ING Bank Resolves Security, Privacy Issue on Corda Blockchain

ING revealed that its in-house academics have resolved a security and privacy issue on blockchain focused software firm R3’s Corda blockchain.

In this regard, ING’s distributed ledger technology study team tabled its white paper, named “Solutions for the Corda security and privacy trade-off: having your cake and eating it,” where it identified a solution to enhance the security and anonymity trade-off on Corda, an open-source blockchain solution.

The white paper has pointed out that the data pertaining to every transaction on the Corda blockchain is available openly to an authenticating notary to realize consensus.

This raises concerns related to privacy. Mariana Gomez de la Villa, ING director, elaborated on the concerns:

“In the case of the validating one, the notary sees the contents of a transaction before it determines if the information is correct, which means participants lose privacy. […] A non-validating notary doesn’t see a transaction’s content, which creates a security risk where the notary could sign off the wrong transaction if a malicious participant builds an invalid transaction. However it protects participants against double-spends, an attack where someone could spend the same asset twice, as does the validating notary.”

ING resolves the issue by introducing a zero-knowledge proof (ZKP) notary facility to authenticate transactions, that can supposedly validate the transaction without conceding on safety and without exposing any private information.

ZKP is a way by which one party proves a statement to be true to another party, without giving any more information. Zero-knowledge proofs were described first in 1988 through a research paper published by MIT and the University of Toronto as “those proofs that convey no additional knowledge other than the correctness of the proposition in questions.”

ZKPs permit better privacy on public blockchain and foster blockchain adoption by minimizing the costly and laborious process of establishing private networks.

Notably, ING CEO Ralph Hamers opined that banks may decide to break their business relationship with social media platform provider Facebook if it moves forward with its plan to introduce Libra stablecoin. Hamers further underlined that banks similar to that of ING always follows a low-risk approach:

“We are such a large, regulated institution that you don’t want to risk anything. […] We’ve said we’ll take a look and see how this develops.”