Is Polkadex on the Right Path with Decentralized KYC?
The crypto industry is seeing more and more headlines about tighter government restrictions. On July 20 the European Commision (executive branch of the European Union), announced that a new proposal would result in tighter regulation for the cryptocurrency industry—in particular, regulation around anonymous wallets and transactions. This had been rumoured so it wasn’t exactly a surprise, but that didn’t make it any less sobering for those crypto holders who enjoy—or rely upon—anonymity.
This type of crackdown isn’t just a major step, it’s the next step in the process toward regulating cryptocurrencies in a way that looks very similar to securities and fiat regulations. Even if this process is different and functions more in line with the characteristics and needs of crypto, it seems to be headed toward the same level of scrutiny currently applied to more traditional money markets. And the EU isn’t the only regulatory body headed in this direction. The US has for some time been increasing pressure on crypto markets, with the Securities and Exchange Commission (SEC) pursuing a stream of lawsuits to enforce the treatment of many cryptocurrency products as securities. This isn’t likely to end soon, especially as some crypto projects are fighting back (for example, the SEC vs. Ripple case) and the fact that some of the traditional monetary regulations fit about as well as having a shoe on the wrong foot.
Given the volatile situation, it might pose additional risks for crypto investors. Uniswap recently announced that they would no longer support certain tokens such as tokenized stocks and derivatives, in order to more closely follow regulatory guidelines. The easiest way for crypto projects to handle the situation would be to mimic traditional securities and investment products, including the rigorous KYC protocols. However, a number of DeFi exchanges and projects are against traditional KYC. Surprisingly, though cryptocurrency is often (mis)represented in popular media as being anonymous, there are few projects that truly offer this type of freedom, and these are likely not attracting massive interest from investors worldwide. Instead, those projects that oppose traditional KYC are doing so not to protect anonymity, but to protect user privacy. Is there a difference between the two? Absolutely. And some projects, such as Polkadex, are working hard to maintain the balance between full regulatory compliance and protecting their users’ personal information.
The Polkadex Approach
Polkadex is a fully decentralized peer-to-peer orderbook-based cryptocurrency exchange for the DeFi ecosystem, built on Substrate and designed for Polkadot. It was built to create a platform that took the best of both centralized and decentralized exchanges, and combine these features into a powerful trading tool for crypto traders everywhere. It operates as a way to exchange tokens using a peer-to-peer trustless environment, and as a parachain on the Polkadot ecosystem in order to benefit from strong security and fast, low cost transactions.
The project has received a lot of attention, investors, and traction in the DeFi community. It has the pulse of crypto traders and features many tools that specifically fit their needs, including a strong UX, interoperable bridges to other networks and liquidity sources (including fiat), and the ability to implement bots and other high volume strategies.
One key element to the subject of regulation is the approach Polkadex has chosen toward KYC. As a reminder, KYC (know your customer) policies are designed to prevent illegal activity such as money laundering or allowing sanctioned individuals to participate in markets restricted to them. As a matter of perspective, these policies in principle affect very, very few people and are aimed to prevent behaviors harmful to society. Polkadex has stated that they do not oppose KYC at all, as it is an important step to ensure a safe market for everyone, and because ensuring compliance helps prevent any unnecessary friction with regulatory bodies.
That said, Polkadex does oppose some of the traditional structures set up for KYC. Namely, that they should be responsible for the process and—more importantly—the private data of their customers. They (and other projects with similar views) cite two key issues with standard KYC processes, for DeFi or any other type of money market:
– First, KYC is not only cumbersome, it can actually disadvantage those who may not have the documentation necessary, or who are flagged incorrectly. The current KYC is fraught with inefficiencies, and the rate of mistaken restrictions creates real harm to those it affects.
– Second, KYC by its nature means handing over sensitive, personal information that could be used specifically for identity theft or other forms of fraud. Under the current system, investors must give this very important information out to any exchanges, banks, and other institutions they interact with. When one considers how many hacks are successfully pulled off each year, and how those who hold mass amounts of KYC information would be prime targets, well… it’s not hard to see why this becomes a major point of concern. There is a valid case to be made for a different KYC process, not to protect anonymity but to protect user privacy and the right to not have one’s information stolen. While there is never a guarantee for our private information to stay private, the more people holding onto our personal details, the greater chance it will be stolen by those who would use it for malicious purposes.
Given these challenges, how does Polkadex and others plan to balance compliance with privacy? In short, by using a qualified intermediary in a process known as “Decentralized KYC.”
Polkadex acknowledges that without KYC, there is no clear way to gain mass adoption of crypto (especially from key customers such as trading institutions). Instead of enduring the cumbersome and potentially compromising process of traditional KYC, they have partnered with several key players to create a process that fulfills the needs of KYC without the issues noted above. While described in more detail on their documentation site, the process is fairly simple. After a user requests a KYC attestation at Fractal, and shares their personal data with the KYC provider, Fractal checks this information and then issues a KYC Credential to the user. This Credential is stored privately on the user’s computer in a wallet app that is provided by the KILT team. Fractal also writes the validity of this Credential on the KILT blockchain. This data stored on the KILT blockchain contains no personal data, enabling the user to retain sovereignty and control over their personal data.
Fractal’s job is to conduct fully compliant KYC checks, and essentially stamping their approval once the KYC is successfully completed. They will issue a cryptographic proof to the KILT blockchain, and Polkadex will receive the zero-knowledge proof of identity. This process works because Fractal is staking their reputation—and operating license—on being extremely accurate in their KYC assessments. If they are wrong, or try to commit any type of fraud, or if their data is compromised, then they will face a mountain of financial and legal burdens. This isn’t a perfect process, and there is always a non-zero chance of failure at each step. However, this does provide everything needed to address regulations and ensure that the KYC process is doing what it was meant to do. In the Report on Existing Remote On-Boarding Solutions in the Banking Sector, produced by the European Commision, this type of fully remote KYC process is described in detail. While it does not specify using an attesting agent as part of the process, it does outline each step of how merchants should on-board their customers by using electronic wallets.
Will it Work?
The future of cryptocurrency relies on processes such as decentralized KYC working in order to balance the weight of regulatory requirements with the efficiency required for (and designed for) a DeFi environment. Will it work? It’s hard for anyone to say with absolute confidence, but it seems clear that Polkadex has been extremely proactive at finding a proposed solution and being as transparent as possible to both regulators and its customers. The decentralized KYC process seems far superior than those on either side of the balance: using traditional KYC on one end, or allowing anonymity on the other. The key sticking point will be if regulators fully accept the roles of players such as Fractal, who are responsible for verifying credentials. If they are able to stay above reproach and scandal, and the governing bodies place their trust in them, then decentralized KYC (and Polkadex’s success) has a strong chance. Given that Fractal has been supported and funded by a German government-backed VC, it seems we may have a solution that all sides can accept. Time will tell, and that time will likely be in the very near future.