To be announced Wednesday at the annual developer conference CordaCon, ING has helped solve a security/privacy trade-off that currently bedevils Corda users. The bank’s blockchain team did so by applying zero-knowledge proofs (ZKPs) to the Corda notary service, the means by which the network verifies the uniqueness of transactions and prevents double-spending.
Unlike most blockchains that broadcast data among all participating nodes, R3 designed Corda to control data and limit the amount of information that needs to be shared. The Corda notary service offers a choice between using validating notaries, which can view transactions to check they are legit, and non-validating notaries which have no such visibility but instead just keep a record.
The validating notary compromises privacy by looking into the content of transactions, while the non-validating approach presents a security weakness since a malicious actor could knowingly write an invalid transaction.
If all that makes your head spin, think of being frisked and having your bag searched when entering a building compared to just signing in at the front desk. The former is intrusive for you; the latter is riskier for the building.
To thread this needle, ING has applied zero-knowledge proofs, which can prove something is true without revealing any information about it, to Corda’s validating notary function. This allows transactions to be verified without specific knowledge of their contents.
Trade finance use case
ING is addressing the privacy problem out of self-interest as it’s about to start using Corda for business.
Andrei Ilchenko, the bank’s global head of IT wholesale banking channels, said a number of Corda apps it has invested in, such as the trade finance projects Marco Polo and Voltron, will soon see the light of day.
These are currently relying on the non-validating notary which is hosted by Corda network, he said. But this posed risks:
“We started to notice some edge cases. For example, with Marco Polo, what would happen if there was a malicious participant to this particular business network, who would attempt to send to the non-validating notary a transaction that has an input state (e.g. an invoice) that is owned by another participant?”
Although it’s not a likely scenario, said Ilchenko, it could turn out that one party could attempt to spend some working capital and be denied.
“To resolve the matter it would need to start going to court and start running the physical world processes,” he said. But that would defeat the purpose of the blockchain. Hence the impetus to apply ZKPs.
Normally, people think of zero-knowledge proofs as being so demanding, computationally speaking, that they slow blockchains right down. A somewhat surprising bonus discovered by ING is that ZKP transactions sent to Corda notaries take less time to verify than regular transactions (of which the entire content is visible).
Asked whether the proposed solution is for the Corda Network, the open-source community, or whether it is only being applied to the commercial version used by ING, Ilchenko said:
“Actually both. So far, the majority of CorDapps I know rely on non-validating notary run by the Corda Network Foundation and all CorDapps that ING plans to start using in production do.”
ZKPs are not the only way of solving Corda’s privacy trade-off; R3 has worked hard to modify Intel’s trusted execution environment solution SGX to fit with Corda’s requirements.
ING has worked on a range of variations of ZKPs, but always using enterprise versions of ethereum like Quorum, developed by mega-bank JPMorgan. At the start of this year, the bank started looking at applying its learnings to Corda.