KYC Lite Paper

This document will cover the new Know-Your-Customer (KYC) functionality that is presently being introduced to the CRD Network ecosystem. It will allow the onboarding of user profiles, which then get cross-referenced through a series of protocols, including sanction rosters, politically exposed person lists, as well as identity, documentation and phone number verification and authentication.

After which, we will mark compliant wallet addresses with a KYC hash to signal they’ve been vetted. This will allow users to only have to pass through verification once and participate unhindered in the CRD Network ecosystem, as well as with any further strategic partners.

Coming Regulation

Among the major threats coming into the cryptocurrency space is regulatory overreach.

Given that crypto projects often evolved as proof of concept ideas that developed past their original intentions, it’s not uncommon that they are neither scalable nor designed with the intention of being regulatorily compliant. Furthermore, as it’s an innovative new sector, much of the existing financial regulation is not entirely applicable to blockchain technology.

Now that crypto is a multi-trillion dollar industry though, regulators have begun to turn their attention to the sector. Many countries have already banned the technology, or at least heavily restricted its use - some notable examples include China, India and Turkey.

While the list remains small where there have been outright bans, or regulation is in the works that would effectively do so, one thing remains clear: regulation is coming all around the world and it may be done heavy-handedly by regulators without much understanding or concern for this space.

As such, unlike most crypto-projects out there, there is a growing cohort of DeFi projects that are being proactive in meeting regulatory requirements that are typically asked of financial institutions.

Among the most basic requirement is that of KYC, which serves as a means of identifying customers and their associated economic activity to relevant authorities. Hence, the CRD Network has opted to develop these protocols before crypto regulatory bodies make it a legal requirement and begin punishing entities for non-compliance.

Purpose of KYC

KYC’s primary objective is to promote Anti-Money-Laundering (AML) and Combating the Financing of Terrorism (CFT) protocols. If you’re a law-abiding member of society, it’s a minor inconvenience that has to be overcome when creating a new account, but it usually doesn’t alter the core experience.

However, the problem is that anonymity was one of the core tenets of blockchain technology. This permissionless, anonymous system is partially what earned cryptocurrency its initial reputation as the currency of black market sites like the Silk Road, a former decentralized marketplace wherein users could purchase and sell illegal goods and services.

Nevertheless, the sector has evolved much since then. Despite some efforts by privacy coins like XMR, zCash, etc there are blockchain analytic services that track transactions and assume end beneficiaries. The era of absolute anonymity is rapidly becoming obsolete, and often if you haven’t been tracked it’s simply that you’re not worth tracking.

In either case, present DeFi structures remain a bit of an outdated relic. In part because of its permissionless business model, and pooling of assets, it can mean that you indirectly do business with a terrorist, or worse (from the government’s perspective) A TAX DODGER!

Here’s where it gets complicated though, given the joint business nature, transacting with these criminal elements might indirectly make uninvolved participants criminals as well, from a purely legal perspective. After all, by joining unvetted liquidity pools, yield farms, lending them money, or exchanging with them directly (even if done unknowingly) you could implicitly be aiding and abetting criminal activity.

This is the primary reason why institutional cryptocurrency adoption has been so slow to happen - financial institutions don’t want to run the potential legal risks and associated costs. And what little adoption there has been have been making use of the aforementioned “chain analysis” services where they can identify cryptocurrency that has not been tainted by being associated with criminal activity.

Hence, contrary to what some people believe, not all crypto is the same. Sometimes these financial institutions are even willing to pay a premium to get “legally compliant” coins.

It stands to reason that if we create an ecosystem where users are verified and legally compliant, institutions will be incentivized to participate in that space. Once this happens, adoption could increase considerably and use case developer interest along with it.

Not only that, but by creating an ecosystem wherein people have their legal identities tied to their wallets, we are also implicitly creating an environment wherein scams are considerably lessened, as any fraud would be prosecutable by relevant authorities.

So we all stand to gain by creating these regulatory guardrails, and we also future-proof our project in the process.

How it will be done

We are building a Hyperledger Besu Ethereum Private network and masternode system to validate all important actions within the system by independent nodes. Each important action, such as validating a KYC process, would be recorded there with all associated timestamps and hashes.

In other words, it would allow auditors/regulators to trace each KYC request lifecycle, as we would be able to show all chain of events, including responses from KYC providers for various checks we made.

You can find the basic structure diagram of our KYC validation system below.

The core idea is that we operate in two networks simultaneously - in the Ethereum public net and in the Ethereum Private network (Hyperledger). Then, within these systems, there will be various sets of masternodes with different access settings. Some types of masternodes will be able to validate records only, other types will be able to read some extra data.

It’s worth stressing that we will be operating a supernode that will be populating a database with new records, and in this sense, the system certainly is not ‘trustless’ or ‘decentralized’. However, we must be a centralized system by design, as we represent a legal entity that is responsible for the data; but the Hyperledger setup will allow us to keep the whole process immutable and transparent.

All past transactions are stored in the blockchain and synced with masternodes. It would not be possible to revert old data this way; as we operate on a PoS private network, and nodes will ensure that no previous data will be altered. This way, even if we would want to change anything in the blockchain, all traces will stay in the system which ultimately restricts us from changing anything.

This is an overview of the current set of masternode levels we are implementing right now.

In addition, this solution would also allow us to promote this method of Proof-of-KYC for independent DeFi projects, as they would be able to confirm that their users are compliant.

Conclusion

Given the increasing formalization of the cryptocurrency industry, it’s unlikely that this remains a trillion-dollar unregulated sector. If we are to develop in a desirable direction, we must be proactive about complying with regulations expected of financial institutions.

The first move in that direction is creating robust KYC procedures to be able to protect users and remain legally compliant. Once this is done, we can begin establishing connections with regulators and financial institutions alike while embedding ourselves in the fabric of the traditional economic system.

In time, the CRD Network will be able to help other blockchain projects with onboarding and promote regulatory compliant ecosystems.

This is the future, and it begins by integrating the KYC procedures into our DeFi ecosystem.