Banco Central do Brasil has published a report on the first phase of its DREX tokenization pilots. They include a wholesale central bank digital currency (wCBDC) and a ‘retail DREX’, which are tokenized deposits or e-money. The central bank said that “the Pilot proved to be challenging from a technological point of view, and has required more intensive monitoring in the second phase than anticipated.”
This reiterates the issue of blockchain privacy highlighted nine months ago, when the DREX schedule was delayed. The first phase of the pilot was narrow, targeting the issuance of government securities and the use of retail and wholesale DREX, with the wholesale CBDC used for interbank settlement. Phase two, which started in November and is currently in progress, involves more advanced use cases.
After selecting 14 teams at the start of the project and quickly adding two more, last October the central bank invited a new batch participants. But despite reducing applications from 101 proposals to 50, it has now decided that it won’t expand the current participant group, because of the need for greater monitoring. In any case, it says the additional suggested use cases weren’t that different from the original batch.
Before we get to the privacy challenges, it was notable that the blockchain network was not connected to the internet. Instead, it used the National Financial System Network (RSFN) that institutions use. Given it involves a CBDC, the central bank operated all the validator nodes on the Hyperledger Besu blockchain network.
Ethereum privacy challenges
Reading through the options explored by the central bank, it is still looking for a solution and is not satisfied with any currently available options. Many Ethereum privacy solution adopt Zero Knowledge Proofs (ZKPs). On the one hand, the central bank believes the technology is promising, which justifies ongoing research. However, it is wary that premature adoption would expose it to unforeseen risks and vulnerabilities.
Another option is to use segregated networks, not dissimilar to Layer 2 solutions in the public blockchain space. While this could solve the privacy issue and improve scalability, it creates many others.
It adds complexity, getting more and more complex with each added layer. Plus there’s the need to secure communications for interoperability. For example, bridges are a common hacking target in public blockchains. The biggest challenge is programmability, which tends to fall back to the same communication methods as traditional finance and is less optimal than programmability on a single network.
Confidential computing was also explored but dismissed. While it addresses the privacy issue, it relies on specialist hardware, with a lack of standards between manufacturers. It also leads to greater centralization and the potential for hidden security back doors.
The final option considered was restricting access to the network data to the central bank with institutions integrating via APIs. This is viewed as inhibiting innovation and losing the benefits of decentralization, so wasn’t seriously considered.
Four privacy solutions were tested, as previously discussed last year. They included three ZKP solutions Anonymous Zether, Starlight and ZKP Nova and an interoperable network solution, Rayls. The central bank assessed the pros and cons of each. One common criticism was the inability of a central bank to monitor encrypted transactions, but there were many other drawbacks.
Next steps for DREX?
While Phase two is currently progressing, the path forward is not entirely clear given the unresolved privacy issues. The central bank concluded, “the BC (central bank) will only move forward with solutions that guarantee privacy, data protection and transaction security. The next steps will depend on the results of the second phase.”
Ledger Insights Research has published a report on bank-issued stablecoins and tokenized deposits featuring more than 70 projects. Find out more here.
