December 20, 2003

NeuClear in the 7 Layer model of Financial Cryptography

Over on the Nuclear Blog , Pelle maps the NeuClear system on to the FC7 model:

"I remember when Ian Grigg presented his paper Financial Cryptography in 7 Layers at FC2000. I thought it was the single most useful paper presented in a conference dominated by academic non deployable variants of Chaumian Blinded Cash. The paper has inspired me ever since."

Go there to see the model in a table, but I've also copied the text below (with some editorial fixes):

The 7 layers is a way of seperating out and understanding the various parts that manage risk and ensure safety in a financial cryptography system like NeuClear.

In his abstract he describes it like this:

"Financial Cryptography is substantially complex, requiring skills drawn from diverse and incompatible, or at least, unfriendly, disciplines. Caught between Central Banking and Cryptography, or between accountants and programmers, there is a grave danger that efforts to construct Financial Cryptography systems will simplify or omit critical disciplines.

This paper presents a model that seeks to encompass the breadth of Financial Cryptography (at the clear expense of the depth of each area). By placing each discipline into a seven layer model of introductory nature, where the relationship between each adjacent layer is clear, this model should assist project, managerial and requirements people."

So its due time really to try to put the NeuClear architecture into perspective using his model.

7. Finance

NeuClear provides a flexible model for financial applications. Transactions can be either simple one way transactions like transfers or more advanced bidirectional transactions such as exchange transactions. The general requirements here are:

- Cheap
- Standardized across Asset Types
- Able to be generalized enough to be used for all kinds of securities
- Non Repudiable (You can not go back on a transaction)
- Realtime (no clearing period)

6. Value

Within NeuClear everything that carries value is an Asset. This is similar to what Ian calls a Ricardian contract. An asset can be a single item or a whole electronic currency. The only real definition is that it is backed by something of value.

5. Governance

Governance models are very important. Seperation of control is key to NeuClear. Ian has defined the 5 parties model which should be applied to any Asset system within NeuClear. The parties are as such:

a. Issuer Essentially the originator or promoter of an asset. To promote trust he contracts with the 3 following parties and does little else.

b. Mint The mint issues assets into the NeuClear System. This could be a trust company, but should be independent from the Issuer. They verify that the value implied in the above layer is actually entered into the system.

c. Operator The operator is like an Application Service Provider. He maintains the site and database in such a manner that neither of the other parties can interfere or otherwise modify the underlying accounting of the value system.

d. Manager The manager is contracted by the Issuer to do the day to day management of the asset. For example requesting that the Mint adds more assets to the system and customer service.

e. Users The users are in many ways the auditors of the system. As long as at least one of the 3 parties directly above is honest, they can monitor the runnings of the Asset live and instantly, to see if anything goes wrong.

4. Accounting

The accounting of the Asset maintains a constant real time view of who owns what within an Asset. It is managed by an AssetController which is a piece of software run on a server somewhere by an operator. The core book keeping is done by NeuClear Ledger a general purpose library for book keeping.

An Asset can be configured to be sent to various AssetControllers at the same time. One of them being the main one for real time purposes, the others being 3rd party auditing asset controllers. This is possible because each transaction is digitally signed and thus can be verified elsewhere. Regular end of day (or end of hour) statements can be exchanged and verified, to make sure that none of the operators are modifying the data.

3. Rights

The key to rights within NeuClear is the NeuClear ID framework. It provides a univeral Identity system for all parties within NeuClear and is universal across asset types. Thus each Identity can be thought of as not only and identifier, but an account, that works across all assets. The Identity model is flexible and supports many different kinds of Identities, including "Ticket" identities, that can be issued as part of a cash transaction at a physical agency as well as SmartCard based Identies that are controlled by the holder of a SmartCard.

2. Software Engineering

Our main software engineering infrastructure is based entirely on open common use standards such as:

+ Http
+ XML Signatures

The current implementation uses Java as the main programming language. However it would be relatively straightforward to port it to Microsoft's .NET platform as well.

1. Cryptography

RSA Public Key Cryptography via Sun's JCE Spec

Posted by iang at December 20, 2003 03:27 PM | TrackBack