DOT I AM is an application aiming to transform the Know Your Customer (KYC) process. Leveraging the power of blockchain and zero-knowledge proofs, we provide a secure, efficient, and privacy-preserving KYC solution. Our user-centric approach enables secure identity verification whilst keeping personal data private, fostering trust and reducing the redundancy in KYC processes across multiple platforms.
The traditional approach to KYC processes presents a range of inefficiencies. These processes often involve repetitive and time-consuming procedures that require the surrendering of personal data to multiple parties. This not only undermines their experience but also raises concerns about privacy and data security.
From a business perspective, this approach is fragmented and repetitive. Each KYC procedure necessitates the commitment of significant resources, including manpower for processing and verifying documents, systems for secure data handling and storage, and ongoing management to ensure data accuracy and compliance.
Moreover, there is substantial risk associated with handling sensitive customer data. Data breaches can lead to significant financial penalties, reputational damage, and a loss of customer trust.
DOT I AM addresses these issues. It’s a platform embedded within the Astar ecosystem and integrates with Metamask. It offers a single source of truth for KYC data, providing immutable, secure, and efficient storage and retrieval of verified identity data. Zero-knowledge proofs help to protect user privacy, ensuring that sensitive information remains confidential while still allowing users to verify their identities to third parties.
Our goal with DOT I AM is not only to simplify the KYC process for users within the Web3 space but also to significantly reduce operational costs and data security risks for businesses. By transforming the way KYC is performed, we believe we can foster a more seamless, secure, and cost-effective experience for all parties involved.
DOT I AM is a blockchain-based, decentralised KYC solution designed to streamline identity verification while preserving user privacy. We leverage the Astar network to provide an efficient and secure means of managing KYC data. Here’s how it works:
- Cryptocurrency Exchanges: Centralised cryptocurrency exchanges are required to verify their users’ identities to comply with anti-money laundering (AML) and counter-terrorism financing (CTF) regulations. With DOT I AM, users can validate their identity details (such as name and country of residence) securely, aiding faster onboarding and reducing data management burdens for the exchanges.
- Crypto-Casinos: Online crypto-casinos need to confirm their users’ age and residence to ensure they comply with gambling laws and regulations. DOT I AM enables users to prove they meet these criteria without disclosing their exact age or residential address.
- Initial Coin Offerings (ICOs) and Security Token Offerings (STOs): These fundraising methods often require investors to undergo KYC procedures. With DOT I AM, investors can verify their identities without sharing unnecessary personal information, reducing the data management responsibilities for the ICO or STO organisers.
- Decentralised Finance (DeFi): As DeFi platforms mature, some are beginning to implement KYC measures for compliance reasons, particularly those that involve fiat on-ramp or off-ramp. DOT I AM can support these platforms by providing a secure and efficient KYC solution.
- NFT Marketplaces: Transactions involving fiat currency, as well as the sale of rare or expensive NFTs, often require KYC to adhere to anti-money laundering laws and prevent illicit activities. DOT I AM enables users to confirm their identities in a secure and private manner, streamlining the process for both buyers and sellers while ensuring compliance with necessary regulations.
We acknowledge the presence of other projects pursuing similar goals. However, DOT I AM is designed with key distinguishing features that set us apart:
Data Storage and Retrieval: While some projects like KILT store hashes on the blockchain, we adopt a different approach by storing encrypted data on-chain, and then generating zero-knowledge proofs. Users can store, retrieve and control their actual personal data, providing increased flexibility, privacy, and opens the door to more usage possibilities.
Ease of Access: Another differentiating aspect is our focus on accessibility. Some solutions require users to download specific wallets, which can limit their potential user base. At DOT I AM, we’ve chosen to integrate with MetaMask, a widely-used digital wallet that’s already installed by 80-90% of Web3 users. This approach significantly lowers the barrier to entry and does not require users to download additional extensions, thus broadening our reach and facilitating user adoption.
The backbone of our system is a smart contract, developed in Solidity. This smart contract serves as the operational engine for our KYC system, controlling the storage, retrieval, and management of KYC data within our ecosystem.
The smart contract developed for DOT I AM is designed to store KYC claims in a secure and efficient manner. Each claim contains a type, which defines the kind of data the claim pertains to, and encrypted data. This encrypted data encapsulates various forms of personally identifiable information (PII) such as date of birth, address, name, etc., depending on the claim type.
To further extend the system’s functionality and security, we’ve incorporated a provision to include additional meta-data relevant to each claim. This can include details such as the expiry date of the claim, providing an added layer of control over the data.
Unlike other solutions that rely on storing hashes, DOT I AM leverages the power of data encryption to securely store actual personal data on the blockchain. This encryption ensures that the user, with their private key, can decrypt and access this information, maintaining the control and privacy of their data.
We take privacy a step further with the application of zero-knowledge proofs. Using this cryptographic principle, users can prove they hold specific information (such as being over a certain age) without revealing the actual information itself. This further preserves the privacy of our users and ensures the only necessary information is disclosed.
The user interaction with DOT I AM is designed to be minimal, straightforward, and most importantly, secure. Initially, a user interacts with DOT I AM only to submit their data for verification. Once this verification process is completed and the data is encrypted and stored on the blockchain, the primary interaction of the user shifts from DOT I AM to the third-party service they are accessing.
This design reinforces the principle of decentralisation and the user’s control over their data. When a user wants to prove their identity or any specific claim to a third-party service, this process is handled directly between the user’s client-side and the Astar Network. The user’s client-side decrypts the required data using the user’s private key and generates a zero-knowledge proof. This proof, which verifies the user’s claim without revealing the actual data, is then sent to the third-party service.
By having this architecture, we are able to maintain the highest levels of privacy and security for our users. This model ensures that DOT I AM does not need to act as an intermediary once the data has been verified and encrypted, further minimizing any potential security risks and maintaining the ethos of decentralization.
Our journey began with a winning idea at the Astar track during the EasyA x Polkadot hackathon, where our initial DOT I AM prototype won us first place. This encouraging start propelled us to develop our project further. As a result, we’ve built a solid foundation, established a working proof of concept, and we’re now leveraging a Solidity contract as a minimum viable product (MVP). We are steadily progressing towards the finalization of our MVP.
- Perfect our blockchain architecture: Our immediate focus is to refine and finalize our blockchain architecture. We understand the weight of this decision for our long-term plans. Thus, we intend to keep our process agile, defer commitments until the last responsible moment, and engage with experienced blockchain consultants to ensure we make the best decisions.
- Integration with third-party apps: The next step is to start integrating DOT I AM into third-party applications using integrated components. Our goal is to facilitate easy and seamless identity verification across various platforms.
- Forge strategic partnerships: We’ll be actively seeking partnerships with other entities in the blockchain and fintech ecosystem to broaden our reach and enhance our offerings.
- Develop an Adaptive Model: In order to cater to a variety of use-cases with differing requirements, we plan to develop an adaptive model. This will allow individual use cases to specify the fields they require for their unique applications. This flexible approach will enable a more personalized and efficient identity verification process, ensuring DOT I AM is versatile enough to cater to a wide range of needs.
Money Laundering Regulations:
While we aim to delete user data as soon as possible, for users wanting to access certain services like exchanges and casinos, Anti-Money Laundering (AML) regulations state that we must retain personal information for five years. This will be an opt-in procedure, but those wanting access to these services may feel that they’ve lost some privacy and their data is more at risk. To comply with these laws, we’ll need to store data off-chain and maintain tight security over this.
Right To Erasure Compliance:
With GDPR’s right to be forgotten - users must possess the ability to request the deletion of their personal data - even if they lose access to their wallets. Because there is no trusted proof of personhood yet, in order to achieve compliance with this provision, we have designed our system to allow for the removal of user data upon request and verification. While we are committed to maintaining the benefits of blockchain technology, such as transparency and trust, we must also ensure that we meet legal standards concerning data protection and privacy.
What is the difference between Kilt and DOT I AM?
Both Kilt Protocol and DOT I AM aim to address the problem of identity verification in the blockchain ecosystem, but we aim to differentiate ourselves in a couple of key ways.
Firstly, Kilt stores hashes on the chain, while DOT I AM stores our encrypted data on the chain and then uses zero-knowledge proofs to protect user data. This means that on Kilt you can only prove your claims, whereas with DOT I AM you can store and retrieve your actual personal data which adds more control and flexibility.
Secondly, to access Kilt you have to download a sporran wallet. In our opinion, this greatly limits the potential user base as not everyone wants to download another extension. However, with DOT I AM, all you need is an Ethereum address. We have initially chosen to integrate with Metamask which automatically gives us access to 80-90% of web3 users without any downloads required.
Why have you chosen Astar Network?
DOT I AM has chosen the Astar Network for its scalability, interoperability, and support for Ethereum-based smart contracts. As part of the Polkadot ecosystem, Astar enables high-throughput, facilitates cross-chain communication and significantly expands our potential user base via access to various networks. We’re also thrilled to see substantial use cases, including projects from major players like Sony, being built on Astar. Astar’s robust community support, coupled with its strong security inherited from Polkadot, provides an ideal environment for us to innovate, grow, and reach a broader market.
If my data is stored in the Blockchain, can everyone see it?
No, no one may see your data. Even though the data is stored on the blockchain, it is encrypted using the user’s public key. This means that the data is transformed into a format that can only be read and understood if you have the private key to decrypt it. In DOT I AM’s case, the user is the one holding that key. This approach ensures that your personal data remains private and secure, while still being able to prove certain facts about yourself, like your age or address, to others.
How can I begin utilising DOT I AM?
To get started with DOT I AM, the only requirement is an existing Ethereum address. We’ve integrated our platform with Metamask, a popular extension already employed by 80-90% of web3 users. This means there’s no need for additional downloads; you can simply connect your Metamask wallet and initiate the process. Our primary goal has been to offer a straightforward user experience.
Once set up, you’ll have full control over the information you upload to your wallet. Furthermore, you can selectively choose what specific data you wish to verify, ensuring you retain complete control over your personal information at all times.