TraceTo Token Sale (ICO): Distributed Network for KYC Compliance

Traceto.io is a decentralised Know Your Customer (KYC) service provider incorporating third-party identity verification providers, community feedback, machine learning and smart contract technologies to establish continuous compliance with international identification requirements.

Traceto is aiming to provide an ongoing KYC service, which combines feedback from a community of network participants to build individual profiles. Traceto is a distributed network of third-party identification verification providers, community input, and machine learning algorithms that collectively assign individuals KYC scores to attest to their identities. This allows other entities to verify identity without viewing personal identity documents, which remain encrypted. The Traceto.io token (T2T) will be used to compensate a network of Verifiers, who act as gatekeepers to users’ identity information (on behalf of corporate requesters or regulators) without having access to it themselves and to pay for KYC services. Of the 1 billion traceto.io tokens to be minted, 40% will be available throughout the token sale, with a total hard cap of 35,000 ETH. The private sale (9th February to 1st June) has a minimum contribution of 150 ETH. The public sale, commencing June 8th, with a minimum contribution of 1 ETH, will see 80 million T2T made available at 1 T2T = 0.0000875 ETH. Traceto will be the first token sale listed on The Gibraltar Blockchain Exchange (GBX). An early access sale will begin on May 21st for GBX users who have deposited $1000.

Project Description

Traceto is aiming to provide an ongoing Know Your Customer (KYC) service, which combines feedback from a community of network participants to build individual profiles which are updated and reverified to ensure ongoing compliance. Those seeking to participate in token sales, or use exchanges, can benefit from the Traceto.io network via their DApp that facilitates KYC processes. One of Traceto’s founder’s existing businesses, Cynopsis, a Singaporean RegTech organisation with approximately 50 crypto clients, will act as an identity ‘Service Provider’. A network of verifier nodes on the Ethereum blockchain will contribute to the KYC processes by performing facilitating tasks, such as video One Time Password (OTP) verification. Verifier nodes will also deal with requests for user’s unencrypted identity information, should the user not grant permission themselves upon a request from a regulator, and perform other governance roles, such as voting to add or remove Service Providers. Typically, KYC regulatory compliance includes Counter Terrorism Funding (CTF) requirements, often enforced by screening state-issued IDs to ensure individuals are not flagged on international watch-lists. Anti-Money Laundering (AML) regulations demand information about how funds are appropriated and require ongoing reporting of any suspicious transactions.

The team hopes Traceto can improve what is often perceived as inconsistent, repetitive, and sometimes inadequate KYC processes employed by token sales. Many token sales perform KYC procedures in-house, manually inspecting identification information, usually in the absence of specialist knowledge or staff. The process can be viewed as an unwanted cost. This can inhibit ongoing compliance, due to a team’s unawareness of the need to continually revalidate compliance. Keeping KYC in-house can also present a security risk, depending on how projects store their collected data. Streamlining these processes will help crypto businesses perform them more efficiently and, if done properly, reduce their risks of running afoul of regulators in the future.

Protocol Description

Traceto aims to ensure users’ privacy whilst confirming regulatory compliance. Upon accessing a crypto-exchange or token sale for the first time, the user will be redirected to the Traceto DApp and asked for the relevant identity information. The information provided by the user will be encrypted and stored ‘user-side’ in a vault, utilising a proposed distributed storage network where access will be controlled by the user or community of verifiers. The identity and CTF compliance Service Provider will be granted access to the decrypted documentation, such the risks that a user is a Politically Exposed Person (PEP) or similarly is involved in illegal activity, can be determined by screening documents against watch-lists and sanctioned persons lists.

Verifiers are incentivised to perform facilitating functions such as video OTP validation. Machine learning (ML) algorithms will be used to run Facial Recognition analysis on individuals IDs. AML procedures will include transaction monitoring. Algorithms can also analyse ongoing transaction data to take a potentially weighty burden off human administrators’ shoulders. Random sampling of transactions and community input will provide ongoing training data for the ML algorithms; a refined system should help reduce false-positives when attempting to detect fraudulent or nefarious activities.

The network provides each user with a KYC score, which is a combination of the following weighted inputs:

  • Score from an identity and CTF Service Provider (Cynopsis)
  • ‘Social profile’ score from a community of verifiers
  • ‘Trust rating’ from an Invited User, upon subject’s request to have a friend testify to their identity
  • Score awarded from ML algorithms performing fraud and anomaly detection across users declared accounts

Verifiers will be able to vote to change the weights.

The Service Provider pushes its own encrypted scores to the blockchain via the Traceto DApp. Verifiers will have the responsibility for handling requests for user’s data external to the network, such as from regulators, and the ability to vote to add or remove Service Providers.

The Traceto verifier community is split into 2 groups. The Tracer Circle are those working in small sets to provide users with KYC scores. The Tracerian Circle have a high Proof Of Importance (POI) and handle appeals. Should a user be unhappy with the assigned KYC score, then recourse is to the latter group. Regulators requesting access to unencrypted documentation also appeal to the latter group, those verifiers with more at stake. The system is designed to demonstrate to regulators that due KYC has indeed been performed for a client without sharing the actual identity documentation. POI requires a T2T stake above the minimum amount. POI depends on the time for which the T2T has been held and the number of verifications provided.   

Application of Blockchain Technology

Traceto is a distributed network for establishing user identity and performing the necessary monitoring and ongoing due diligence to achieve regulatory compliance. The network is composed of Verifier Nodes that facilitate KYC transactions, score users social profiles, vote on key network parameters, handle requests for access to unencrypted identity documentation and decide which Service Providers should serve the network. The Traceto.io network will be accessible via a DApp.

The ERC20 compliant T2T tokens will be the means of payment for KYC Service Providers (initially Cynopsis) from Corporate Requesters and the reward token for the Verifier Community for their support of the network.

Unencrypted identity information will be stored off-chain (Traceto proposes using a decentralised storage system with proof of replication and fault-tolerance), ‘user side’ within the application. Hashes of identity documentation will be stored on-chain, allowing continuous monitoring of individuals behaviour with zero-knowledge of the identifying particulars. By allowing regulators to observe the financial activity of specific users via a pseudonym, the regulators are required to make specific requests for unencrypted data. These requests will then be validated either by the user in question or the community of verifiers. Verifiers can securely vote to add or remove Service Providers, introducing a collective oversight.

MultiSig transactions will be leveraged to facilitate the community authorising access requests to unencrypted documents from KYC Service Providers or regulators. In the event that the user is unwilling or unable to make identity information fully available to the requesting authorities, a combination of Assigned Verifiers will have the option to recombine the private key associated to the identity information using Shamir’s Shared Secret Scheme, should a designated threshold of combined secrets be achieved. The requestor will then be provided a hash pointing to the user’s KYC documentation.

Token Economy Overview

The Tracetotoken (T2T) will be used by corporations running KYC processes on users to compensate those processing the identity information and to maintain a network of community verifiers. Corporate Requestors (exchanges or token sales) pay for user’s KYC requests (and renewals) via the DApp in T2T in exchange for the user’s KYC score, associated to their public-key. These Corporate Requestors, who wish to utilise the Traceto DApp to streamline their KYC processes, will drive demand for T2T.

Verifiers will be required to stake T2T in order to earn T2T by providing verifications. The reward depends on the amount of T2T staked, as well as time held and verifications performed. There is a limit to the amount of T2T a verifier can earn for any specific transaction. This limit can be modified upon a vote from the Verifiers, should they sufficiently agree. This should drive scarcity, therefore increasing value along with demand. Once a verifier starts verifying, they will be compensated in T2T, which will be locked for a ‘predefined’ time (the setting of which will be crucial since it presents an opportunity/capital cost to prospective verifiers).

The Traceto team and advisors will own 250 million (25%) of the 1 billion Traceto.io Tokens (T2T) generated and they shall be subject to a 2 year lockup. Following, a further 35% of tokens will be allocated to the company reserve, marketing, operations and administration; the remaining 40% will be distributed in the token sale. The soft/hard cap limits are 10,000/35,000 ETH.

Timeline and Project Status

The public token sale begins on June 8th, 2018. The whitepaper allocates up to 20% of funds raised for operations, development and marketing up to December 2018. The project is targeting a Q3 2018 testnet equipped with A.I.-enabled transaction monitoring, public governance and MultiSig storage. There will be up to 60% of funds allocated for 2019, targeting zero knowledge AML screening in Q2 2019 and a public system in Q4 2019. A remaining 20% of funds will be held for future development at the discretion of the management team. The estimated allocations for the use of contributions are: 50% for development and maintenance, 25% for operations, 15% for marketing, legal and admin, and 10% in the company reserve.

Hashed (formerly Blockchain Partners Korea), an esteemed blockchain community builder and impact investor, are an early backer of Traceto. The supporting regulatory tech expertise comes from Cynopsis, who already have approximately 50 crypto industry clients, with almost 10 times as many clients in total. The Traceto token sale on GBX is sponsored by Broctagon, a turnkey brokerage solutions company based in Hong Kong. The private sale has 340 million T2T available for purchase, leaving 60 million T2T available for the public sale.

Cynopsis MD and Traceto Founder Chionh Chye speaks to GBX’s Nick Cowan in an interview about the upcoming sale and the opportunities to establish best practices GBX Nick Cowan, Chionh Chye Kit.

Peers and Competitors

Traceto’s acknowledge competitors, uPort, Civic, SelfKey, all provide variations on decentralised identity and KYC functions:  

  • uPort, backed by ConsenSys, provide messaging and identity protocols in addition to a self-sovereign identity app coming soon. uPort has performed a digital citizen registry[Zug].
  • Civic similarly marketizes user data attestation, hopefully on rootstock, also incorporating biometrics.
  • The SelfKey self-sovereign digital identity ecosystem includes identity assurance for corporations, for example; a start-up could manage their documentation from the SelfKey wallet.

A potential competitor not explicitly treated by Traceto in their whitepaper is Sovrin, a member of identity insurance consortium. Sovrin thinks Distributed Ledger Technology presents the opportunity for an internet ‘identity layer’, with ID data stewards supervised by a non-profit foundation. Distributed Identifiers (DIDs) allow global identities that do not need registering with a central authority. Since verifying a DID involves looking up a public key on a blockchain, essentially anyone can act as a verifier. This could reshape the KYC-as-a-service landscape significantly.

One of Traceto’s strengths is a unique focus on KYC compliance, but this will present a challenge as other protocols mature. More general decentralized identity initiative could come to replicate this functionality easily, or develop their own plug-ins for KYC compliance. Traceto is also unique in attempting to launch its own decentralized network of nodes. This makes the Traceto network more decentralized but also more resource-intensive to manage and govern. If it is successful, it could become the foundation for its own generalized identity protocol.

Traceto also promises that identity documentation will not be stored by Service Providers that receive it. Since, at least initially, it seems that all identifying information will pass through the same service provider, transparency will be instrumental to users trusting Traceto.

Team Description

Traceto’s team boasts in excess of 50 years experience in regulatory technology and finance. Chionh Chye Kit, the founder and CEO of Traceto, is a cofounder and MD of Cynopsis Solutions, a RegTech100 company supporting the underlying KYC process. Chye Kit also founded and manages a regulatory compliance consultancy, CCK solutions. In addition to regular conference presentations and work on a crowd-sourced RegTech publication, Chye Kit advises Kyber.Network. In the past Chye Kit held senior posts in major financial firms, such as head of compliance in Asia for Macquarie Group. Dias Lonappan (CTO and co-founder) has experience developing application on the Bitcoin blockchain. The CEO of Kyber.Network and Ethereum evangelist Dr.Loi Luu is a technical advisor to the project. The Kyber.Network will integrate Traceto’s KYC processes [Kyber Blog].

Sale Terms

The Traceto token sale is the first to be approved on The Gibraltar Blockchain Exchange (GBX). [GBX Medium] The Traceto terms are available on their website.

Official Resources