At the end of August, the Basel Committee on Banking Supervision released a working paper outlining the risks of permissionless blockchains and potential ways to mitigate such challenges. While addressing the concerns raised, our Founder and CEO, Gilbert Verdian, argues that Quant’s methodology and technology mitigate against them, while unlocking new sources of liquidity.
Security is pivotal in finance. Can permissionless blockchains, which are inherently susceptible to a myriad of risks, ever provide the security banks demand?
Decentralised in nature, permissionless blockchains, also known as public blockchains, are open networks that do not limit the number of participants that can join the consensus process used to validate data and transactions.
Some of their key characteristics include:
- Transparency of transactions
- Open-source development
- Anonymity, with some exceptions
- No central authority
So, why would a bank consider using one? One compelling answer is liquidity.
The architecture of a permissionless blockchain means that network participants have access to a much larger pool of counterparties, including both buy side and sell side firms, effectively opening entirely new markets. Compelling though that prospect is, the industry isn’t yet ready to transition the infrastructure we have today to permissionless networks.
Why are banks cautious?
The biggest concern for banks when it comes to permissionless blockchains is the compliance and security risk. Performing sensitive transactions and workloads on a public chain is counter-intuitive. Today, mission-critical infrastructure is on closed, private networks that are typically interbank.
As consumer and institutional appetite for digital assets continues to grow, challenges are beginning to emerge. When issuers distribute digital assets on private blockchains, they’re limited in terms of the investors they can reach. This is why a hybrid approach – bridging the gap between the liquidity provided by public blockchains and the appeal of digital assets – should be our objective.
Combatting the risks associated with permissionless blockchains
The Basel Committee on Banking Supervision’s paper sets out several risks pertaining to governance, technology, compliance and liquidity. All are important and we have considered them carefully in refining our methodology and building our core technology platform, Overledger.
Governance risk stems from concerns around decentralisation, as control over the network is not managed by a single entity. This makes it difficult to maintain oversight and continuity and business operations in the event of SLA breaches, degradation of service or security risks and issues.
To address this business-critical risk, if a chain is forked or a branch is lost, Overledger ensures that the state is maintained and recorded. The system will then write to the new fork to ensure any changes or amendments are logged.
The BCBS also highlights settlement as a key challenge because, with permissionless blockchains, settlement of a transaction does not always take place as expected. A lack of finality can cause uncertainty around the settlement status of transactions which can cause misalignment between legal finality and technical settlement.
To overcome this, we’re able to implement integrity checks across blockchains using our patented technology. This helps to ensure transactions are written on the underlying chain, while holding the state until it is confirmed, which provides assurance that transactions have finality.
Concerns around the privacy and confidentiality of permissionless blockchains were also raised in the paper, since they can provide records of transactions that can be viewed by the public. Although this concern is certainly valid, we have built a solution that can co-sign each transaction that prevents unauthorised users from viewing any internal data. It’s a client-side option to encrypt data destined to be written on chain which can be done in many ways including via public key infrastructure.
To mitigate regulatory risks, Quant offers the capability to whitelist or blacklist addresses to be authorised for use, which minimises the risk of unauthorised transfers and transactions. To further reduce compliance risk, we run know-your-customer checks on all public mainnet transactions through Onfido.
Addressing the mitigants
The paper presented a series of potential mitigants against the risks of permissionless blockchains. Quant technology addresses each of these:
- Business continuity planning: In the event that something goes wrong, we can use an alternative blockchain or try again, to ensure continuity and enable the smooth-running of a business’s operations
- Technology-based controls over parties and transactions: We enable institutions to do this through secure signing, access management and secure transactions
- Permissioning a subset of node infrastructure: We can overlay and segment institutions to allow them to have their own infrastructure that is private to them
- Technology to address privacy and confidentiality: We address this by enabling institutions to put data on-chain, encryption of data and secure signing
- Technology to address liquidity risk: We offer liquidity management through real-time monitoring of the health of funds, values and potential risks
What’s in store for the future?
Permissionless blockchains are not yet ready for institutional adoption. The current sentiment towards permissionless blockchains is comparable to the initial response to the internet, which was also considered too much of a risk.
But with most financial institutions already running private blockchain networks, the key differentiator is the ability to unlock liquidity on other public or private networks safely. And regulation is helping to fuel this – but only to a point. While regulation is accelerating the tokenisation of securities, for the system to work requires a secure institutional bridge between digital assets and digital money.
Quant’s technology provides the necessary controls to allow banks to safely and securely adopt and interact with public blockchains, without exposing themselves to significant risk.
How Quant can help
