TradFi & DeFi deep dive 2(b): Hybrid & Shared Platforms
This week we continue building the map of the future of finance across both TradFi and DeFi, with Hybrid & Shared Platforms. This denotes platforms that serve both TradFi and DeFi assets and services, many of which are FinTechs and challenger banking models that have expanded into supporting a broader array of assets.
Remember when The Next Block discussed how there is a hybrid hypothesis for the future, of TradFi and DeFi, suggesting that each are on a path of convergence as they tackle similar challenges to modernize the financial services experience?
As a refresher, we made the following hypotheses::
Hypothesis #1: The future of finance is hybrid & distributed.
Hypothesis #2: The future of DeFi is multi-chain & distributed.
Hypothesis #3: The future of underlying infrastructure is multi-cloud and distributed.
Hypothesis #4: The future of finance governance is hybrid & distributed.
Here’s another refresher on the landscape that we see playing out, keying in on where we will focus in this post:
Figure 1: the future of finance shows a set of Hybrid & Shared components at the platform layer that serve both TradFi and DeFi across oracles, identity, and development & integration.
… and the following image shows a view of the respective vendors and projects building out the Hybrid & Shared platforms of the future:
Figure 2: some of the major players in Hybrid & Shared platforms include Chainlink, Plaid, Stripe, and the Consensys Product Suite.
TradFi Platform component 1: Oracles & utilities.
Given DeFi is decentralized by design, and generally built on blockchain environments that have discrete boundaries of its data and member notes, these environments need a mechanism for connecting with and sharing and consuming data from the outside world.
Oracles are entities that connect blockchains to external systems, thereby allowing smart contracts to execute based on inputs and outputs originating from the blockchain. A decentralized oracle network provides reliable, tamper-proof inputs and outputs for complex smart contracts on any blockchain (e.g. Chainlink). Chainlink is the most widely recognized solution here, and Coinbase has also developed native oracles.
One of the best use cases for oracles are pricing feeds for the market prices of assets, such as cryptocurrencies. Additionally, Chainlink’s ability to securely connect smart contracts with off-chain data and services opens a number of doors for traditional and modern institutions to connect and collaborate.
The leading solution in this space is Chainlink, which is a blockchain-based, decentralized oracle network. It supports most of the major blockchain networks, including Ethereum and Solana.
TradFi Platform component 2: Digital identity & social recovery.
The current model of identity is characterized by an overly complex, highly fragmented ecosystem across organizational entities and individuals. It also provides for identity that is neither ubiquitous and authoritative nor owned by the individual for the identity itself or associated data.
The future model of identity is characterized by: decentralization, privacy by design, user self-control, openness and interoperability, and global scale and accessibility.
We will cover both the current and future model across the three key categories that identity spans:
Commercial sector: to include Fortune 500 companies
Tech: to include Big Tech (Microsoft, Google, Amazon and others) and Web3 & DeFi
Public sector: to include federal and state & local organizations
Figure 1: The state of identity may shift from a fragmented, complex web of commercial, tech and public sector entities independently managing identity, to a decentralized, blockchain based ecosystem that puts the user in control of their privacy, data, and identity.
Let’s dive in to examine the current state of identity and what the future might look like.
The current state of centralized identity.
Category 1 - Commercial sector. Or, otherwise known as Enterprise IT. First category includes the commercial off the shelf (COTS) technology vendor incumbents. Most enterprise technology leverage centralized identity and directory services to include vendor specific (most commonly Microsoft Active Directory Domain Services and Identity and Access, Exchange, as well as vendor agnostic services like LDAP. The second category features cloud solutions. These services are now also federated out, or even natively hosted, in Cloud Service Provider (CSP) environments to include Microsoft Azure Identity and Access Management, Amazon Web Services Identity, and Google Cloud Platform’s Cloud Identity. The third and final category of enterprise IT includes the modern digital-natives, to include companies like Auth0, an adaptable third party authentication and authorization platform, and Okta, a similar platform for workforce identity with Single Sign On (SSO) and Multi-factor Authentication (MFA). Most of these three mechanisms are underpinned by network infrastructure to include things like DDI (DNS, DHCP and IP Address Management), which creeps outside of the scope of this document but you can read more about here for a technical deep dive.
These service offerings are highly centralized in nature and thus require complex linkage and trusts established within an organization (e.g. identity federation services), as well as other trust mechanisms both intra-organization and cross organization.
Category 2 - Tech. In most Web 2.0 platforms, the Big Tech players offer identity services that can easily connect as almost a “Social Single Sign On” mechanism to confirm your identity with other web applications and even process payments. This sign in mechanism is easy to connect with your existing Big Tech and social media accounts, but also require you to allow permissions for those authenticated applications to access your personal data. Examples include Facebook Login, Google Identity, Apple Single Sign On, etc.
Category 3 - Public sector. The current public sector largely features the same technology products and services used by Commercial, including centralized identity and directory services and other leading technology vendors. There are also a variety of standard citizen and user identification methods leveraged by civil sector and state and local entities (e.g. birth certificates, Social Security numbers and cards, state issued driver’s licenses, and passports). While they are truly unique identification mechanisms, most of these systems and processes are highly manual or supported by legacy technology. Some progress is being made in pockets of individual jurisdictions, such as the state of Arizona putting its driver’s license and state ID in Apple’s wallet.
The future state of decentralized, social, and privacy enabled identity.
Category 1 - Commercial sector. Most commercial sector organizations have Enterprise IT functions that handle all tech services, to include identity and access management (IAM), and supporting network and domain services. One of the primary anchors for these services includes the Microsoft family of Active Directory and Exchange, a set of mature and highly centralized services.. Microsoft’s Active Directory is enabling Verifiable Credentials such that these services do not necessarily need to be replaced, but rather can accept decentralized identifiers as a means of authentication and authorization. More below in the Tech section for how Microsoft is rethinking this space. Another great concept to look into is Zero Trust, which could also form the network and infrastructure foundation for authentication and authorization that is trust and user based irrespective of network boundaries and organizational demarcations, rather than the current perimeter security-focused mindset.
Category 2 - Tech. In Big Tech, Microsoft has taken the lead on thoughtware and incubating new technology for the concept of digital and decentralized identity (DDID). The vision from Microsoft is clear:
“Each of us needs a digital identity we own, one which securely and privately stores all elements of our digital identity. This self-owned identity must be easy to use and give us complete control over how our identity data is accessed and used.” (Source)
… this digital identity would be blockchain-based, co-developed by Microsoft and other partners. Microsoft has also partnered with the ID2020 Alliance, a global public-private partnership dedicated to aiding the 1.1 billion people around the world who lack any legal form of identity. The vision is clear, but how would it actually be manifest? Microsoft suggests that a unique identifier, similar to today’s username concept, can be replaced with an identifier that is self-owned, independent, and leverages blockchain and distributed ledger technology (DLT) for data exchange, privacy protection and security of transactions made with the user ID and any other medium. These identities would be built upon principles of: secure, reliable and trustworthiness; privacy protecting and in my control; inclusive, fair, and easy to use; supervisable; and environmentally responsible.
MIT’s Technology Review also suggests that the future state of identity might be manifest in ways to include the end of passwords as a primary method of authentication. This could perhaps include some blockchain-based ecosystem for the management of user identification combined with alternatives to passwords such as biometrics for login… combining a ubiquitous, decentralized, user owned identification mechanism with methods that truly authenticate and authorize the user (unlike passwords). Some good examples of these digital identity solutions, that are not necessarily decentralized or blockchain-based, include Passbase, NEC Digital Identity (read more here).
In DeFi and Web3, blockchain projects and use cases are going about decentralized digital identity in a variety of ways, to include domains, digital wallets, and web browsing.
Domains - As with all things Ethereum, the concept of domain names are being decentralized with the Ethereum Name Service (ENS). These domain names however are much broader than the traditional web domains we are used to, and includes decentralized naming for a wider range of use cases including websites, digital wallets, and anything that can be used against an Ethereum public address.
Digital wallets. One might wonder, if the future is truly decentralized, then who will help me if I lose my password? Or, who will help me prevent my funds in an account from being lost or stolen? The advantage of centralized mechanisms is currently founded in institutions backing your assets and supporting you in cases of fraud, loss, or password resets.
That being said, the DeFi community has been thinking through these problems and incubating a number of new concepts. For account and wallet recovery, Argent (the leading DeFi wallet and pioneer of these new concepts), has implemented the concept of decentralized, off-chain and social recovery. Rather than storing and retaining seed phrases for Ethereum and other blockchain accounts, you can establish “guardians” of other unique identifiers for people and devices you already trust to have limited permissions to enable recovery. Guardians can be people, devices, or third party services. Social recovery can also be performed off-chain (e.g. encrypted in cloud storage on iCloud or Google Drive), to decouple your recovery methods from your device. Social recovery is also free! Read more from Vitalik Buterin, co-founder of Ethereum, on the importance of social recovery and wallet security, also with input from Argent. Other DLT based examples include Hyperledger Indy, Civic Identity Verification,
Another great example also includes Polygon tapping Zero Knowledge (ZK) proofs as the new identity service for its new wallet app, based on reporting from the Defiant (original blog post here from Polygon). For any given “Claim” (an open and verifiable standard that can represent any identity information) the ZK proof can allow the owner of the claim to prove to another party that the claim is true without revealing any information beyond the validity of the claim itself.
Specifically for decentralized identity in crypto finance, reading up on Circle Verite is another great thread to pull on to understand yet another Web3 based, open source framework for providing identity claims in smart contracts that still meets the guiding principles of digital decentralized identity.
Web browsing. A good example of a modern browser that meets the vision of Web 3.0 and user privacy is the Brave browser. Additionally, the Brave browser and Basic AttentionToken is one of few blockchain projects that has achieved massive adoption at scale and is forcing the market to rethink conventional approaches to identity, and privacy. Brave has cleared 50 million active users on its platform and over 15 million daily active users. Tthe browser's initial draw was a "privacy by default" design, which is very much an anti-pattern to other existing web browsers in the market, or what we are used to with the current Big Tech and social media platforms. Additionally, the Brave browser pays you for your "attention" via Brave Rewards, with its proprietary token, the Basic Attention Token in an attempt to disrupt the industry for how advertising is done and giving the lion's share of ad revenue to content creators. Additionally, the Brave Rewards function allows you to tip the Attention Tokens you earn directly to the creators of your choice, putting you in control of your data and the rewards to the content creators that bring the most value to you.
Category 3 - Public sector. Per the Microsoft Verified Credentials approach above in Tech, a great case study is featured where the UK National Health Service (NHS) is using verified credentials to support swift staff movement between NHS organizations, allowing staff to store their own verified records for employment, clearance, and other attributes on their smartphones. This could potentially be served much wider in a variety of public sector use cases and processes, hopefully to include the more universally accepted means of identification used today. Jurisdictions to include India, Singapore, Argentina, South Africa and Japan have also engaged with the aforementioned NEC Digital Identity solution for facial recognition and biometrics.
How can the Enterprise, Big Tech, and pure play decentralized Web3 projects reconcile for a ubiquitous solution of the future?
These three vectors are the primary domains where identity is established or validated. My hypothesis is that there will be a disruptive innovation battle between incumbents such as Big Tech (Web2) players and new DeFi and Blockchain entrants (Web3, Ethereum-based projects), in a battle for what is the universally accepted standard as well as technology for the future of identity. Given the decentralized nature of these standards, there can also very likely be a hybrid future of ways to control your identity while still operating in a ubiquitous ecosystem, similar to the hybrid hypothesis of all technology and finance.
Who will truly set the standards for this space?
Check out the following resources to see which bodies are helping set the standards for global adoption of this new approach to identity:
Decentralized Identity Foundation (DIF). A diverse group of enterprise organizations and decentralized, Web3 projects collaborating to establish an open standards based ecosystem for decentralized identity that is accessible by all organizations and individuals.
Decentralized Identifiers (DIDs). A W3C specification that features a new type of identifier in enabling verifiable, decentralized digital identity. The open source repository can be found here on GitHub.
Trust Over IP Foundation (ToIP). An organization with consortium members to include Accenture, MasterCard, and IBM that seeks to promote global standards, leverage the opportunities for interoperable digital wallets and credentials, protect the identities of citizens and businesses, and integrate the technical elements of digital trust with human elements that includes business rules, policies and governance.
TradFi Platform component 3: Dev, integration & APIs.
Development. The resources, tools, and general participation in enterprise and consumer grade development of Web3 and DeFi solutions has made great strides in recent years.
Ethereum, which has the most developers of any ecosystem, attracting 20-25% of developers in Web3, has its own native developer tools, runtime environments, programming language and resources for building in its ecosystem to build smart contracts.
The Consensys Product Suite enables developers to build next-generation applications in both a TradFi and DeFi context. The application suite also allows institutions to launch modern financial infrastructure, and empower people worldwide to access the decentralized web. Some examples in the application suite include Codefi for finance and commerce blockchain applications, Infura for developer API access to Web3 resources, Truffle for developer tools and testing, and Quorom (an open source protocol layer developed with JP Morgan) for enterprise TradFi blockchain use cases.
Integration and APIs. Blockchain interoperability is a big new challenge to solve for both blockchain-to-blockchain and blockchain-to-legacy integration and data sharing, as the future will likely remain hybrid and heterogenous, requiring data sharing, integration methods and some form of a “service fabric” for both old and new technologies to coexist.
Enablement of modern banking interoperability both with each other and with more modern tech via Open Banking and APIs is critical – e.g. Stripe, Plaid, Google Open Banking API’s. The Plaid CTO agrees with this and states that data sharing is necessary to both build a full picture, or mosaic, of the financial and customer data landscape, but also sharing and integrating this data in the right way. Recently, a large wave of cryptocurrency-native developments have been made with these digital, yet TradFi-native API players now expanding to become Hybrid & Shared components of the end to end finance stack. For example, Stripe just announced it will enable millions of merchants to convert fiat payments into Bitcoin via OpenNode.
From a pure play crypto perspective, the Baseline Protocol to enable enterprises to build on Ethereum is a great example of protocols that are being developed to hook into the enterprise community.
Enterprise customers wanting to build blockchains solutions want enterprise grade methods of building blockchain environments and enabling interoperability with other conventional systems of record and database technologies. Solutions like the Hyperledger fabric, Consensys Quorom and others are available to build in a modern way that can also nest within an existing, heterogeneous technology ecosystem. Read more here on TechCrunch.
Read more here on The Great Protocol Sink from Bankless to understand how protocols will establish the integration between traditional financial institutions and DeFi for a more integrated future.
Read more here from Andreesen Horowitz on how the fiat and crypto worlds are converging.
