So, well, I, I was asked to speak about identity and since I'm coming from the blockchain and particularly public blockchains, and we don't believe in private blockchains because we think this just defeats the whole purpose mm. In public blockchain, the, the problems of decentralized governance are very much like on the, on the agenda today because we have some problems in reaching the decisions. Sometimes when we need, for example, to upgrade the network with new software, it's kind of easy problem, right? In the centralized world, it's quite easy.
You push the button on a GitHub and your software is being updated. Now the question is who is pushing that button and in, in centralized world, that would be like, I dunno, CTO, the person who we all know in the company, in the corporate structure, who is responsible for this, pushing that button in decentralized world, we don't have that person, right.
We, we don't know who actually have a, as a right to push that button. And that creates all sorts of problems because the blockchain itself is a decentralized infrastructure, which controlled by many parties, purposely unconnected, purposely don't have a corporate structure behind them. And so on. So the question is who pushing the button and how to reach that decision. Even collectively, who is like, are we going to upgrade or not?
It's, it's like creating problems with a decentralized governance. And we will see that it's a problem, which, which connected to like digital identity in general.
At first, I, I wanted to say that like, I believe blockchain and we can see that now actually will disrupt every industry requiring trust.
I, I, I like listed some of them like store of value and just in general value transfer, like all the banking industry, finance, trade, whatnot, everything that requires trust will be disrupted by, by the blockchain because blockchain can, it's, it's, it's a trustless execution environment. So you can execute programs in completely trustless fashion.
And when you can do that, whatever you can write software for which can be executed trustless, it means that everything that require trust and can be put in software can be disrupted in like today's model when, when, when you require trust to execute them. Right. But identity, the first all identity is like requires trust. Right?
Well, of course it's an industry, right? So, yeah.
I just, you know, randomly put some numbers here in terms of the size of this industry, but you know, probably much more than me on the, on the sizes of this, of this, all, all kinds of identity related industries. Right. But let's say we certain it's an industry and we certain it does require trust because when someone issues, issues and identity, the whole point of ID is that there is a third party somewhere, which can, you know, which you, you trust, which can say that my name is media and my family name is Gora Shefsky. And presumably I live in certain area, right.
And, and this third party, which is trusted, third party will give me these documents. I have several of them like driving license.
And, and I have, I think, three other identity documents.
I care with me all the time, because now we have this COVID certificate. Right. And so you go with, with, in like in the cafe here and I'm on Greece now.
So we, I go into any, any cafe and I show this, my certificate is kinded with a cure code, they give this bangs green light. And then it says, but show me your identity, because they don't know if this certificate is not forged. And so I need to give them the identity. And the thing is, of course, they look at this identity, okay. They see the picture and they, they know this identity roughly issued by some probably trusted party. They don't really know that because obviously the waiter in the restaurant, they, they can't verify my identity, but it looks okay to them. So they give me pass.
Right.
But this, but, so this requires trust. The question is, can it be disrupted? Let's say I need my ID.
I, my car certificate to, to prove that I own the car today. Like I prove that I have the certificate for COVID vaccination nation.
Now, if I give the some pub key to verify that I am the owner of car certificate, that should be enough, right? If instead of a Q code, the identity card, I would give some public key, prove that my it's my public key, because I have a private key. Right.
Then, then they, they, the waitress in the restaurant won't need to check the certificate against my some document. And by that they won't need to see my name, my, my, the whole identity document, my, my picture, nothing like that. Wouldn't need that because I'm a physical person. If I give you my pub key, and I prove that I have a pub private key, then it means that I'm the person and the certificate is encrypted.
I mean, it's just very simple stuff, right? Encryption wise, it's really simple stuff. We can do it.
I mean, we are doing that for dozens of years already, but I'm still going with this, you know, Q code and showing them my identity somehow. So definitely Christ for disruption, I think. Right.
So, okay. That's another example. I want to get a loan. I I'm going to some financial institution in the bank and they need to see a lot of IDs in connect this ideas to the history of my transactions. And they doing that in an awful way. I tried to pass one K YC for, for one deal. I just wanted to buy something in the bank aspect for, to, to pass this K Y C ML stuff.
I didn't, by the way, completely, without any reason. And of course they don't give the reason. And of course, I know that I didn't do anything wrong, but the thing is that it's so badly designed.
I mean, it's so awful as a whole, the whole thing in the whole decision making process in, in this, in this like banking industry for, for that stuff is just, it doesn't work. I mean, because we are trying to stop really tiny percent of people who are really like performing, like making crimes while verifying everything about everybody. And of course under the stress of this, no system can function.
And we, we see that it doesn't function because it, it like many people just, just get restricted out of no reason, out of just the simple that the banking industry is so stressed to comply. And, you know, obviously the, they cannot do that. This system is unsustainable.
Like we, we won't be able to, to sustain that any further. So, but if I had this all on the blockchain and today I can, and what I did in the end, I can get a loan on the blockchain, taking my digital assets, collateralize them in. That's it like, it's really simple. You don't need to go through any kind of verification, any kind of this whole process of horrible and, and unstructured process.
You just, you just do that in two transactions.
My point is that if I'm sitting in the car and I'm giving you my public key, you really don't need to know my identity. Right? You have the car. For example, I just broke some speed limit of whatever, which I usually do.
And, you know, you can just, just take me and you can revoke my license. For example, if you have a right keys, meaning you are a police officer, for example, and I have a right keys, meaning it's my driving license. Then you can, you can just revoke this. If the driving license smart contract allows this function and would be like really easy stuff to do, and you don't need don't even know my name, like a loss of identity document does not prevent you to be caught for like stealing, stealing, or arrested for something or put in jail.
You don't need identity for that, because if you, you are the person, right. If you committed, it's like you are biometrics. You committed to cry. You got caught. You put in jail, doesn't matter if you have identity or not. And the problem is that, you know, this guy that went into people in the news prominent several years ago, he did have a valid driving license, having a passport name, driving license, never prevented anyone from like doing something, something bad or to height. And by the way, simple photo that your biometrics works much better than having your passport number in that case.
So what I said, everything I said before was about like cryptography. Basically we have, like, we use cryptography to prove and encrypt sign things. We can prove certain things. We can even prove things without revealing the data with the knowledge with the zero knowledge proofs. Right? And so why we need the blockchain for, we need the blockchain to actually record and interact.
Like, if we want to have this interactive process, then we have this, so we can imply an encryption. And then we can put some records about what we did on the blockchain, in a completely trusted fashion trustless fashion. Right. So if we can do that all, I mean, what's the problems.
I mean, don't, we have any, we do. And this problem is I ask everyone to, to, to read latest, like Gutha pieces about like the text about the, about the governance systems and in decentralized world.
And basically the problem is that if without third party not, not everything I can do without third party and the thing I cannot do, or at least remotely is to prove that I am the only one, right. So I can create identities and use these identities. And that can be problematic for cases like elections, for example. Right.
So if coming back to this example of the software update and proving like, so we can have an election, we can have a voting about all this, about who is pushed, who need to push, like if do we push the button or not collectively, but the question is who are we? And just by encrypting something, we cannot ensure that people will not re-encrypt meaning that we won't have civil attack, which many identities attack on the same thing. And there are countless systems how to try to mitigate that, but none of them are currently working.
Actually, the, the only thing really that, that still really works is KYC, right? Unfortunately, the decentralized KYC is a, is, is a problem right now. We don't have solution for that.
Biometrics could be a solution for that. If we could create a kind of a decentralized biometric database, I would say, this could work, but of course what I'm saying bottom line is we don't have yet the solution. And that's why the whole identity industry is not yet actually like being disrupted actively by, by blockchain. For example, would we find the solution? I think we will.
And last thing I wanted to talk about is, is, okay, so, so I said, you know, a lot of stuff doesn't really work. Do we have any examples of these things that really works in disrupting the like centralized solutions, which relates to certificates or, or any kind of identity at all. And I wanted to give this examples of example, of, of decentralized name service versus versus DNS, like DNS, the main name service.
So, so you have right now, if you go to the, to your browser, you type name there, like, I dunno, google.com.
And you go through that. This is how DNS works, or should I say it?
I mean, it works. I mean, it, in most cases it works, but if you remember the attack on Facebook and, and all Facebook like properties, what couple of months ago, then everything stopped working. The attack was through the DNS service. And there are many, like, this is, this is a hierarchical system.
It's, it's centralized in a way that there is a, there are, there are like, you know, institutions who, who give the certificates road certificates, top level, domain certificates and, and secondary and so on and so forth. Yeah. And there are many servers in that and it looks quite complicated when you actually, you know, setting it up and then people, this is a proposal how to, you know, mitigate attacks and it it's even more complicated right now. The system is, is, is very complicated.
It's prone to attacks.
There, there are several attacks like you, you have DNS fishing and malware and DDoS and fault positive triggering and tunneling and whatnot again, cause really real significant to, to the, to the industry actually like each attack is probably estimated at about 2 million worth of damages, but Facebook of course had much more statistics changed in that respect. So, so, okay. So this is a trust based environment because someone need to give you a certificate that you own the domain and then resolve this domain to the IP address when someone wants to like put this domain name in their browser.
So can we disrupt that? Yeah, we can big time. So imagine that the instead of IP address, and actually this is the working system on ever scale a blockchain right now. So imagine you, instead of an IP address, you would have some hash like an address.
And that would be the address, which, which the whole system knows where, where to go like today with IP address is, and, and the address itself will be hash off some initial data. Plus some contract code, some software code, basically what we can do with that.
Well, let's say the cert, you have a, you create some code which would be certificate code that just a piece of software code. And then you add a name there, which will you want to resolve, or you want to register that case. That would be google.com for example, right? You hash it. And that gives you an address. Both of them like you, you take the certificate, you take the name together, hash it, you have an address, right? So now to resolve that address, all you need to have is the certificate code in your computer.
You can download it once because this certificate code will be good for all the domains in the system.
Now you have the certificate code, you type in your browser, google.com. It doesn't go anywhere to resolve it. It instantly locally on your machine. It takes microseconds and you get the address. Now you go to that address and you see if the contractor is deployed there, it means there is if there is a code, some code on that address and that, that here you go, the certificate is valid. That's all, it's a brilliant system. It's called dance. It works it's much faster than any DNS.
It's much more secure than any DNS because there is no system behind it right now. So now the only thing you need is to prove that the, the, the someone that the owner of certificate, right, it's actually the owner of the, of the contract, which is there. And for that, you create whatever system you want to create in terms of how do you handle this certificates? You can create a system where it will be auctioned, like in, in ever scale blockchain, or you can create any other system or in first come first, take for example, or, or, you know, anything else, you vote something.
Now you, I handle you the certificate. Now you, you have the certificate for ownership now in order to find the certificate, you just need to know.
And, you know, whatever, for example, the item code or the ID or your name, doesn't matter what it is. It works at any certificate whatsoever.
So I think, well, I think that's it basically, of course, it's just a high level overview, but well, if you have any questions, please do not hesitate.
