Share this post:
Before cryptocurrencies, blockchain technology was unknown to most people. It was blockchain’s unique ability to manage the ownership of (virtual) currency in a decentralized and reduced-risk manner that made all the difference. The introduction of permissioned blockchains made the same functionality even more appealing to the enterprise world in the context of decentralized business asset transfer.
Experts have established the term token to represent a business asset digitally where the asset’s ownership can be managed. Similarly, the term tokenization refers to the process through which a business asset is represented by a token digitally. In the meantime, the technology is widespread enough that some speak of a “token economy” in which asset transfer transactions are processed in a more efficient, transparent, and fair manner.
IBM Research has recently designed and implemented two blockchain components facilitating token exchange in enterprise context that have been recently open-sourced as Hyperledger Labs. These two new labs are called Fabric Smart Client and Fabric Token SDK. Fabric stands here for Hyperledger Fabric, the permissioned blockchain and open source project under The Linux Foundation’s Hyperledger.
Fabric Smart Client allows for off-chain exchanges between clients, application/client-side state management, and more flexible transaction creation. Fabric Smart Client also enables Fabric applications to integrate a greater variety of privacy enhancing technologies and/or reflect a variety of business processes as needed by the use case at hand.
Fabric Token SDK is a library — leveraging Fabric Smart Client — allowing for token exchange on top of Fabric with configurable enterprise privacy properties. More specifically, Fabric Token SDK can be configured to offer mechanisms where the privacy of token exchange participants and value is preserved and co-exists with auditability. At the same time, the Fabric Token SDK can offer asset exchange in the clear, for example, without privacy considerations.
Let’s take a closer look at each of the two projects.
What is missing in current popular token management systems
One of the weaknesses of current token exchange systems is the lack of privacy protection they feature beyond a very basic pseudonymization. In Bitcoin, for example, transactions are pseudonymous and reveal the Bitcoin value exchanged. That makes them linkable and traceable, presenting threats that are inadmissible in other settings such as enterprise networks, in a supply chain or in finance.
While some newer cryptocurrencies offer a higher degree of privacy, entirely concealing the actual asset exchanged and transaction participants, they retain the permissionless character of Bitcoin and others, which presents challenges on the regulatory compliance side. For enterprise blockchains, a permissioned setting is required, in which the identity of participants issuing and exchanging tokens is concealed, yet non-repudiatable, and transaction participants can be securely identified upon properly authorized requests.
A big conundrum in permissioned blockchains exists in accommodating the use of token payment systems while at the same time preserving the privacy of the parties involved and still allowing for auditing functionalities. Another challenge stems from the variability of privacy and security regulation associated with asset transfer, depending on the nature of the asset itself or the actual country in which the system is deployed. For this reason, modularity of any token system implementation becomes critical.
We are now thrilled to announce that we have developed a token management system with configurable privacy level, whose privacy variant achieves those conflicting goals. Fabric Token SDK employs a modular and privacy-preserving mechanism for asset exchange in the permissioned blockchain context, with support for fine-grained auditing.
A modular architecture suitable to a variety of privacy requirements
The system adopts the unspent transaction output model pioneered by Bitcoin and adds some tweaks of its own to support issuance, redemption, transfer, and atomic swap of assets.
At the heart of our Fabric Token SDK architecture sits the Token API, an API-based abstraction of token exchange operations. More specifically, these APIs assume access to a ledger and can facilitate the construction and validation of token issuance, transfer, redemption and swap requests. The Token API can be configured to interact with one or more drivers implementing these operations with different privacy, scalability, and performance properties.
In its first version, Fabric Token SDK comes with two driver implementations: one with no support for privacy, and one with privacy preservation. The privacy-preserving driver functionality conceals both the type of assets and/or respective values transferred and the sender-receiver relationship in a request. The resulting transaction never reveals information on the tokens being spent other than the fact that they are valid and unspent. To complete a transaction, a user must provide credentials that bind the tokens spent to the user’s identity rather than a pseudonym.
This authorization systems relies on anonymous transactor authentication already supported in Fabric under the name of identity mixer membership service provider. The system also allows for the configuration of a designated auditor that enjoys unlimited access to all asset-exchange transactions of the system. These properties are crucial for a token management system that ensures governance, user privacy protection and compliance with existing regulations.
The Token API is architecturally consumed by a set of Fabric-specific components allowing Fabric clients to optimally choose the tokens to be spent (token selectors), construct token exchange requests (Token Transaction Constructor), create a list of owned tokens (Token Cache), initiate Fabric smart contracts to validate them (Token Chaincode), and allow auditors to perform audit functions (Token Auditor).
Flexible off-chain client interactions using Fabric Smart Client
Flexibility in the way transactions are constructed has turned out to be an important requirement when offering a transaction processing system. This is true even when the scope is limited to a specific purpose like asset exchange. The need for flexibility stems from the variability of the legal frameworks and processes governing an asset’s transfer, issuance, or redemption, even within the same country. Privacy requirements can also radically vary across or within countries.
That calls for different privacy enhancement technologies to be leveraged in each case. For example, cases with complete absence of trusted parties require the use of advanced cryptographic primitives such as secure multi-party computation and multiple interactions across the entities in the system to compose the transaction. On the other hand, use cases where one can rely on trusted hardware or trusted parties, would exhibit fewer and different types of interactions.
Fabric Smart Client comes to bring Fabric closer to such a flexible transaction composition setup. More specifically, it allows for easy communication channel setup between Fabric clients in the context of a specific application through a component called Application View SDK. The same component allows for easy programmability of the exact actions a client performs upon the reception of another client’s message in the context of an application, as well as management of the client-relevant application state.
Fabric Smart Client integrates legacy Fabric Client SDK extending the functionality of the latter regarding Fabric smart contract invocation and transaction submission.
Fabric Token SDK leverages Fabric Smart Client for constructing atomic (multi-party) swaps requests of tokens.
For more information register now for our on-demand webinar, and be sure to reach out and connect to us for any other questions you may have.
Turning strategy into business outcomes
IBM Blockchain Services can help bring your ideas to life. Explore the use of blockchain and digital assets in your business.