to our traditional KYC and KYB. Regarding KYC, T-bills are currently very attractive and nearly zero-risk assets and such high-quality assets have a threshold for purchasing, so KYC is a necessary way to access them. I believe if we want to develop a compliant product, even by DeFi, purchasing or selling high-quality off-chain assets will likely require KYC. But now, most traditional crypto assets such as Bitcoin, Ethereum, or CEX trading platforms, have not done KYC. Hong Kong needs to issue licenses because many large funds, old capital, or organizations will only enter the market if the asset is compliant. Compliance of assets means that the holder of the assets has to make corresponding compliance actions, so KYC is mandatory. Therefore, I think KYC services allow users to purchase off-chain assets through DeFi projects and make it easier for our crypto assets to be accepted by the mainstream capital market.
However, the traditional KYC solutions still have problems, the user experience during KYC can be quite poor whether on Alipay or a compliant exchange like Coinbase. Different institutions have different risk preferences and business stages, so their KYC setups also differ from each other, but it’s quite common for them to have a drop-off rate exceeding 5%. This is due to two reasons: one is the experience, for example, if the system can’t recognize the user’s photo after the user‘s several tries, they might give up; the other point, especially for Web3 projects, some projects don’t have a good reputation. During the KYC process, the project team can obtain users’ information, which is a big concern for users. Therefore, after discussing with the zCloak team, we unanimously agreed that zk-KYC could be implemented using zero-knowledge proof technology, handing the data generated during the KYC process to the users to address their privacy concerns. At the same time, the project team can conduct the necessary compliance investigations, which I believe is a win-win for users and the project team. Lastly, through a decentralized form, we can avoid the problem of a centralized institution controlling the certification judgment. So cooperation with zCloak not only demonstrates the advantages of zk-KYC in terms of anonymity but also shows the possibility of a decentralized solution.
w3tester: Recently, zCloak and Chaintool jointly launched an on-chain KYC event, through which we hope to help everyone start using their personal KYC results on-chain by privacy-protecting ZKP tech.
Yi: The purpose of this event is mainly for users to experience the process of on-chain KYC. Everyone can go through each step, and we won’t collect any real information. Perhaps in the future, we may consider doing real KYC based on users’ trust. Besides, it’s important to clarify that even if people use their real KYC information in the future, we still won’t collect any piece of the information. What we do is just connect with some KYC channels and then issue the corresponding credentials to everyone, which will be stored in the user’s local zkID Wallet. So we hope users can use the zk-KYC method to log in to as many platforms as possible, while they only need to do KYC once, which is very meaningful for improving the security and compliance of Web3. Therefore, I’m particularly looking forward to zCloak’s effort in this field.
Cassiel: I have a question for Yi regarding KYC. As Web3 emphasizes decentralization and privacy, KYC may cause discomfort among the original users of Web3. Even in our recent on-chain KYC event, we can feel some resistance in the process. What do you think could be the reasons for this resistance? How can we minimize this resistance in the future, and encourage users to have a more open attitude towards KYC?
Yi: OK, I believe this resistance is due to a lack of acceptance for traditional KYC solutions. For early users of Web3, there is a strong belief in decentralization and absolute anonymity. However, anonymity requires a balance. For example, I might be more willing to deal with someone if he/she has undergone KYC, regardless of whether I know his/her real name or not, because I can seek redress if something goes wrong. Of course, before any fraudulent activities occur, we are anonymous to each other. So, there has to be a trade-off between KYC and absolute privacy on the security level. Perhaps the majority of users remain anonymous under normal scenarios; however, when a security issue arises, we may have to accept the fact that there is a possibility of law enforcement. When law enforcement officials have the appropriate legal basis, whether it be court orders or other certificates, institutions should cooperate and provide the relevant KYC information to the regulatory authorities. From my perspective, this is a necessary compromise. There is no absolute privacy, giving up some privacy within controllable ranges can make the whole ecosystem better. Of course, we’re still exploring at this stage, and we don’t expect every user to accept this immediately, but I believe most users are pragmatic, they can make good choices.
w3tester: KYC is an important part of RWI. For general users, if they want to invest in a financial product in the real world, even a slightly more formal bank will conduct a risk tolerance level assessment for them. By now, Web3 users highly approve of permissionless, it is a good thing. However, when it comes to KYC, everyone is averse, especially recently a lot of projects have taken a lot of similar measures against coupon clippers, which has caused a lot of resentment against KYC. But as Yi just mentioned, if KYC is inevitable in certain scenarios, then we need to provide a way to minimize the friction between users and KYC as much as possible. For example, if a user originally needed to do KYC three times, and now they only have to do it once, that would be a solution.
Yi: Yes, some things that the industry couldn’t accept in the early stages are necessary. Currently, many people like to use crypto assets to solve the problem of funds. In AML, there is a very simple method called the travel rule to monitor this issue. The KYC information of the initiator and receiver of a transaction must be conveyed between institutions, and all compliant exchanges must conduct this. So in the future, if you want to deal with compliant institutions, even a simple transaction will require KYC information, which is a trend. When regulators find a transaction or an address suspicious, or when a transaction triggers a security alert, law enforcement officers can follow the law enforcement process to extract the KYC information of the relevant DID. I think this is a possible way to popularize on-chain KYC on a large scale in the future.
Cassiel: Thanks for w3tester and Yi’s sharing about the importance and necessity of KYC in Web3. I would also like to ask Mindao, what kind of assistance do you think RWI can provide for DeFi projects? If there is, in what form could it be?
Mindao Yang: Actually, I think there’s a misunderstanding about RWI and RWA, some Web3 OGs may also think that this is not DeFi, not Crypto. The biggest asset category in the Crypto market is $130 billion stable coin USDT and USDC, and their issuance is 100% after the KYC process. They are 100% with identity. Because minters are required to go through KYC and identity verification before they are allowed to mint. But from the DeFi level, after minting, a large amount of USDT and USDC are circulating in the secondary market, and their original identity information has been lost at that stage. So people think that RWA or RWI must always follow the assets, which I think is a common misconception about identity. So, if we understand DeFi in essence, it’s a permissionless network, which refers to its service level. It’s not that having identity verification or KYC makes it a permission network. Besides, of the addresses that everyone is currently using in almost all DeFi projects, 99% of their identities are non-anonymous. For example, when you withdraw coins from an exchange, your identity information is already known. That’s also the reason why it’s not that easy to hack on-chain. Many hackers return the money after stealing it because many of their identities have been discovered, or they can be found by IPs. This shows that in the whole Crypto or DeFi system, the identities of most people are not 100% anonymous, but the users themselves don’t know it.
So, RWI is already hidden in the exchange layer. Everyone’s identity information is already exposed to some extent, but it does not affect the operation of DeFi protocols at the permissionless level. Of course, you can also enhance privacy through various means or even change the address to be completely anonymous. So I think many people’s misunderstanding is that they think RWI and DeFi are totally contradictory. Currently, more than half of the $200 billion in the entire T-Bill is stable coin assets, which are assets tied to identity. But stable coin assets are really circulating on the market, about 80%-90% have nothing to do with identity, so even if the issuance has gone through KYC or identity verification, the identity has been resolved by the time it reaches the circulation link. Therefore, in DeFi, the asset side needs KYC and permission, but it can be completely permissionless and anonymous at the circulation stage.
All of the T-Bill assets require KYC at issuance, circulation, and trading stages, and it does not just require typical exchange KYC, it needs to pass the qualified investor certification, and there’s a clear asset identification standard. The advantage of DeFi over traditional finance is that it can trade 24/7, so its permissionless level is higher than that of traditional finance. Thus, I believe that RWI has been in use since 2020 at the asset issuance end, especially at the core asset issuance end, including the on-chain stock trading issued by FTX, and some on-chain protocols for stock tokens.
In my opinion, the next phase of the combination of RWI and DeFi is at the user interaction level. We may bind real-world identity with the user’s account using zk methods. The advantage is that we can bring many traditional financial use cases into DeFi. In the past, DeFi assets were only about one to two hundred billion dollars in scale, but traditional financial assets are about 400 trillion dollars, including stocks, government bonds, fixed income, real estate, etc., the volume difference is quite huge. Then why can’t DeFi assets expand to be as large as traditional finance? I think the key reason is that many use cases in traditional finance are linked to identity, such as credit card credit loans, as well as many unsecured loans, consumer loans, etc. This large-scale loan is tied to identity, which is one of the reasons why I think bringing RWI into DeFi has great prospects. It expands the application of DeFi from the current over-collateralized mode to the zero-collateralized and even credit loan mode, and this use case expansion will be a huge step forward in the DeFi field.
So, in fact, we have already put identity on chain, it’s just that this is done at the level of coin merchant or issuer, but not at the user end. If we do it at the user end, it can be used in, for example, stock trading or other asset category trading. Currently, DeFi can’t provide differential rate services to specific groups of people because everything is about the abstract chain address, without relevant real-world identity information. So in the future, if it opens up further, I think the application of DeFi will also expand with it. And as Yi just mentioned, even if DeFi doesn’t care about the Travel Rule, there are exchanges starting to enforce certain rules. All withdrawal addresses need to carry real personal information such as name, home address, etc. Several large exchanges in Europe have already started implementing this, and it was mentioned at the Web3 Festival in Hong Kong that in the future DeFi will also have to be regulated according to Hong Kong’s compliance. Of course, it’s perfectly fine for some DeFi projects to focus on the permissionless market. For example, LUSD only accepts ETH as collateral after the FTX incident, and it can indeed be completely permissionless, but this use case is very small.
So I think both camps of DeFi business mode will be developed in the future. After introducing RWI, it may change from KYC at the issuance end to the user end. And I only talked about financial use cases. In addition to this, there are many application scenarios for expansion in search, social and other fields. Therefore, fundamentally, I think KYC has no harm to Web3 users. The DeFi business mode without identity information and completely anonymous will definitely continue to exist, and dForce will most likely continue to develop new protocols at this level. But if we bring RWI into it, the whole Crypto market can really expand, and I think this is a very important point, that we need to be practical, to connect with the traditional world. Because the Web3 economy can’t be completely isolated from the traditional world. Therefore, connecting real-world identity or assets with the chain is not harmful to us at all. On the contrary, it will further expand our DeFi use cases.
Yi: I strongly agree with the two points that Mindao just mentioned. The first is that everyone thinks they are completely anonymous on the chain, but they are not. For example, most people have done KYC when trading on exchanges, so as long as your exchange wallet interacts with the outside wallet, this association can be easily identified, and it can even be tracked across the entire chain. The second point is that introducing RWI can widen DeFi use cases. Currently, the entire collateral model is over-collateralized, which is a deflationary model, but what really promotes social development is definitely the inflation model, which is based on credit. But it’s very difficult to accumulate credit on chain right now, we need to measure it from many dimensions, such as the user’s payment history, repayment ability, asset condition, and even social relations, etc., all of this information currently do not exist on chain. The only way to start is to bring off-chain information on chain first, and currently the only way to achieve this is KYC. After going through KYC, not only can we realize credit accumulation, but direct lending businesses can also be conducted based on credit ability. So I strongly agree with Mindao’s two points.
w3tester: I’d like to share some ideas. How we view KYC is very important. When we look at the DeFi industry, we should look at it from an incremental perspective. After introducing RWI into DeFi, it will have more modes to expand, and the current permissionless things will not be affected too much. Of course, if they are affected, it is not for us to decide. Every country has its own regulatory agencies and administrative regulations, so if a certain business is considered not compliant and therefore is not allowed, it is definitely for the safety of the users. Under such circumstances, I believe that the original businesses that do not require KYC can continue to run, and new applications that have introduced RWI are worth our expectations.
Secondly, it’s currently difficult to truly achieve full anonymity. Let’s take Metamask as an example, our address and IP can be seen clearly in the background once we connect it. Besides, privacy is a basic right of citizens, and we should fully support it, but it does not mean people can conduct illegal activities. From a technical perspective, it is completely possible to follow the laws and regulations while protecting privacy and conducting legal transactions in a legal situation. The event jointly organized by zCloak and Chaintool can help users transform their real-world KYC data through ZKP and realize minimum disclosure on chain. Now we have started the zk-SBT on test net and real-world KYC information is transformed through a ZKP computation run in the user’s local device. In the future, information that is used to classify or filter users can be expressed in this way without revealing any PII (Personally Identifiable Information). So we also look forward to the combination of RWI and our current DeFi products in the future.
Mindao Yang: In fact, ENS has achieved a certain level of identity disclosure, but there is a huge difference between ENS projects and our zk-based RWI projects. I never use ENS because I think it easily exposes the loophole to those who specialize in social engineering attacks. Nowadays, many KOLs who hold NFTs are being socially engineering attacked because the attacker knows their name and can attack via email or other information, which is why I think a completely transparent identity system like ENS is difficult to scale. Moreover, it violates basic business principles. We have discussed this issue with many physical businesses in DeFi before, for example, how to provide a financing channel for a listed company. It’s impossible for them to put all business secrets-related information on chain, forums, and DAO for discussion. So I think if identity cannot be informationally isolated through zk technology, then it will be difficult to scale in use cases. In other words, how to combine the transparency and verifiability of blockchain without violating basic business principles in RWI is worth exploring. Therefore, introducing RWI is to provide an option for users. At present, the DeFi market that maintains the core principle of being completely permissionless will not be greatly disrupted.
Yi: I’d like to summarize what we have discussed today. The first point is that blockchain transaction is transparent in everyone’s common understanding, but in fact, some centralized institutions are already doing KYC and the completely anonymous network doesn’t really exist. The second point is that KYC is an inevitable trend, whether it is for compliance or other reasons, even if it does not take the compliance path, the purely free DeFi market still exists, and everyone can choose the direction they like. The third point is that after introducing RWI, the DeFi market may introduce more use cases, the current financial model based solely on over-collateralization may change, and the financial model based on credit and even other traditional financial things can be introduced to the chain. The fourth point is that zk-KYC may be a very good solution. It not only protects the privacy of users but also realizes the accumulation and transmission of credit on chain.
【Q&A】
Cassiel: Thanks to Yi for the summary and all the guests for their wonderful sharing and discussion today, which provided us with a new perspective on understanding RWI and DeFi. We also hope that our discussion today can provide some new ideas for our audiences. Next is our Q&A session. If any audience members have any questions about our guests or projects, or any ideas about the topic we discussed today, you are welcome to share them with us.
Audience 1: I have two questions, the first one is for Yi, how exactly can we understand the concept of Attester you mentioned? Will there be a centralized authentication model, I think of Attester as a role with a certain identity, so does that mean the authentication process is only performed by one Attester? Does this contradict the concept of decentralization? Another question is for the w3tester of zCloak, you just mentioned that complete privacy does not exist, then if it is in doing KYC, will this KYC information also be recorded and associated?
w3tester: Many users keeps wondering whether their data is safe with zCloak, and how we ensure that we don’t leak their data. In terms of the zCloak project, I think the premise for leaking or abusing the privacy data is we can get the data. The entire architecture of the zCloak system is based on returning data sovereignty back to users’ hands. We are just a provider of basic infrastructure such as zero-knowledge proof and data management tools, but the tools run ZKP proof on user’s local device. What we are trying to build is we try not to take user’s data during the whole process.
Yi: About the concept of Attester, w3tester can add something later, his insight may be deeper. The traditional concept of KYC is based on a certain authoritative organization. For example, if there is a need for a national-level authentication of your passport and ID, the public security bureau will be the organization, which is a centralized authentication. However, in the network architecture of zCloak, we hope that we are the best KYC authentication institution, but we are definitely not the only one. Different projects will have different institutions providing them with corresponding authentication services, so from my understanding, decentralization can mean not unique, it can mean being verified by multiple parties, and many attesters can provide similar services.
w3tester: I can add a bit, Attester may be a bit confusing for most people who are not in this industry. We believe that identity is essentially the sum of a person’s social relationships. For example, your ID card has your identity information on it, and when you show it to a third party, their trust in your identity is based on a so-called trust transfer mechanism. Essentially, the trust in you by the institution that issued your ID card (Public Security Bureau) is transferred to the third party through the form of the ID card, and then when they see the information on the ID card, they will believe it, which reflect that they trust the Public Security Bureau. This is a transfer of trust, so in the scenario I just mentioned, the so-called Attester, is an institution like the Public Security Bureau. In the field of DID and verifiable credentials under the W3C system, an Attester is an institution or organization that relies on its own credit and reputation to attest to the identity, credit, and qualifications of others. Similarly, in the KYC scenario, the reason people trust a KYC result is because they trust the KYC service provider. The organization is a formally licensed institution who operates according to the law and principles.
Audience 2: If a e-commerce platform wants to integrate with tokens, what are the entry points and channels? How does it integrate with the identity system?
w3tester: As far as I know, there are many uses of USDT and USDC in the scene of international trading, but trading has its rules. It requires contracts, goods and bank transactions. All of this information can be a basis when it comes to transaction check and anti-money laundering. For example, Company A pays Company B for a batch of goods, in which the buyer and seller are very clear. However, if you use an on-chain address to make this transaction, there will be a problem. We can see that a USDC transaction has been made between two addresses, but we can’t connect an off-chain trading with an on-chain transaction. It will be very difficult when it comes to proving which company is behind the A address and which company is behind the B address to tax/banking institution. And this also involves another platform we are building. By now, zCloak has two product lines. The first product is the zkID for personal identity. The second product is Valid ID, which solves the problem I just mentioned, through multi-party attestation to anchor the real-world identity (RWI) of an institution with its on-chain address, forming a cryptographically verifiable, and legally meaningful bind. That’s all I want to share.
Mindao Yang: There may be a use case for reference. In traditional e-commerce, if a company wants to make purchases, it can ask banks for credit certificates. But if DeFi can be integrated into the platform’s credit system, stable coin loans can be completely based on the credit system, that is zero-collateralized loans. Therefore, I think that DeFi can replace the role of traditional banks to some extent because the role of traditional banks on-chain is based on the verifiability to information like store points, transactions, etc., which have been authenticated by multiple parties, and then loaning money to companies based on that. So I think making DeFi integrate with the platform’s credit system is highly executable. In addition, once DeFi integrates RWI, it may completely open up the competitive landscape, and the platform cannot monopolize it. For example, Taobao Ant Financial Services cannot monopolize the financing of its platform merchants, because merchants are likely to be able to directly borrow money from DeFi. I think this is very interesting, turning a closed financial system into an open system.
Cassiel: Thanks again to our speakers for answering the questions of the two audiences. Today, we talked a lot about the various possibilities of the combination of RWI and DeFi, and the future development direction. Hope that Real-World Identity can help DeFi projects achieve their expansion and promotion of more application scenarios in the future.
