How to Responsibly Progress Digital Currency and Assets in the Emerging Crypto Economy

Executive Summary

The nascent digital asset?and blockchain industries are not perfect, but they should not be feared.?To ensure the responsible development of digital assets - including cryptocurrency - President Biden signed an executive order on the topic earlier this year. Specifically, the order directs federal agencies to research and recommend with the “highest urgency” the development of, and address the risks presented by, digital assets and a central bank digital currency.

To that end, IBM has assembled a guide to and recommendations for this rapidly evolving area based on our recent experiences and portfolio of client successes in this space. IBM recommends government and industry:?

• Systems be built using non-proprietary technology
• Networks use distributed ledger technology and permissioned blockchain
• Put the user at the center of design via a decentralized identity
• Establish a clear, standardized data structure and interoperability standards
• Define a governance model that can provide clear guidance and conflict resolution
• Avoid creating energy intensive and user biased consensus solutions and instead used permission-based consensus algorithms with off-chain interactions.
• Create risk, compliance, and supervisory framework; a digital assets bank consortium; and an examination team to build awareness among state and national regulators

Introduction

On March 9, 2022, U.S. President Joe Biden signed an Executive Order (EO) to ensure the responsible development of digital assets including cryptocurrency. Specifically, the EO directs federal agencies to research and recommend with the “highest urgency” the development of, and address the risks presented by, a central bank digital currency and digital assets (CBDC-DA).

The digital asset industry has seen a sharp growth from late 2016 - when the market cap was $14 billion - to $3 trillion as of November 2021.?This rise has also created concerns for the world’s central banks that domestic currencies could be undermined by this growth. In response, central banks have been investigating the practicalities of creating their own digital currencies. The U.S. now joins countries around the world - including the Bahamas, Brazil, China, France, India, Jamaica, Nigeria, Sweden, and Ukraine - on similar initiatives.

?The crypto industry is not perfect but should not be feared. For this reason, IBM applauds these ambitious CBDC-DA initiatives and looks forward to helping responsibly guide this evolving and rapidly growing crypto economy. Based on recent work done on CBDC-DA engagements in Canada, France, and Ukraine, IBM has established the following point-of-view that calls out seven key technology areas to be considered to progress a global digital economy.

1. Digital Identity
2. Governance
3. Digital Asset Design
4. Interoperability
5. Security and Privacy
6. Performance
7. Guardrails

But first, consider these two high-level technology-oriented recommendations to set the context.

Open and Standard - To fulfill their potential, CBDC-DA networks must be based on non-proprietary technology. Doing so will encourage broad adoption and ensure compatibility and interoperability of systems. Specifically, these enterprise-ready systems should be built using open-source software. In addition, they should use a combination of flexible licensing terms and strict governance by an open community. In other words, there is no one controlling vendor, organization or country that governs the direction of the project. IBM envisions CDBC-DA as a web of interoperating networks, not a single network.

Decentralization – CBDC-DA networks will greatly benefit from using Distributed Ledger Technology (DLT) and permissioned blockchain. Blockchain networks enable reputational trust, gained from its ecosystem, to be further enhanced with algorithmically verified trust. The combination of trust is what enables the speed and agility required to be accessible to a large diverse population of users. Decentralized, with known participants is foundational to our CBDC-DA recommendation. This approach is quite different from today’s popular crypto networks. ?

While IBM endorses many different permissioned blockchain protocols, the Linux Foundation’s Hyperledger consortium is on track to deliver DLT for enterprise that we recommend be utilized. Specifically, Hyperledger produces open technology to explore a wide variety of blockchain use-cases including permissioned DLT (such as Fabric and Besu), Identity (such as Aries and Indy) and Integration (Firefly). It also works with other permissioned, permissionless and non-DLT technologies (Weaver).

1 -?Digital Identity

Digital self-sovereign identity (SSI) is the most fundamental topic on our must-consider list. IBM’s experience from projects such as the New York Excelsior Health Pass demonstrates the ?importance of putting the user at the center of design. SSI establishes how people (users), places (originations, governments) and things (devices, tokens) interact by using workflows that issue, prove, and verify transactions across networks.

Decentralised identity (DID) is a complementary technology that allows for a universal reference for users or devices when verified with a highly resilient infrastructure (usually DLT-based).

Together, DIDs and SSI ensure users are defined and authenticated across networks in a privacy preserving manner, meaning users hold control their own data.

IBM is collaborating with organizations including Verified.me, the Sovrin Foundation, Trust over IP, and W3C Digital Identity on blockchain-based digital identity standards. Together, we are working to create a global ecosystem of blockchain identity networks backed by global standards.

2 - Governance

Permissioned Blockchain is a team sport. Its decentralized nature allows multiple users to contribute to how a solution is built, run, and operated. However, when many participants interact within a network, conflicts and breakdowns in processes can sometimes emerge.

Governance is one of the elements that distinguishes one blockchain network from another. Governance models within blockchain networks are still evolving, but their most important function is to guide how participants interact with one another and define how a CBDC-DA network operates.

A governance model provides a framework for guidance and conflict resolution. A governance framework is a key consideration for blockchain founders and users when evaluating the design (business, technology), development (platform, MVP, Pilot-Production), and implementation of a governance model (ecosystem, charter, on-boarding).

3 - Digital Asset Design

Digital asset and token designs are an emergent space. Early success stories claim adoption is greatly facilitated by a clear, standardized data-structural definition and interoperability standards.

Based on our experience gained from working on CBDC projects in France - including specific research on token design – we see two models dominating: Account and UTXO. The Account model is supported by well know standards including Ethereum’s ERC20/721 specifications, which are similar to today’s bank deposits. The other model is the Unspent Transaction Output (UTXO) model introduced by Bitcoin and used in systems including R3 Corda, Z-Cash, Hamilton and in Hyperledger Fabric’s token extensions.

IBM recommends a UTXO model be strongly considered for use in the CBDC-DA architecture. It’s a well-known model that is closer to today’s cash. Based on tests by IBM Research, UTXO was found to be superior for supporting privacy using advanced crypto primitives with practical efficiency (performance and energy).

4 - Interoperability

IBM believes there will not be one ledger to rule them all. The world’s CBDC-DA initiatives will need to advocate for standards that enable the stitching together of a web of systems, both DLT and non-DLT. To that end, IBM and HSBC recently demonstrated an advanced token and digital wallet settlement capability for direct transactions between two central bank digital currencies in a hybrid cloud environment.

The experiment successfully tested an end-to-end transactional lifecycle covering CBDC (minting and allocation), eBonds (Delivery Versus Payment) across primary issuance and secondary trading and coupon payments, and foreign exchange (pricing and Payment Versus Payment settlement). It was conducted in a hybrid cloud environment incorporating public and private clouds and on-premise data sources. Distributed ledgers based on IBM's Hyperledger Fabric and R3's Corda successfully worked together using the Weaver interoperability framework, a toolkit donated to Hyperledger by IBM Research.

Given the success of Weaver in the above experiments, we recommend it be studied and adopted for interoperability across global CBDC-DA architectures.

5 - Security and Privacy

Cryptography can be leveraged to provide transparency and privacy in security rules enforcement. To ensure broadest adoption, cryptography-libraries must be formally standardized with clear attention to computational overhead (e.g. an “energy warning label”). These libraries must also be quantum safe.

In addition, the UTXO model is superior for offering privacy in an efficient manner. However, a digital asset system cannot be more secure than the management of the associated keys (storage, use, renewal, report/management of compromise).

However, limitations arise from identity proliferation of users across different systems. Identity standards makes it possible to, for example, support GDPR compliance enforcements across applications, platforms, and infrastructure.

6 - Performance

Based on experiments conducted by both the Hyperledger Fabric Project and IBM Research, we have found that cryptography and consensus dictate the performance, resilience, and energy consumption of a decentralized system.

• Proof of work algorithms (PoW) are not environment friendly and have limited transaction throughput. PoW is historically linked to permissionless blockchain systems, and in particular bitcoin and its derivatives and are no longer considered state of the art (7-50 tx/sec).
• Proof of stake algorithms (PoS) do better, referring to permissionless systems, but governance is dominated by the participants with stake. PoS systems are criticized for how decentralized they can be given the incentivization mechanisms allow the ones with stake to gain more stake (> 100 tx/sec).
• Other permissionless system protocols (e.g., Solana with Proof of history, PoH or Ripple, Stellar) do even better by avoiding confirmation of sequential production of blocks, but?have not been reviewed by the scientific community and merit expert investigation and validation (PoH allows for > 50K tx/sec, while Stellar/Ripple offer a few Ks tx/s).
• Permissioned blockchain consensus protocols – such as the Byzantine fault tolerant consensus - come with a variety of different algorithms, but their energy consumptions are order of magnitudes lower than permissionless PoW and PoS systems. IBM Research recently demonstrated a variation called “Insanely scalable BFT” that allows for 10Ks tps with > 100 participants.

Regardless of the actual consensus protocol used in a blockchain system, blockchain solutions can employ off-chain exchanges that settle in groups with one on-ledger transaction (also referred to as Layer 2 solutions). This technique allows the underlying blockchain system to scale, and can boost performance by 10 times above the Byzantine fault tolerant consensus. However, such models can introduce new attack surfaces and require careful examination.

All considered, we recommend avoiding the creation of new PoW or PoS based-solutions within the CBDC-DA ecosystem. Instead, CBDC-DA standards should strongly recommend the use of permissioned BFT consensus along with off-chain interactions.

7 - Guardrails

Emerging digital asset technologies and evolving regulatory guidance can provide challenges. IBM recommends the following four types of guardrails for CBDC-DA networks:

• Digital assets risk and compliance framework. Such a framework would provide guardrails for digital assets fund administration, custody, trading, and other related activities. IBM recently helped State Street’s expansion into digital assets by creating such a framework.
• Supervisory manuals for all dimensions of digital assets risk and compliance. Supervisory guidance includes the development of a digital assets framework and principles related to anti-money laundering, key management, information security, operational resilience, payment system risk, and custody and fiduciary services. IBM recently helped Wyoming Division of Banking create their digital asset supervisory framework.
• Digital assets bank consortium. Anchorage became one of the first federally chartered digital asset bank in history. Anchorage Digital Bank is a Qualified Custodian with fiduciary powers that can help SEC-registered investment advisers meet their obligations under federal law.
• Examination Team. IBM recommends a strong examination team with sufficient understanding of digital asset-specific risks and to build awareness among regulators at all levels of government. Absolute trust is essential to attract and retain digital asset-based banking customers – especially institutional customers. To that end, financial services groups must operate between the guardrail to clearly demonstrate their digital assets and services are reviewed, tested, and audit-ready.

Conclusion

IBM applauds the global CDBC-DA initiatives that encourage responsible development and reduce risks for consumers. Our considerations and recommendations represent a call-to-action for global leaders to progress CBDC-DA. IBM looks forward to supporting ongoing dialogue and research aimed at advancing the future of our financial system’s technology and security.