ING recently announced a breakthrough solution developed by the company’s researchers. The new development will reportedly solve privacy and security issues that have been plaguing the Corda blockchain system.
The megabank’s blockchain technology team presented a white paper titled “Solutions for the Corda Security and Privacy Trade-Off: Having Your Cake and Eating It” on Oct. 23.
According to the white paper, every transaction content on the Corda blockchain is exposed to a notary that validates it. The process is necessary to reach consensus. However, being privy to the contents of the transactions has raised privacy concerns.
Zero-Knowledge Proof (ZKP)
ING’s proposed solution institutes a zero-knowledge proof (ZKP) notary service that will validate transactions. The service can reportedly assess the transaction’s validity without revealing any private information or compromising safety.
ZKP is a mechanism that lets one party prove to another that a statement is true without having to share any extra information. This method was introduced in 1988 by researchers from the University of Toronto and MIT.
The zero-knowledge proof system will grant public blockchains increased privacy. It could also boost the growth of blockchain adoption by minimizing the time-consuming and costly procedure of setting up private networks.
Developed by R3
The Corda distributed ledger system is developed by R3. It is unique in the sense that it controls data and limits the amount of information that has to be shared. In contrast, other blockchain systems broadcast data through all the participating nodes.
Corda’s service provides a choice between two notaries – a validating one and a non-validating notary. The former can view the transactions to check if they’re legitimate. Meanwhile, the latter has no visibility features but keeps records.
According to Mariana Gomez de la Villa, Director of ING, the validating notary can view the transaction’s contents before it can even decide if the data is correct. During this stage, the participants lose their privacy, and this could pose a security risk.
Meanwhile, a non-validating notary can introduce a weakness in the security when a notary signs off on a wrong or invalid transaction that a malicious participant creates.
However, the ZKP process will protect participants against double-spending. This system refers to an attack wherein the user spends the same asset twice, as well as the validating notary.
ING is set to commence using Corda, so the decision to try to resolve the privacy problem is out of self-interest. The bank has invested in several Corda apps, like trade financing projects Voltron and Marco Polo.