The traditional finance products and services are created and managed based on centralized finance system(s) controlled by big players with deep financial pockets and political influences. Some of the largest private and governmental financial institutions interact with each other through highly controlled financial channels to send and receive information that controls the finance market. SWIFT, ACH, Fedwire, CHIPS are examples of channels that send and receive finance and related information among a global financial and banking institutions.
Decentralized Finance (DeFi) is becoming popular for creating and managing finance products and services. The main premise of DeFi is that there is no centralized control over how finance products and services are created, shared, and managed. DeFi primarily depends on blockchain technology and platform such as the Ethereum platform. There are many “born on blockchain” companies who are developing decentralized finance products and services. There are many decentralized finance applications (aka DApps), such as asset management, compliance, know your customer (KYC), know your transaction (KYT), lending and borrowing, payment, trading, insurance, etc. The mainstream finance companies are integrating their CeFi with DeFi. This integration allows them to experiment and become relevant in the DeFi world.
Let us begin with definition of DeFi and CeFi. Qin et al provide a simple framework for defining DeFi and CeFi based on a decision tree illustrated in below (we have modified the decision tree, but conceptually it is same as proposed by Qin et al).
In a (pure) CeFi the finance assets of a user are held and fully controlled by financial institute that own the (centralized) platform. When someone (or an institution) can censure a flow of transaction but has no control on the settlement, the resulting platform is a hybrid of DeFi and CeFi platform, with CeFi controlling theflow of transactions, but not the settlement (that is, once a transaction is settled, it cannot be revoked easily). Finally, when someone (or an institution) can censor the protocol execution, the resulting platform is also a hybrid of DeFi and CeFi platform, with central governance of the platform (for example, using permissioned blockchain). In a pure DeFi both the transaction flow and the settlement of user owned assets are free from centralized body of control.
Let us focus on the hybrid model with centralized financial institutions acting as intermediaries for transaction flows, and the settlement done in a decentralized manner (that means transactional protocols are not controlled by centralized financial institutions). We believe permissioned blockchain has a place in the spectrum of finance system, but we will not focus on them here. For permission-less blockchain we can use the Ethereum blockchain platform.
Figure below illustrates the hybrid CeFi-DeFi model where financial institutions holds the finance assets of its users, but then uses DeFi for settling the transactions. These financial assets once settled on a DeFi system cannot be (easily) revoked. For instance, Bob assets are held by Bob’s Centralized Financial Institution (CFI) and Bob can initiate a transaction which will get settled on a DeFi system. There are users (e.g., Alice and Joe) of DeFi that are outside the control of Bob’s CFI. We need a way to identify those users and the transactions initiated by them.
An important aspect of CeFi-DeFi is the design of control plane (CP) that a centralized finance institution can control the flow of transactions and settlement of those transactions are settled on a DeFi system. The CP provides several controllable services that will simplify the experience of CeFi and DeFi interactions. It is important to remember that the CFI can run their centralized finance applications on both private on-premises data centers and on public cloud. The CP will bring all these applications into a seamless experience for both CFI and the end users.
The design of the CP should be based on the following observations:
- The settlement on blockchain follows eventual consistency. Therefore, the CP designed for eventual consistency.
- Solidity is the main high-level smart contract language that is compiled to Ethereum bytecode that executes on Ethereum Virtual Machines (EVMs). The CP design should only deal with a safe subset of Solidity programs.
- Since the settlement of transactions is beyond the control of CFI, the control plane designed to ensure strong observability and resilience testing.
- CFIs are under tremendous scrutiny by governmental regulations. On the other hand, regulatory controls are not fully explored for DeFi. CP should be designed to follow CeFi regulatory requirements.
- DeFi is not yet subject to liability due to security breaches. Security requirement is critical for CeFi to protect against (sensitive) data breaches and integrity compromise. The CP is designed to protect CFI against security breaches and liability risks.
- All transactions flows are under the control of the CFI and so CP is designed to support as a service model using APIs (Application Programming Interfaces). It is important to use containerized microservice architecture to manage transaction flows in CFI.
- All changes must go through and so the CP is designed to support as a code model with CI/CD (continuous integration and continuous delivery) model.
- CFIs are under the scrutiny of KYC (Know Your Customer) and AML (Anti-Money Laundering). One key aspect of KYC and AML is keeping track of the identities of users of CFI. DeFi does not have such uniquely identifiable users. The CP is designed to protect CFI from KYC and AML and we will explore self-soverign identities, Sidetree protocol and ION (Identity Overlay Network) for managing and controlling digital identities.
- In a cloud native world, it is also important to uniquely identify workloads (e.g., microservices) that can mutually authenticate with each other. These workloads control transaction flows in CFI and with DeFi system. We should explore SPIFFE/SPIRE for defining and managing identities within CFI. SPIFFE identities are not same as SSI, but they complement each other. We should also use OPA (Open Policy Agent) to define and enforce policies across CeFi and with DeFi. OPA can work with SPIFFE/SPIRE and SSI.
At kyndryl we are exploring DeFi, NFT, and Web3. Come and co-create with us, and we can change the world together!