Deliverables (Phase 2)

Deliverable 1: Institutional Dashboard

Brief Description: Design and development of the 0xAuth institutional dashboard, which fund managers can use to manage investor portfolios, look at analytics data, and manage their users. This is essentially the second “half” of the solution and will be built using Next, AWS, and MongoDB.

How to Measure Completion: Completion can be measured by verifying the deployed website. We’ll also provide a comprehensive demo video illustrating all the features.

Estimated Date of Completion: 3 weeks

Budget: $35,000

Deliverable 2: Audit Reports (On-Chain and Off-Chain)

Brief Description: Development of the reporting module, which allows fund managers to generate automated audit reports for both on-chain and off-chain interactions via the institutional dashboard.

How to Measure Completion: A sample report showcasing the granularity of the reporting data can be provided. Additionally, a demo video illustrating the process for generating a report can also be provided.

Estimated Date of Completion: 2 weeks

Budget: $15,000

Deliverable 3: Smart Contracts

Brief Description: Development of the required smart contracts using Solidity and deployment on the Polygon Amoy test network. Just like before, we’ll need three smart contracts:

• A digital identity contract (ERC-734/735) that is created for each user that onboards.

• A factory contract that deploys the digital identity contract for each user.

• A claim issuer contract that institutions can use to uniquely identify 0xAuth and verify the claims for each user.

The difference here is that we’ll be leveraging Axelar to mirror an investor’s claims from the Stellar network to the Polygon network.

How to Measure Completion: Completion can be measured by verifying the addresses of said contracts on the Polygon Amoy test network.

Estimated Date of Completion: 2 weeks

Budget: $15,000

Deliverable 4: Selective Disclosure

Brief Description: Development of the selective disclosure module for the 0xAuth SDK. The automatic extraction rules functionality will also be built alongside this.

How to Measure Completion: A demo website (and video) can be provided, showcasing the selective disclosure module in action (from an investor’s point of view). This demo will further illustrate how an investor’s profile is auto-populated on the fund manager’s end.

Estimated Date of Completion: 3 weeks

Budget: $25,000

Roadmap

Phase 1 (Complete)

The first phase entails building a minimum viable product. You can take a look at the exact roadmap items in our previous submission, here. 

Time Estimate: 1.5 months

Budget: $45,000

Phase 2 (Current)

For the second phase, we’d like to push 0xAuth towards maturity, by:

• Enhancing our zero-knowledge engine to support selective disclosure, allowing investors to share specific pieces of information (for example, their nationality) without revealing their full identity.
• Building a dashboard for tokenised fund institutions, which would enable fund managers to manage investor portfolios, look at analytics data, and manage their users. This will be built using Next, AWS, and MongoDB.
  • The onboarding process for fund managers will initially involve manual verification, but we’re going to be automating it later down the line.
• Adding an automated label system so fund managers can easily filter between different types of investors (such as retail investors versus business investors).
• Allowing fund managers to configure automatic extraction rules for investor data (that is, their off-chain W3C credentials). For example, a fund may require investors’ names, nationality, and year of birth before they make a purchase. By pre-configuring these rules, investors can reveal this data in one go (via selective disclosure) when they make a purchase. This data will then be auto-populated on the fund managers’ end.
• Adding audit trails (per-investor) and system logs.
  • These audit trails will include:
    • On-chain transactions (such as when an investor has purchased shares for a particular fund).
    • Off-chain interactions (such as when a fund manager requests for additional information via selective disclosure. These trails will also include what was disclosed, and when).
• Allowing investors to request the deletion of their data. This feature must be added for compliance reasons.
• Developing and deploying EVM smart contracts on the Polygon chain. This will allow us to store verifiable credentials on the Polygon chain as well and lay down the foundation for deployment on other EVM chains.
• Leveraging Axelar for cross-chain communication, allowing institution contracts on Polygon or other chains to access user claims from Stellar chain.

Time Estimate: 2.5 months (10 weeks)

Budget: $90,000

Phase 3 and Beyond

For the third and later phases, we already have list of features that should help solidify 0xAuth as the de facto solution for seamless investor onboarding and verification (and this list will be updated along the way). These include:

• Adding sophisticated investor onboarding. Sophisticated investors can access restricted investments based on their professional credentials (which include something like a Registered Investment Advisor (RIA) license and investment banking work history).
• Adding end-to-end encryption by shifting the encryption process (of off-chain W3C credentials) to the user’s end. This ensures that only they can decrypt them, thereby enhancing privacy and data security in a more decentralised manner.
• Allowing for the creation of additional roles within the institutional dashboard (such as “Administrator” and “Fund Manager” roles) so that institutions have greater flexibility in terms of access control.
• Adding comprehensive analytics within the institutional dashboard.
• Modifying our zero-knowledge engine further to support predicates. Unlike selective disclosure (which involve actually revealing specific pieces of information), predicates are used to merely check whether a condition is fulfilled, or not.
  • For example, if an institution wants to limit access to a fund based on whether an investor’s annual earnings are greater than $200,000, predicates can be used to check whether the investor meets this criteria or does not (a simple true or false value) instead of revealing their actual annual earnings.
• Adding automated Know Your Business (KYB) verification. This will subsequently allow us to automate the process of onboarding fund managers.
• Combining social login with passkeys (such as biometrics or multi-factor authentication) to make it even easier — but more secure — for investors to verify themselves when an institution requests their credentials.
• Allowing investors to sign contracts (which is a prerequisite for several institutions) by leveraging their digital identity contract. We’re calling this 0xSign.
  • This is currently done over email via something like Docusign. Needless to say, this approach is inefficient and leaves a lot of room for potential fraud.
• Adding robust support for third-party claims.
• Creating an analytics and compliance dashboard for the 0xAuth administrators. This will help us ensure that all participating funds are compliant (without revealing any confidential investor data, of course).
• Adding Know Your Transaction (KYT) verification. This would enable fund managers to verify investors’ source of funds and wealth (along with on-chain AML checks).

The Team

Rico van der Veen

Founder and Chief Executive Officer

Rico, an early Bitcoin investor since 2015 and an ex-advisory board member of Rabobank, has advised SMEs and the public sector on blockchain's potential for process efficiency. He later founded Apollo Ventures, an early-stage venture capital fund focused on digital assets. He now leverages his TradFi industry connections to solve the biggest problems for tokenisation: compliance and interoperability.

LinkedIn: https://www.linkedin.com/in/ricovanderveen/

Humayun Javed

Chief Technology Officer

Humayun is a blockchain expert who specialises in zero-knowledge technology. With his background in designing and developing Web3 technologies, Humayun is well-versed in the latest advancements in blockchain technology. He is particularly interested in digital identities and verifiable credentials. His expertise lies at the intersection of blockchain technologies and privacy-focused solutions, which means that he can leverage the power of blockchain to create secure and private solutions for a wide range of applications, from financial transactions to identity verification.

LinkedIn: https://www.linkedin.com/in/humayun219/

GitHub: https://github.com/humayunj

Hamza Khalid

Lead Blockchain Engineer

Hamza will lead the development of the required smart contracts and integrate zero-knowledge proofs to ensure that user data remains secure and private. His domains of expertise include blockchain technologies, cybersecurity, and artificial intelligence. He’s proficient in several programming languages, including Go and Rust. Hamza’s areas of interest extend to hardware such as drones and Arduino.

LinkedIn: https://linkedin.com/in/hmzakhalid

GitHub: https://github.com/hmzakhalid/

Umar Hassan Khan

Full-Stack Engineer

Umar has considerable experience with both web and mobile development. His core expertise lies in developing robust and scalable backend systems. His areas of interest include low-level hardware optimisation and computer networking. Umar will develop the SDK for our solution and handle the integration with Plaid and Vezgo.

LinkedIn: https://www.linkedin.com/in/umar-hassan-khan

GitHub: https://github.com/UmarHassanKhan929

Wazir Shehryar

Full-Stack Engineer

Wazir’s core strength lies in frontend technologies, and he has significant experience working with JavaScript-based frameworks such as Next and React. He’ll be working alongside Umar to develop the SDK for our solution and help ensure that the user interface and overall experience are incredibly polished and refined.

LinkedIn: https://www.linkedin.com/in/wazir-shehryar-ali-6a794a218/

GitHub: https://github.com/vzirshehryar

Rico dela Cruz

Lead Designer

LinkedIn: https://www.linkedin.com/in/ricodelacruz24/

Feedback

We'd like to address the main feedback that we received on our previous submission (for the SCF #28 Community Award round) one by one. 

Feedback 1

"I find this interesting. But I find it weird that they are asking money for an institutional dashboard. They already have a working product on other chains, so you'd think they'd have a dashboard."

Response:

Thank you for your feedback. 

To clarify, we currently do not have a fully developed product on other chains. Our proposal aims to build a comprehensive solution specifically for the Stellar network.
 

1. Stellar-Specific Development: The institutional dashboard we are proposing is designed specifically for Stellar, leveraging its unique features and capabilities. This development is not a simple adaptation of an existing product but a new build tailored to Stellar's strengths, particularly its focus on financial institutions.

2. Unique Features: The dashboard will incorporate advanced features such as real-time auditing, regulatory compliance reporting, and seamless integration with Stellar's asset issuance and transaction capabilities. These features are crucial for our target users and require dedicated development efforts.

Feedback 2

"Even though I prefer login forms that don't rely on having to trust oracles i.e zklogin-alike logins, I do think this would be valuable. I agree though that it's strange that with a working product already on other chains they'd need 30k just for a dashboard. It seems in general that they already have most of the product and the stellar connector shouldn't be that complex for 90k."

Response:

We understand the preference for zklogin-alike logins and the simplicity they offer for authentication. However, our project focuses on providing a robust solution that goes beyond simple authentication.

1. Advanced Authentication and Verification

• Investor Verification: Unlike zklogin, which offers simple authentication, our solution includes comprehensive investor verification using financial data aggregators like Plaid. This verification is essential for alternative asset investments and fulfilling regulatory obligations.

• Hybrid Issuance of Credentials: We issue on-chain credentials linked to W3C interoperable credentials, ensuring compliance and on-chain enforceability. This hybrid approach provides verifiable credentials backed by personal information, which is crucial for real-world regulatory requirements.

2. Comprehensive Solution

• Documentation and Reporting: Our platform will document all investor interactions (on-chain, off-chain, and data sharing consents) with timestamps, providing easy-to-use compliance report generation for auditors and regulators. These features add significant value and justify the development costs.

3. Strategic Focus on Stellar

Our focus on Stellar is due to its strategic positioning with financial institutions. By leveraging Stellar’s capabilities, we aim to attract more users to Stellar-deployed funds through a multi-chain approach facilitated by cross-chain messaging. This requires an initial investment to build a robust infrastructure on Stellar, which we believe will yield long-term benefits.

Progress on Previous (Awarded) Submissions 

You can find our previous awarded submission (along with the respective deliverables), also titled 0xAuth, here.  We’re pleased to report that all the deliverables are complete, and you can verify them here. 

We’ve also been developing demo websites for Franklin Templeton and WisdomTree, showcasing 0xAuth in action. You can take a look at a demo video here.

Project Overview

The Problem

Traditional finance is moving on-chain, as evidenced by Franklin Templeton, KKR, and BlackRock launching tokenised funds. However, onboarding and verification processes are still manual and repetitive, leading to a high abandonment rate (40% if over ten minutes [1]) and significant potential revenue loss ($3.3 trillion in 2019 [2]). There is a critical need for a seamless, compliant Web3 onboarding process with portable credentials.

What Problems Are Tokenised Fund Institutions Facing?

To stay competitive, institutions must keep investor fees low, driving many to move on-chain. However, high compliance costs due to repetitive, siloed processes create inefficiencies, reducing investor mobility, increasing Customer Acquisition Costs (CAC), and hindering operational efficiency. Additionally, tokenised funds operate in a gated manner, limiting potential investors. A cross-chain approach could significantly expand the investor base.

What Are We Proposing?

0xAuth aims to provide a frictionless onboarding and verification process with portable investor credentials, boasting minimal compliance costs. Key features include:

• Automated Verification: 0xAuth uses trusted off-chain oracles for automated verification of
  accredited investors, including KYC, KYB, AML compliance, and PEP screening via Plaid and Vezgo.

• Portable Credentials: A digital identity contract (ERC-734) is deployed on-chain, and users are issued verifiable credentials both off-chain (W3C VC standard) and on-chain (ERC-735 standard).

• Conditional Wallet Connectivity: Platforms can verify user eligibility by integrating with 0xAuth and checking their verifiable credentials (to conditionally allow or block access).

• Zero-Knowledge Proofs (ZKPs): Platforms can use JSON-LD-based ZKPs for selective disclosure of user information, allowing verification without revealing entire identities. 
  • Future Plans: Implement on-chain verification of off-chain credentials using ZKP verifier contracts (which support criteria selection via ZK predicates) on the Stellar network.

How Does Stellar Fit into the Picture?

We envision 0xAuth as the single sign-on (SSO) for a seamless, yet fully compliant, Web3 ecosystem. Our solution eliminates the need for siloed and gated environments typical in tokenised funds. With an eye toward a multi-chain future, 0xAuth is designed to facilitate the effortless movement of eligible investors across different blockchain networks while enabling institutions to attract and engage users from these diverse ecosystems.

Incorporating support for Stellar-based tokenised funds into 0xAuth is a strategic move. By doing so, we aim to significantly expand the pool of potential investors for institutions like Franklin Templeton and WisdomTree, which are already utilising Stellar. Our included illustrations depict the envisioned integration and the benefits it brings.

How Can Stellar Benefit From Our Solution?

Enhanced Interoperability

0xAuth enables seamless identity verification across blockchains, positioning Stellar as a bridge within the multi-chain ecosystem.

Compliance as a Service

0xAuth’s tools simplify compliance for tokenised funds, making Stellar a compliance hub for cross-chain RWA transactions.

Market Expansion

Reducing compliance friction in cross-chain transactions attracts more institutional participants and eligible investors, boosting Stellar's ecosystem activity and liquidity.

Exclusive Features

We plan to develop custom features for Stellar on 0xAuth, including institutional dashboards, audit trails, and enhanced security protocols tailored for institutional users.

By enabling these capabilities, 0xAuth will help solidify Stellar's role as a leading network for tokenised assets, broadening its user base and enhancing its operational ecosystem.
 

References

We are currently supported by Omar Hamwi (Senior Manager, Partnerships at Stellar Development Foundation) and Naman Kumar (Stellar Development Team).

Current Traction

We’ve planned a pilot with Franlkin Templeton and WisdomTree to make their on-chain products available to more eligible users via a web interface (instead of just a mobile app).
 

We’re also setting up an industry-wide proof-of-concept in collaboration with Chainlink, called Project DAVID. This includes key players such as Fidelity International, Sygnum, vanEck Europe, UOB, and Deloitte under the supervision of the ADGM in Abu Dhabi to create interoperability and compliance between tokenized funds, platforms, chains and jurisdictions.

Glossary

[1] https://thepaypers.com/payments-general/fis-have-14-minutes-and-20-seconds-to-onboard-customers-signicat-finds--780846

[2] https://resources.fenergo.com/newsroom/global-business-commercial-banking-market-sees-3-3-trillion-in-losses-due-to-operational-inefficiencies