The Bank of England has released a Proof-of-Concept paper (PoC), together with Blockchain startup Chain, that examines how to configure a distributed ledger system which would maintain privacy between participants, keep data shared across the network, and also enable a regulatory body to oversee all transactions, as outlined April 11.
The paper investigates a scenario in which the DLT system includes a central authority (such as a central bank), a regulator, and several participants involved in the transfer of a hypothetical asset.
The central authority would have the power to issue and retire new units of assets and grant access permissions to all participants, and the regulatory authority would maintain oversight of all assets in the system. No party other than the regulator would be able to infer details about transactions they are not party to.
An attacker would have to obtain the private keys for each transaction in order to decrypt data, such as asset identifiers and transaction amounts.
The paper is for now academic, rather than practical. It raises the concern that although current cryptographic techniques are “theoretically” able to secure privacy between participants, whilst also keeping the data fully distributed, future cryptographic breakthroughs could retroactively compromise this and render the scheme vulnerable to attack.
In responding to the “trade-offs” between privacy, performance, and resilience, this PoC is different from alternative schemes which privilege privacy to the extent that data is only shared between those participants directly involved in a transaction. The paper nonetheless concludes by admitting that the cryptographic solutions which could offer an “ideal” balance between factors such as scalability, speed of transaction processing, and security risks, still require significant testing.
The paper comes days after the UK bank announced renewed plans to pursue its PoC for a DLT-compatible real-time gross settlement system (RTGS), which was first proposed in 2017. The statement struck a similarly reserved note, emphasising that DLT tech was not yet “sufficiently mature to provide the core for the next generation of RTGS,” but that it placed a high priority on expanding RTGS functionality to be capable of interfacing with DLT in the future.
A recent report released by SWIFT and 34 global transaction banks likewise emphasized the need for more DLT tech development to meet “industry-level governance, security and data privacy requirements,” yet struck an overall positive tone, urging the banking community to complement their platforms with DLT capabilities.