Blockchain
Cloud
June 28, 2021 By Dr. Elli Androulaki
Dr. Angelo De Caro
Dr. Kaoutar El Khiyaoui
5 min read


Before cryptocurrencies, blockchain technology was unknown to most people. It was blockchain’s unique ability to manage the ownership of (virtual) currency in a decentralized and reduced-risk manner that made all the difference. The introduction of permissioned blockchains made the same functionality even more appealing to the enterprise world in the context of decentralized business asset transfer.

Experts have established the term token to represent a business asset digitally where the asset’s ownership can be managed. Similarly, the term tokenization refers to the process through which a business asset is represented by a token digitally. In the meantime, the technology is widespread enough that some speak of a “token economy” in which asset transfer transactions are processed in a more efficient, transparent, and fair manner.

IBM Research has recently designed and implemented two blockchain components facilitating token exchange in enterprise context that have been recently open-sourced as Hyperledger Labs. These two new labs are called Fabric Smart Client and Fabric Token SDK. Fabric stands here for Hyperledger Fabric, the permissioned blockchain and open source project under The Linux Foundation’s Hyperledger.

Register now for this on-demand webinar and get the answers to your blockchain questions

Fabric Smart Client allows for off-chain exchanges between clients, application/client-side state management, and more flexible transaction creation. Fabric Smart Client also enables Fabric applications to integrate a greater variety of privacy enhancing technologies and/or reflect a variety of business processes as needed by the use case at hand.

Fabric Token SDK is a library — leveraging Fabric Smart Client — allowing for token exchange on top of Fabric with configurable enterprise privacy properties. More specifically, Fabric Token SDK can be configured to offer mechanisms where the privacy of token exchange participants and value is preserved and co-exists with auditability. At the same time, the Fabric Token SDK can offer asset exchange in the clear, for example, without privacy considerations.

Let’s take a closer look at each of the two projects.

What is missing in current popular token management systems

One of the weaknesses of current token exchange systems is the lack of privacy protection they feature beyond a very basic pseudonymization. In Bitcoin, for example, transactions are pseudonymous and reveal the Bitcoin value exchanged. That makes them linkable and traceable, presenting threats that are inadmissible in other settings such as enterprise networks, in a supply chain or in finance.

While some newer cryptocurrencies offer a higher degree of privacy, entirely concealing the actual asset exchanged and transaction participants, they retain the permissionless character of Bitcoin and others, which presents challenges on the regulatory compliance side. For enterprise blockchains, a permissioned setting is required, in which the identity of participants issuing and exchanging tokens is concealed, yet non-repudiatable, and transaction participants can be securely identified upon properly authorized requests.

A big conundrum in permissioned blockchains exists in accommodating the use of token payment systems while at the same time preserving the privacy of the parties involved and still allowing for auditing functionalities. Another challenge stems from the variability of privacy and security regulation associated with asset transfer, depending on the nature of the asset itself or the actual country in which the system is deployed. For this reason, modularity of any token system implementation becomes critical.

We are now thrilled to announce that we have developed a token management system with configurable privacy level, whose privacy variant achieves those conflicting goals. Fabric Token SDK employs a modular and privacy-preserving mechanism for asset exchange in the permissioned blockchain context, with support for fine-grained auditing.

A modular architecture suitable to a variety of privacy requirements

The system adopts the unspent transaction output model pioneered by Bitcoin and adds some tweaks of its own to support issuance, redemption, transfer, and atomic swap of assets.

At the heart of our Fabric Token SDK architecture sits the Token API, an API-based abstraction of token exchange operations. More specifically, these APIs assume access to a ledger and can facilitate the construction and validation of token issuance, transfer, redemption and swap requests. The Token API can be configured to interact with one or more drivers implementing these operations with different privacy, scalability, and performance properties.

In its first version, Fabric Token SDK comes with two driver implementations: one with no support for privacy, and one with privacy preservation. The privacy-preserving driver functionality conceals both the type of assets and/or respective values transferred and the sender-receiver relationship in a request. The resulting transaction never reveals information on the tokens being spent other than the fact that they are valid and unspent. To complete a transaction, a user must provide credentials that bind the tokens spent to the user’s identity rather than a pseudonym.

This authorization systems relies on anonymous transactor authentication already supported in Fabric under the name of identity mixer membership service provider. The system also allows for the configuration of a designated auditor that enjoys unlimited access to all asset-exchange transactions of the system. These properties are crucial for a token management system that ensures governance, user privacy protection and compliance with existing regulations.

The Token API is architecturally consumed by a set of Fabric-specific components allowing Fabric clients to optimally choose the tokens to be spent (token selectors), construct token exchange requests (Token Transaction Constructor), create a list of owned tokens (Token Cache), initiate Fabric smart contracts to validate them (Token Chaincode), and allow auditors to perform audit functions (Token Auditor).

Flexible off-chain client interactions using Fabric Smart Client

Flexibility in the way transactions are constructed has turned out to be an important requirement when offering a transaction processing system. This is true even when the scope is limited to a specific purpose like asset exchange. The need for flexibility stems from the variability of the legal frameworks and processes governing an asset’s transfer, issuance, or redemption, even within the same country. Privacy requirements can also radically vary across or within countries.

That calls for different privacy enhancement technologies to be leveraged in each case. For example, cases with complete absence of trusted parties require the use of advanced cryptographic primitives such as secure multi-party computation and multiple interactions across the entities in the system to compose the transaction. On the other hand, use cases where one can rely on trusted hardware or trusted parties, would exhibit fewer and different types of interactions.

Fabric Smart Client comes to bring Fabric closer to such a flexible transaction composition setup. More specifically, it allows for easy communication channel setup between Fabric clients in the context of a specific application through a component called Application View SDK. The same component allows for easy programmability of the exact actions a client performs upon the reception of another client’s message in the context of an application, as well as management of the client-relevant application state.

Fabric Smart Client integrates legacy Fabric Client SDK extending the functionality of the latter regarding Fabric smart contract invocation and transaction submission.

Fabric Token SDK leverages Fabric Smart Client for constructing atomic (multi-party) swaps requests of tokens.

For more information register now for our on-demand webinar, and be sure to reach out and connect to us for any other questions you may have.


Turning strategy into business outcomes

IBM Blockchain Services can help bring your ideas to life.  Explore the use of blockchain and digital assets in your business.

Connect with the blockchain experts

Was this article helpful?
YesNo

Tags

 |  |  |  |  |  |  |  |  |  | 
Dr. Elli Androulaki
Distinguished Engineer in IBM Research
Dr. Angelo De Caro
Dr. Angelo De Caro
Dr. Kaoutar El Khiyaoui
Dr. Kaoutar El Khiyaoui

More from Blockchain
August 7, 2023

The Orion blockchain database: Empowering multi-party data governance

7 min read - Blockchain databases were designed to enhance trust in centralized ecosystems by incorporating tamper-evidence features into traditional databases. They are easier to use and can reduce operational and development costs compared to decentralized ledger technologies. However, existing blockchain databases lack efficient tools for multiple parties to control shared data on the ledger. Orion is an open source blockchain database that provides unique capabilities, such as multi-signature and proof functionalities, along with extensive key-level access control. These features empower parties to jointly…

March 22, 2023

Web3 oracle nodes: The capabilities and challenges of an industry disruptor

3 min read - In Greek mythology, oracles took once unattainable information from the gods and shared it with the world. Today, blockchain oracles pass information from one source to another. By design, a blockchain does not communicate with outside data sources; they only store historical on-chain user data. A blockchain oracle is the middleware that allows a blockchain to communicate with off-chain data. The addition of off-chain data provided by blockchain oracles was a huge step forward for the Web3 industry, enabling new use…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters