ING Bank Devises Privacy Fix for R3's Corda Blockchain

ING, the Netherlands megabank blazing a trail with extra privacy measures for enterprise blockchains, has come up with such a solution for the Corda distributed ledger system built by R3. Announced Tuesday at the annual developer conference CordaCon, ING has helped solve a security/privacy trade-off that currently bedevils Corda users.

The bank's blockchain team did so by applying zero-knowledge proofs to the Corda notary service, the means by which the network verifies the uniqueness of transactions and prevents double-spending.

Unlike most blockchains that broadcast data among all participating nodes, R3 designed Corda to control data and limit the amount of information that needs to be shared.

ING is addressing the privacy problem out of self-interest as it's about to start using Corda for business.

Rei Ilchenko, the bank's global head of IT wholesale banking channels, said a number of Corda apps it has invested in, such as the trade finance projects Marco Polo and Voltron, will soon see the light of day.

These are currently relying on the non-validating notary which is hosted by Corda network, he said.

A somewhat surprising bonus discovered by ING is that ZKP transactions sent to Corda notaries take less time to verify than regular transactions.

"Actually both. So far, the majority of CorDapps I know rely on non-validating notary run by the Corda Network Foundation and all CorDapps that ING plans to start using in production do."

ZKPs are not the only way of solving Corda's privacy trade-off; R3 has worked hard to modify Intel's trusted execution environment solution SGX to fit with Corda's requirements.

At the start of this year, the bank started looking at applying its learnings to Corda.