Decentralized finance, or DeFi, has taken the world by storm.
Throughout 2020, tokens that are native to DeFi systems have exploded in value; the amount of capital ‘locked’ inside of the DeFi ecosystem has also risen astronomically. This has correlated with an increase in the number of users in the DeFi space.
However, the fast-rising popularity of DeFi can make it easy to forget how very young the ecosystem is, that is, until there is a hack, software exploitation, or a data leak that reminds us.
Recently, Finance Magnates spoke to Erick Pinos, the Americas Ecosystem Lead at Ontology, about how decentralized, on-chain identity can be used to make the DeFi ecosystem more secure, as well as to expand the number of use cases for DeFi platforms.
What is Ontology?
Pinos explained that Ontology’s work focuses on enterprise-level blockchain use cases that largely center around decentralized identity.
“We work a lot on use cases like decentralized certificates, decentralized medical records; we work with autonomous vehicles, decentralized credit scoring – use cases that need an element of identity that work on a blockchain layer.”
“So, our technical stack has a base layer, a public blockchain that can also work with private blockchains. On top of that, there’s a decentralized identity layer, which lets us go into these use cases of the supply chain, and these use cases of identity and data-sharing and data-privacy that help us tackle those markets very effectively.”
Building Defi platforms with ‘Money Legos’
Pinos said that at the moment, “the most practical implementation” of Ontology’s blockchain has to do with the DeFi ecosystem.
“A big element of DeFi is the ability to make decentralized financial transactions that are more complex than just the basic ‘send and receive transactions’ [use case]; through decentralized finance, you’re able to do things like decentralized lending, exchanges, insurance, borrowing. You can lock tokens up and do streaming payments.”
“You can also stack things on top of each other and form decentralized autonomous organizations that are responsible for issuing [tokens], for determining the rates for loans and for borrowing. There’s a lot of opportunities for innovation.”
“I think of them as ‘money legos,’ because you can stack them on top of each other,” he said. “There’s an element of composability with access to different APIs.”
However, “one element that’s really missing is the identity element, which enables a whole different level of things,” he said.
The Role of Identity in DeFi
This element of identity could have a profound effect on who has access to some of the financial services available through decentralized finance platforms. “A lot of it right now is collateralized,” Pinos explained.
“Because you don’t know who anyone is, there’s no level of trust or reputation,” he said. In other words, decentralized platforms grant their users anonymity, but with total anonymity, it’s impossible to build a reputation of trust or any symbol thereof, like, say a credit score.
As a result of this lack of reputation, DeFi platforms “have to over-collateralize their users’ activity.” That way, “if someone runs away with money that they borrowed, they get their stake in their collateral slashed, it gets repossessed,” Pinos said.
“With the introduction of identity, you can have elements of reputation, you can have elements of being able to attach ‘real-world’ items to it,” he continued.
For example, “with the reputation element, you could have decentralized lending where you don’t have to over-collateralize. Instead, you can collateralize normally. If your reputation is really good, you may not have to collateralize at all; it’s like your credit score. You’re considered ‘trustworthy’.”
Essentially, introducing identity to the DeFi sphere allows for the creation of “decentralized credit scores,” Pinos said, adding that “this is what Ontology is working on.” Ontology’s decentralized credit score is called “OScore.”
Can Decentralized KYC Checks Keep Personal Data More Secure?
Pinos also explained that on-chain identity can allow DeFi platforms to integrate decentralized know-your-customer (KYC) checks, which Ontology is also working on developing.
The Rising Star of the DeFi Project, GIBXSwap, Passes CertiK Security AuditGo to article >>
“If you verify yourself once, you now have an on-chain certificate that authenticates you for future transactions you need to do where you need to KYC yourself,” Pinos said. “So, rather than having to re-KYC yourself for every single service, you can KYC yourself once and then re-use the certificate.”
“So, it kind of works together,” he went on. “Some of these tokens and services are open for anyone, but with the introduction of KYC, you’re able to offer the ability of these more advanced use-cases,” including things like tokenized mortgages.
How does decentralized KYC keep users’ data safe? Pinos said that the fact that users only have to verify their identity one time eliminates much of the risk associated with entering KYC data into various platforms; there are simply fewer points at which data can be intercepted.
Indeed, “right now, there’s a situation [in the financial space] where you have to verify your identity many different times for each service that you want to use,” he said. “You have to re-upload your passport photo to all of these different websites, and every one of them is doing KYC in a slightly different way.”
“So, now your passport picture is on the servers of all of these different websites,” he said. “Half of them go bankrupt, and now they just have copies of your passport sitting on these bankrupt servers. Who knows who will possess them and repurpose them in the future?” he added.
Using Zero-Knowledge Proofs in Decentralized Identity
However, a decentralized, blockchain-based KYC identity acts much more like a blockchain token; it can only be sent and received with its owner’s permission.
This is because the decentralized identity uses verifiable credentials. These are “a component of a decentralized identity system where each person has a decentralized identifier that identifies who they are, and you sign it” with a private key.
“You use your private key to sign your credential to verify that it came from you,” he continued. “That creates a hash of the credential, which is a verifiable proof that the credential is true. You can then share that hash. When you share that hash with someone, you can authenticate yourself and prove that you signed it at a certain time.”
Pinos also said that the incorporation of zero-knowledge proofs into decentralized identity will “really change the game.”
“Zero-knowledge proofs allow you to break apart your identity and share specific components of your identity to different individuals,” he said.
“The classic example of what this means is when you go to a bar to show that you are over 21, you have to give the bartender your driver’s license.”
However, the driver’s license has a lot more information on it than just your age – information that the bartender now has unfettered access to: “your age, your height, your weight, your home address, and all of this other information that they don’t need to know.”
Therefore, “if you can just share that one data point with them, whether you’re over or under 21, and you have a hash attached to it that mathematically proves that the information is true, that’s all you need.”
“It creates a much better system where you’re not sharing your entire identity every single time. Instead, you’re sharing just enough data that’s needed for every single party to verify yourself in order to use a specific service.”
“We’re Moving toward a Serverless [Ecosystem].”
Decentralized identity also allows users to keep their data “localized”. In other words, the KYC data leaks that we see a few times a year in the crypto space could become a thing of the past.
“The other element of decentralized identity is the localization of data,” Pinos said. “We’re moving towards keeping the data stored locally.”
For example, “in our case, a lot of the certifications that Ontology uses for KYCing and for the OScore – those are stored locally on your phone.”
In other words, “someone couldn’t hack Ontology and have access to all of the KYC data, because we don’t have it,” he said. “It’s on the users’ phones. It’s all localized.”
“As more companies move towards using that as a way of storing data, and as these decentralized storage systems continue to take hold, it’s going to get harder and harder to hack [personal data],” Pinos said, “because hackers wouldn’t find anything – the data isn’t stored on centralized servers anymore.”
Indeed, “we’re moving toward a serverless [ecosystem],” Pinos explained. “This makes it a lot harder for hackers to find targets.”