WO2021075080A1 - Operation system and operation method of sovereign digital currency with identifire - Google Patents

Abstract

The present disclosure relates to an operation system and operation method for a sovereign digital currency with an identifier, and, in particular, to a system and method for issuance of a non-anonymous sovereign digital currency with trusted KYC data to be validated by an authorized third party, without revealing input personal data, ensuring Opt-in privacy. More specifically, the present disclosure relates to a sovereign digital currency with a verifiable and immutable identifier by issuing the combination of two kind of identifiers with set of same homomorphically encrypted personal data; first is the identifier of a certain user, second is a verified identifier (VID) entails data pertinent to who and when identify the subject in the form of KYC, and further, homomorphically encrypted data is, through hashing, added to a block of private blockchain for secret sharing. An authorized third party validator is capable of confirming the digital trust of KYC through the coincidence between set of personal data encrypted in each ID and VID without data decryption, namely not retrospectively exposing input personal data. Additionally, an embodiment of the disclosure provides a risk rating score to evaluate credit risk due to fraud and/or fault of KYC identification associated with three different layers.

Description

OPERATION SYSTEM AND OPERATION METHOD OF SOVEREIGN DIGITAL CURRENCY WITH IDENTIFIRE

The present disclosure relates to an exemplary operation system and operation method of sovereign digital currency with an identifier, and, in particular, to a system and method for issuance of a non-anonymous sovereign digital currency operable to validate KYC of sovereign digital currency user by an authorized third party without data decryption, in other words, not revealing any personal data under an encryption scheme which achieve a full homeomorphism.

In view of widespread use of the Internet and growing social significance of protecting personal information that is spread over the Internet, it is considered that service providers provide services such as on-line services while concealing various types of user data. On the other hand, it is essential to hamper a variety of illicit proceeds such as money laundering largely due to an anonymity provided by traditional money transfer process. In other words, there is a growing concern about privacy breach. In addition, a fully homomorphic encryption is known in which data is encrypted and arithmetic processing can be performed in a cipher text space corresponding to a plain text space.

For example, a technique of calculating a similarity index value between different sets in a converted or encrypted state without disclosing a plurality of pieces of user information has been proposed (Privacy Preserving Data Mining (PPDM)). One of the typical encryption protocols used in such technique is a fully homomorphic encryption (FHE) based on RSA and the ELGamal theory of numbers. The FHE is a technique for encrypting input data by the protocol and performing fully homomorphic addition or multiplication on the encrypted data.

Moreover, efforts for analyzing data related to user profiles and transactions, or combining such data with personal location information and information revealed on a social network have been made extensively, to thereby estimate a possibility of purchasing a specific good or service, and try to achieve more efficient advertisement and recommendation of a good and service.

PTL 1 discloses partitioning of data.

PTL 1: WO 2019/086553

The General Data Privacy Regulation (GDPR) is enforced in EU in May 2018 for privacy protection for digital information. However, it would be even difficult to define the scope of privacy concepts from now to the future by existing legal standards, especially in countries employing a common law system, in view of recent situation in which privacy itself is a relatively new legal concept, and individuals rather voluntarily actively participate in networks and disclose their own information, and the social impact of the networks is growing exponentially.

On the other hand, Global Organization of Parliamentarians Against Corruption (GOPAC) held a meeting in September 2010 in which the Action Guide was completed to introduce strong and effective anti-money laundering regime. The amount of money laundering are staggering estimated that US$ 1.5trillion is laundered each year (UNHD report) Current monetary and financial system cannot but face challenge substantially exclude smurf because of anonymity of money itself and ramified path of money transfer.

For example, as shown by a logical block diagram illustrating conceptual flow of an operation system of sovereign digital currency for user validation of FIG. 15, a system is desired to provide digital credit with trusted KYC data to be validated by an authorized third party without revealing input personal information of sovereign digital currency, and to ensure opt-in privacy, quasi anonymous usage as cash. The system is also desired to satisfy the requirements for public validity and confidentiality protection originally to be conflicted each other.

In view of the above, an objective of the present invention is to provide a sovereign digital currency operation system and operation method, and further optionally estimate numerically the creditability of KYC through homomorphic computation of a credit rate scoring.

For example, as shown by a logical block diagram illustrating conceptual flow of an operation system of sovereign digital currency for user validation of FIG. 15, a system is desired to provide digital credit with trusted KYC data to be validated by an authorized third party without revealing input personal information of sovereign digital currency, and to ensure opt-in privacy, quasi anonymous usage as cash. The system is also desired to satisfy the requirements for public validity and confidentiality protection originally to be conflicted each other. For the purpose of solving this dilemma, it is desired for a sovereign digital currency (which encompasses credit creation/transfer means) to be furnished with the combination of two user identifier (ID), the first identifier for certain user and with the second ID, alternatively called as a verified identifier (VID) represents who and when identified corresponding subject. Either ID entails the personal information of same subject masked by homomorphic computation. It is also desired that each party can access the information at each layer according to its authorized rank, for example some specific parties such as so-called validator are grant limited access to the similarity index value of input data, while cannot directly access a plurality of personal data. And furthermore, it allows to validate the trust of identifier through matching each personal-data-associated ID with the VID though homomorphic calculation without retrospectively retrieving input data, even from the remote validation nodes in foreign countries.

How to identify a user of sovereign digital currency as well as who and when made it to issue KYC are fundamental factor constitutes a substantial part of creditworthiness in one embodiment, and therefore such information is desired to be shared securely by limited-ranked, while simultaneously, privacy data is blind even to an issuer of sovereign digital currency to completely protect such information from leak and abuse.

A general embodiment of the present invention relates to an operation system for a sovereign digital currency with a user identifier comprising: an encryption unit configured to encrypt user profile information of a user using a sovereign digital currency, by using a homomorphic encryption scheme; an identifier generating unit to generate (the first) user identifier corresponding to encrypted user profile; a storage configured to store the user identifier with corresponding user profile information encrypted; an output unit configured to output the user identifier obtained.

A more specific embodiment of the present invention is the sovereign digital currency operation system described above, wherein the user profile information includes at least one of personal attributes of the user, personal credit information, personal location information, business office information, management information, equipment and operating conditions of manufacturing facilities, information on hypothecated assets, already issued government bonds information and macroeconomic indexes of government bond issuing countries, and transactional information.

Another embodiment is the operation system for a sovereign digital currency with user identification wherein a reference unit configured to receive a user profile from trusted third party which identify the user to provide KYC, to match with user profile previously received, an encryption unit configured to encrypt user profile information of a user using a sovereign digital currency, by using a homomorphic encryption scheme an identifier generating unit to generate (the second) user identifier including KYC information coupled with who and/or which has provided KYC; a storage configured to store the (the second) user identifier; a output unit configured to output (the second) user identifier.

Still another embodiment is the operation system for a sovereign digital currency with user identification wherein a validation unit to confirm coincidence of user profile in homomorphically encrypted scheme included in (the first) user identifier with (the second) identifier.

Yet another embodiment is the operation system for a sovereign digital currency with user identifier wherein a scoring unit configured to process the creditability of KYC included in (the second) identifier to generate credit score; a storage configured to store the credit rating score with corresponding identifier; an output unit configured to output the credit rating score.

Another embodiment is the sovereign digital currency operation system according wherein the credit rating score is an index for correctness or incorrectness of KYC existence or non-existence of a target person, execution of a procedure for refreshing and/or terminating information including the KYC information, or involvement in illegal act such as money laundering and terrorist finance.

Another embodiment is the sovereign digital currency operation system wherein a scoring unit to process the creditability of KYC with user profile and/ or transaction history to calculate credit rating score which is an index for investments, loans, credit grants, or escrow.

Another embodiment is the sovereign digital currency operation system according wherein the scoring unit uses a lower order polynomial obtained by linearly approximating a nonlinear function when computing the rating score by using deep learning.

Another embodiment is the sovereign digital currency operation system according further comprising a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted.

Another embodiment is the sovereign digital currency operation system further comprising a learning unit configured to adjust approximation of a model in machine learning in the classifier to a function.

Another embodiment is the sovereign digital currency operation system wherein part of an overall operation of the model for computing an inverse matrix is computed by a matrix operation by another server having another decryption key, and the sovereign digital currency operation system receives a computation result.

Another embodiment is the sovereign digital currency operation system according wherein the output unit discloses the rating score obtained, and the user profile information encrypted is stored in the storage without disclosing to outside.

A more practical embodiment is the sovereign digital currency operation system further comprising a hashing unit configured to hash identifier with homomorphically encrypted personal data, and add the hashed identifier in a block for a blockchain to store the block in the blockchain.

An embodiment of the present invention provides the sovereign digital currency operation system comprising an encryption server including the encryption unit and connected to a location of a client including the user of the sovereign digital currency; an evaluation server including the scoring unit and computing the rating score; a training server including a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted; an API server configured to control processing of the encryption server, the evaluation server and the training server; and a server configured to communicate with an external data source.

An embodiment of the present invention provides a sovereign digital currency operation method comprising: encrypting user profile information of a user using a sovereign digital currency, by using a fully homomorphic encryption scheme, storing the user profile information encrypted; processing the user profile information in an encrypted state to compute a rating score related to financial transactions; and outputting the first and/or the second identifier and/or credit rating score obtained.

FIG. 1 is a block diagram illustrating data flow of an operation system of sovereign digital currency with a user identifier according to the present embodiment. FIG. 2 is a functional block diagram illustrating a configuration of an operation system of a sovereign digital currency with a user identifier according to the present embodiment. FIG. 3 is a functional block diagram illustrating a configuration of an operation system of a validation system of KYC according to the present embodiment. FIG. 4 illustrates a basic concept about structural risk to cause illicit proceeds such as money laundering. FIG. 5 is a diagram for illustrating a substantial risk of existing financial and monetary systems. FIG. 6 illustrates a diagram of a hardware configuration of the sovereign digital currency operation system according to the present embodiment. FIG. 7 illustrates a logical block diagram of a processor of the sovereign digital currency operation system according to the present embodiment. FIG. 8 is a flowchart illustrating basic concept of the present embodiment. FIG. 9 is a diagram illustrating a relationship between a client and a server in the present embodiment. FIG. 10 is a flowchart illustrating an example of processing performed by a model training module. FIG. 11 illustrates a diagram to compute an inverse matrix by another part of server. FIG. 12 is a logical block diagram for storing of personal data encrypted with full homomorphic encryption in a blockchain. FIG. 13 illustrates a block with the personal data encrypted with a secret key. FIG. 14 illustrates a block with the verified identifier encrypted with a secret key. FIG. 15 is a logical block diagram illustrating conceptual flow of an operational system of sovereign digital currency for a user validation.

Embodiments of the present invention will be described below in detail with reference to the accompanying drawings. Note that, in this Specification and the drawings, elements that can be described in a similar manner may be denoted by the same reference signs, and redundant description thereof may be omitted.

In the description, first, a background of the embodiments of the present invention, and the like, will be described, and then a computer system for implementing the present invention will be described. The description will be given in the following order.
1. Background
2. Overview of Sovereign Digital Currency Operation System
3. Embodiment of Sovereign Digital Currency Operation System
4. Supplementary Notes

1. Background
In recent years, reflecting on the substantial shift toward global currency reset, sovereign digital currency (SDC) has risen to prominence as a mean to stabilize monetary systems out of reserve currency vulnerabilities. Central Bank Digital Currency (CBDC) avowedly introduced at 24^th January 2020 in The World Economic Forum is one of the prototypes of SDC. However, the CBDC would face challenges as follows in the process for attaining its goal.

1) Validation and privacy protection risk
- CBDC is Anonymous as same as real cash and prepared money, lacks any information about KYC Identification that meets AML/CFT compliance in it. The compliance relevant logwork depends on third parties amongst all only domestic intermediaries at each transaction, such as a commercial bank under the control of the Central bank in particular Foreign parties cannot access the information related to KYC identification to validate it. CBDC does not involve jurisdiction required to take care higher risk profile.

- In addition to that, it is difficult to ensure transaction traceability coexisting with privacy protection in which personal information abuse and leakage are to be rightly restricted. The transaction traceability is outstanding tradeoff with privacy protection.

2) Liquidity Supply
- Under the current two-tired money structure constitutes CBDC or substitute of legal tender and bank deposit, the outstanding trade-off in value between CBDC and bank deposit privately issued through money multiplier process of commercial banks is likely to bring about the disruptive market power risk especially in developing countries.
- In contrast If CBDC bearded negative interest in advanced countries it could increase not only economic but also social confusion in terms of sustainable solvency.

3) Cross-border Transfer
- Legal status of CBDC cannot extend to foreign entity and furthermore in another sovereign countries, and there could be traceability problem on the ground that foreign CBDC holder do not hold account at certain Central Bank.
- If foreign CBDC become high domestic adoption, it could distort the credit system due to value gap in terms of purchasing power parity within the currency area in particular.

The design principle of SDC is for example advocated by Joule consortium as follows. It should be well prioritized in accordance with strategic goal based on the country specific background which includes the legal framework, current status of payment system, level of technical literacy and so on.

1) Establish trusted, resilient and user-friendly payment gateway with sustainable value for all residents on top of the Hyperledger (permissioned blockchain) system coupled with wireless internet access.
2) Provide more financial inclusion with mobile-based account model, decrease excessive dependency on fiscal facilities and manualized workflow with massive manpower inducing more integrated financial services such as escrow, micro finance, saving and remittance on digital wallet.
3) Get rid of unscrupulous activities such as AML/CFT as well as corruption due to traditional manner of cash-handling through recording all the credit histories cryptographically, at the same time offer safeguards for privacy protection on the homomorphically encrypted scheme.
4) Complete an integrity as an anchor of confidence for M0 with M1(Demand deposits), M2 and furthermore MC (credit i.e. differed payment contracting for forward delivery) ensure continuing and sound money supply, hence preventing user-facing banks with money multiplier process from credit and liquidity risk.
5) Ensure more consistent economic and fiscal policy transmission reflecting a credit expansion for the real effective demand alleviates the depreciation in value of sovereign currency against major trading currency simultaneously increase inflow of enough money stock of non-resident with less exchange rate volatility.

Regardless of whether CBDC or SDC the clux of matter is how to recover or improve the pecuriality of money which faces challenge now.

In the first place, where money come from? Who first invented money? The answers to these questions would give us a clue in which the peculiarity of money lies. Sine qua non of what make it money?

In 1966, French archeologist Dr. Amie excavated much token engraved with different numbers. Token is encapsulated by hollow package (called ”Burra”) with shading the same number as token. These estimated to be penetrated around Uruk(Onug) among ancient Sumer in approximately B.C. 4000 to B.C. 3100.

How Sumer token was used? What did the number of tokens indicate? -------- The Sumer token is interpreted as a receipt of stock, more specifically, livestock represented by sheep. The tokenized receipt served as a ledger of accounting record that ensured the right of token holder to save and retrieve his proprietary asset. Note Shumer token can be said to have a substantial pecuniary as money:
(1) Receipt for securing the property in predictable future, through bridging the value between present ownership and forward delivery.
(2) Ledger of accounting record to clarify numerically the amount of asset to be stored.
(3) Legal tender in which the obligor such as depository could not refuse the settlement of underlying liability.
(4) Liquidity by employing a standard and definite form of token.

After Dr. Amie discovered them, Sumer token system was demonstrated gradually to reach a wide adaption in the south area of Mesopotamia. For Sumer sheep was the predominant wealth, because sheep is not only nutritious or energy intensive in the ecosystem, but well preserved. The preservation of value, literally just the aspect of “livestock” played an essential role to create tokenized receipt with the primary objectives of offering security. If Sumer ate only meat of mammoth or cod they hunt, there could not be a likelihood to reach the token money system. That was reason why these stuffs were perishable, easily rotten and even wasted, could not temp Shumer to store historical record for forward contract of delivery.

Off course it is not deniable that wheat or rice with a feature of both preservation food and seasonality could contribute to the prominence of such a ledger log. However, the accounting crop required more technically standardized unit and way of measurement. Amongst of all submissive sheep could further valued as a wool had ruled the roost in terms of robust demand as commodity. Therefore, the term of capital originated from caputu in Latin with the meaning of sheep. The oldest anthology of poems in China, Singing (Chinese characters are described in (1) below) in B.C. 1100 to B.C. 600 expressed the symbolic status of sheep as a typical national wealth, even present day RMB or national currency of China is simplified by the mark of yen as described below (2), while Chinese character described below (3) is a hieroglyph meaning sheep.

Backing to Sumer token, as we acknowledge, it was featured by four dimensions of money: the receipt for storing value, the ledger for recording account, the legal tender for enforceability and the transferability for transaction. Such attributes taught us Sumer money is analogue to what we call credit with securing value not to what we call cash or medium of exchange, because it primarily represented the credit of token holder to receive his asset, namely what made it money was bridging credit (of token holder) with demand for value (of sheep).

In other words, we stay in the modern society are inclined to fall into the general misconception that money emerged as a mean of exchange that eliminated the inconvenience of “primitive” barter trading, in which we exchange goods with other goods directly. This clumsy system forced us to depend on the coincidental luck of double wants to be met. Money appeared as an intermediary with common denomination to provide such a situation of roundabout with supper solution. We are obsessed by superficial observation that the utility of money come from exchange of value, typically mislead by D. Ricard saying “money is only the medium by which the exchange is effected”. Here is the difference of great important. The central matter is that which the attribute brought out what we call a medium of exchange, as Sumer money eloquently suggested only it followed the well-established token system that could complete the credit of token backed by the accountable demand for asset convertible with it.

The history taught us that Sumer token have evolved towards three dimensions afterwards.

First money has been improved its physical property from cray of Sumer token or shell via metal coin to current blockchain. Money have been required more durability against wastage through the passage of time, for example, the gold currency standardized by Constantine in Rome was called “Solidus” with a meaning of “Solid”. And It have been enhanced resistance against counterfeit. Growing market inclusion from place to place, it has been necessary to keep record on it in more physically secured and trusted manner.

Second, in accordance with the substantial shift of the utility from storing value towards medium of exchange, the demand for more resilient and user-friendly settlement have been growing. Sumer token package seems to be not convenient in our present life.

Lastly money has been placed more creditability embettled on it. For example, the convertibility with precious metal had long time believed to avert the devaluation of credit on money because of deflational effects owing to the peculiar scarcity of it. And furthermore, as another way to stabilize the creditability on money is let the government institutionally monopolize to launch “currency” at least it was effective for “currency” to not expose to mortal competition with substitutes.

The above three dimensions have been interacted each other, and made proportionally progress, but compared to Sumer era become increasingly confused today. As a matter of fact, our modern money lost much virtue which Sumer token held, namely can afford no ledger and, above of all money can be overextent irrespective of whether there are certain sheep to be converted into, as if money is “bottomless sink for purchasing power (J.M Keynes)”. In other words, the former two efforts very often only contributed to its liquidity preference, but trivialized intrinsic functioning of money defining the creditability of who is liable for forward delivery of goods or service, and what goods or service is inextricably linked with true value.

Policy makers, especially since the Lehman shock in 2009, have been overprinting central banknotes to provide excessively massive liquidity into capital circulation. However, paradoxically, the mushroomed liquidity discourages public to draw down the vault money from their bank account just only by debase of money itself, not stimulated by what Keynes called it effective demand for goods with value or new “sheeps”.
One result is not overlooked that the status of money as legal tender is actually replaced by public bond in the context of both astronomical volume and enforceability. And the authority cannot resist temptation to further decrease the value of currency, when it cannot sufficiently cover public debt through a form of collecting tax and vice versa.

And another result is shown by the emergence of cryptocurrency like Bitcoin inherited the widely held fallacy that money is merely a medium of exchange. As regards all the so-called stable coin backed by conversional financial assets cannot avert to fall into a same pit, namely if traditional currency devalued, it could lose value pari passu.

Public bond and cryptocurrency have a similar risk to exchange with another kind of money tautologically, only to keep or enhance the value of financial assets themselves, or hoarded in stash, never converted into new “Sheep”, For example, the gross asset of the Bank of Japan has expanded by 8.5% during fiscal 2020, whiles nominal national income has grown by zero close to negative It inevitably could ruin an autonomous stabilizer of money to apocalyptic extent particularly after February 2022.Money less likely to be able to bridge credit with true value. Today, it would be energy consuming to issue money made by clay. However, the substantial attribute of Sumer token is thought to be remained till present day. The predominating utility of money is solely derived from the credit of money holder bound with differed goods and service, not with only another kind of “money”. It is no exception even when sovereign digital currency (SDC) is designed it should recover the peculiar mechanism for the credit transfer algorithmically built in SDC, otherwise all the attempts would mimic nothing other than old-fashioned falt.

On September 19, 2019, Tobias Adrian, Tommaso Mancini-Goiffoli of the IMF warned that a so-called stablecoin secured by the underlying assets may possibly bring new financial risks. The date, September 19, was coincidently the date when an issuer of an inventive sovereign digital currency “Joule” was registered in Malta, the issuer issuing "currency" in a form of sharing credit in a non-anonymous form under the principle that the value of money come from nothing other than user credit linked with anefficitive depend with value. The blog recited "USD coins, Facebook announced Libra, and centralized digital money of the stablecoin business model" as examples of the stablecoin.

The blog points out six possible risks:
(1) The bank's mediation function becomes unnecessary.
(2) Combining financial services and information services creates a new exclusive monopoly.
(3) Capital flight from weaker currencies occurs.
(4) Capital is diverted to money laundering and terrorist finance.
(5) The gain on issuance of currencies, i.e., seigniorage disappears.
(6) Policy makers is required to strengthen consumer protection and financial stabilization.

It should be noted first, however, that the above (1), (3), (5), and (6) are not the financial risks that have been presented first with the advent of the asset backed stablecoin such as Libra. These are familiar risks that have progressed and exploded periodically in the form of economic depression with a catastrophic chain reaction of defaults under the situation in which interest rate lose an elasticity to determine liquidy preference of money. Thus, it is unreasonable to put the blame only of asset backed stable coin. Rather, it would be natural to consider that there is a causal link between the emergence of cryptocurrencies and the current uncertainty of legal currencies and their issuing systems, not go back to stable coin, and like.

As regards diversion to money laundering and terrorist finance in (4). This point is the same as the fiat currencies same as current cryptocurrency is circulated in an anonymous form without any verification mechanism in it. The combination of anonymous money with another instrument such as cryptocurrency and/or commodity provide money launder with an enough anonymous space. Depend on a variety of intermediary such as bank as well as exchange is considered to be capable of eliminating illegal acts such as money laundering, movement of terrorist funds, deviations from economic sanctions, and tax evasion under certain regulations. However as shown by Figure first, how to identify KYC varies by each intermediary, even degree of registration of people differs from one country to another. In addition to that without an appropriate scheme for bringing KYC with ID account, money launder. Second there are much option for money launder to choose extremely reinitiated routes for money transfer with multi-layer includes not only bank and exchange but payment service provider and others such as casino. Each intermediary cannot grasp total flow to identify offshore and user.

The arguments about (4) and (2) would require more careful consideration. Interestingly, while the concerns in (4) are due to the anonymity of Cryptocurrency described above, the concerns in (2) are that business models specific to social media networking services (SNSs) with a number of users may violate privacy, at the same time anonymous use of currencies. However, the both matters occur at the same time and the dilemma would not be regarded as unreasonable criticism.

Social media are a treasure of information about individual behavior, preferences, and social characteristics. By positioning such information as life logs and analyzing the information in association with purchase history, GPS data, and the like, patterns between their own attributes and behavior that are even unknown to the person himself/herself are found. Furthermore, its potential is in proportion to the amount of collected data and the computational capability, and more recently, to the progress of the learning capability on the computer side, and is unlimited. Among them, currency transactions may provide an optimal source of information for product recommendation and conversion to advertising. Therefore, it can be understood without analyzing big data that service providers do not leave this point. The concerns above is based on that, from the past bad data management of data breach for more than 50 million persons occurred in 2017 and others, it would be possible to save a great deal of trouble in the future if the actions are now decided to be problematic.

As to privacy protection for digital information, the General Data Privacy Regulation (GDPR) is enforced in EU in May 2018. However, it would be even difficult to define the scope of privacy concepts from now to the future by existing legal standards, especially based on a common law system employed in some of western countries, in view of recent situation in which privacy itself is a relatively new legal concept, and individuals rather voluntarily actively participate in networks and disclose their own information, and the social impact of the networks is growing exponentially.

One of key issues is to structure a system to provide a credit with reliable KYC information verified a trusted verifier specific ally with sovereign digital currency itself in place of a current procedure to refer bank account. As show by Figure current system for KYC is commonly implemented throw triangle structure among issuer, verifier and prover of credential. However, such a process is roundabout and costly to remain space for opportunity of illegit proceed.

When it come back to how Sumer money with the form of token in package (Burra) was practically made use., we have nothing beyond an imagination, however what attract our attention is that the same number was engraved in each token and outer package respectively. It is conceivable that, token was held by asset holder, whereas corresponding package was administrated by depository. In the case each number was coincided, the transaction could be valid. The primitive token system intended to hamper counterfeit of ledger by each side. It was anonymous because number was still extant, however in those days there were no available character to identify the name or KYC of token holder. Under such a situation the identification of token was verified by the coincidence with package which played as “third-party verifier” ensuring a public control for token system in terms of creditability.

Jacwues Lancan mentioned in “Ecrits (1966)” that a mirror plays an essential part as “third-party identifier “to give you the first identity in infancy. A mirror can be said to be an ideal apparatus to generate identification in a universal and furthermore quasi-digital manner.

However, a substantial problem in the real world is that identity itself come originated from completely disparate sources that requires mirrors with pretty much angles of reflection. That is substantial reason why attempts to identify the subject by issuing the digital credential with general-purpose on blockchain would face challenges.

Identity constitutes three-layer structure, i.e., includes Natural Identity by which you distinguish yourself or your daughter distinguishes you from others by watching a mirror, Private Identity by which company or school distinguishes you through issuing credential, and finally Legal Identity by which a governmental body distinguishes you in a legally stipulated manner, for example. It would cause a great confusion by crossing the different layers without clear distinction for sake of establishing a kind of universal KYC top on trustworthy network touted. Note that KYC is preferably be limited for purpose to assert that an identity holder is capable to acquire credit at a distance at the same time to eliminate illegal behaviors such as AML as well as CTF, otherwise it would be gripped by much confusion that make it impractical as following.

i) The difference in purpose (ex. Driver’s license, social insurance, tax, utilizing specific services including opening of bank account, attribution to organization, and the like).
ii) The difference in legal status (even if it has clear legal status, the relevant procedure often leaves to discretion at free hand)
iii) The difference in verification method or subject of the method (Birth date, physical face or finger print, phone number, visual confirmation, etc.)
iv) The complexity and redundancy of implementation process (Interaction among differentiated organization includes a certification authority, an identification provider, an issuer, a verifier etc.)
v) The ambiguity about legal responsibilities for verification about KYC of each entity mentioned above.
vi) The difficulty for properties or attributes in a form of analogue to digitalize in the process of assertion.
vii) The lacks of compatibility and interoperability among pieces of KYC in format (often not machine-readable).
viii) The lack of privacy-protection scheme for personal information used in the assertion process of claim.
ix) The lack of immunity against data manipulation or falsification.

With the system described above, the embodiment avoids various implicit behaviors (e.g., money laundering) caused by providing a sovereign digital currency with an anonymity. At the same time the embodiment does not allow the user profile data to be presented to even the issuer of the sovereign digital currency and to the algorithm to furnish an environment in which users can anonymously use the sovereign digital currency.

The profile data and the transaction data are encrypted and converted into general data in a form of similarity index vale with a distinctive serial number and VID. Therefore, it is not possible to retrospectively specify the original data of explanatory variables by calculation. Further, even if the explanatory variables are found, it is not possible to associate the explanatory variables with an individual user itself on more upstream.

Even if correlations and similarities are analyzed in cooperation with other data (communication data on social media, or the like) to calculate Jaccard coefficients, or the like, in an encrypted state without disclosing the concealed data, achieved is classifications for cipher string sets of unknown meanings at the maximum. It is not possible to associate the elements of the classified sets with an ID of an individual on the upstream side.

2. Overview of Sovereign Digital Currency Operation System
The present embodiment relates to issuing and operation systems, apparatus, computer software, methods for sovereign digital currency with a user identifier to identity who exactly hold it, and to whom exactly transfer it, namely in which a source and destination of transfer of the currency can be traced back in a verifiable manner, while simultaneously protect user information from exposing to even for an issuer of sovereign digital currency. Moreover, the present embodiment to provide sovereign digital currency with a user identifier contains KYC data in a form of a homomorphically calculated and encrypted plural user profile data. Encrypted scheme fully conceals the original user information for ensuring de-fact opt-in privacy of sovereign digital currency user. The issuing and operation system may be referred to as a sovereign digital currency operation system, an operation system for a sovereign digital currency, and the like in the embodiments.

Another specific embodiment relates to issuing the combination of two kinds of user identifier; a first identifier associated with homomorphically encrypted user information of a sovereign digital currency user presented by a form of serial number (ID), the second identifier associated with the information about who and when identify the subject in a trusted manner, namely, in compliance with legal framework and relevant guideline. The second identifier is enough verifiable by a third party, alternatively called as a verified identifier (VID). The VID is to be issued limitedly to a verifier itself and(or) for example, if necessary, to a validation node of the authorized third party, while, not presented to sovereign digital currency user itself to hamper data falsification and manipulation by the user itself and/or insider attack.

Additionally, in the present embodiment, an issuing and operation system presents the ID and VID on a network and delivers them through an API in response to a query, for example, adds the ID and VID to a block of private blockchain with distributed ledger system through hashing them to build block of private blockchain which make it more immutable and accountable. It may be, for example, applied to cross-border money transfer by retrieving blockchain information. In the case, cross-border money transfer can be validated on the condition that the first ID coincidents with the second (VID). It could be helpful to discourage money launder to try to transfer money offshore through anonymous instruments.

In another practical embodiment, the issuing and operation system is, for example, configured to present a quantitative risk score to calculate deviation from standard as to risk due to the fraud and fault of KYC. KYC risk scoring routine starts with reception of risk information from multiple third parties and partitions them into accidents not due to KYC risk and KYC risk, and the latter is to be further broken down to segmented behaviors such as simple fault (error or neglect of refreshing), an involvement to crime includes identity theft, account takeover, swindle, money laundering and terrorist finance. The risk scoring module processes KYC risk at three different layers; first risk score is associated with total population of country wherein sovereign digital currency in particular is used, second risk score is associated with of a segment of each issuer of KYC belongs to such as public authority, bank, exchange, attorney and so on, third and final risk score is associated with individual management of KYC, for example when and who (and how) certify the identifiable natural person to issue KYC exactly.

In another optional embodiment, the issuing and operation system is, for example, configured to process a financial risk score to determine comprehensive credit from the viewpoints of bankability of sovereign digital currency user, in which the creditability related to KYC is estimated as a part of the financial creditability of user for credit supply.

For example, the issuing and operation system includes a scoring module configured to perform credit rating related to credit or investments while the data for credit rating is encrypted, an encryption training module including a classifier configured to input the user data being encrypted, to perform learning about scoring, and to find a solution of an inference by using a gradient descent method or a matrix operation with an inverse matrix calculation, an external cooperation module including an application programming interface (API) server configured to present the converted score to a client(s), and a decryption module configured to decrypt the data by using a private key paired with a public key in the fully homomorphic encryption.

The present embodiment relates to an operational and operation system, apparatus, computer software, methods for sovereign digital currency with identifier, that comprises, for example, a reference module configured to refer to KYC data received from multiple institutions with personal data applied by an applicant of digital user, a partitioning module (partition module) configured to issue data, KYC data and management data, an HE module configured to process input data to be homomorphically encrypted, an identifier (serial number) generating module configured to issue the identifier (ID), a verified identifier (VID) generating module configured to issue the second identifier or VID, a decryption module configured to decrypt each of the ID and VID, an API module configured to communicate with an external party.

The present embodiment relates to, for example, issuing and operation system, for sovereign digital currency with identifier. A sovereign digital currency operation system according to the present embodiment includes, for example, an extraction module configured to select and extract, from KYC data, data to be concealed among sovereign digital currency user information, an encryption module configured to encrypt the data to be concealed by applying fully homomorphic encryption (fully homomorphic public key encryption), a scoring module configured to perform credit rating related to credit or investments while the data for credit rating is encrypted, an encryption training module including a classifier configured to input the user data being encrypted, to perform learning about scoring, and to find a solution of an inference by using a gradient descent method or a matrix operation with an inverse matrix calculation, an external cooperation module including an application programming interface (API) server configured to present the converted score to a client(s), and a decryption module configured to decrypt the data by using a private key paired with a public key in the fully homomorphic encryption. The sovereign digital currency operation system ensures anonymous use of a sovereign digital currency, i.e., opt-in privacy.

Note that the definition of “currency” in the present embodiment for example, satisfies the following three conditions at the same time, no matter who is issue of currency, for example. First, the currency itself is transferable each other (while credit cards, for example, only can represent just claim to transfer money at bank account). Second, the currency intends to indicate value (while gold, for example, does not intend to indicate value). Third, the currency in the present embodiment is compatible with other settlement means including fiat currency (while point mileage, for example, can be exchanged for specific goods or services, but cannot be exchanged for money). Another definition of “digital” currency in the present embodiment is a currency of which information relating to ownership, transfer, or the like is electromagnetically recorded in an accountable manner through a connection of a terminal or the like to a communication network. The currency may be backed by a collateral value of credit or another financial assets. The further definition of non-anonymous sovereign digital currency is a sovereign digital currency of which a user or a holder can be specified without referring to a bank account. The sovereign digital currency itself may be a popular name that broadly encompasses, for example, cryptocurrency, virtual currency, cards, point cards, and the like.

3. Embodiment of Sovereign Digital Currency Operation System
Hereinafter, the sovereign digital currency operation system in the present embodiment will be described. The sovereign digital currency operation system is, as an example, a system for issuing a sovereign digital currency when an applicant is certificated and identified in a legally verified manner. The issuer of the sovereign digital currency may be a central bank, a P2P (Peer to Peer) network scheme, or a P2P network scheme including an administrator. Note that the sovereign digital currency operation system is not limited to the system described above.

FIG. 2 is a block diagram illustrating a configuration of the sovereign digital currency operation system and data flow according to the present embodiment. The sovereign digital currency operation system includes, for example, a reference module 1, a partitioning module 2, encryption modules 3, a scoring module 4, a model training module 5, a first identifier generating module 6 a second identifier generating module 7, decryption modules 8 and 9, and external cooperation modules 10 and 11. The sovereign digital currency operation system also includes one or more databases 14 to 19. The sovereign digital currency operation system also includes a validation module 12 and a hashing module 13.

The reference module 1 receives personal data contributed by an applicant of sovereign digital currency in a fixed entity form on web site, and then receives KYC (know your customer) data of the same applicant which is certificated and verified by a third party (also referred to as a verifier) to match them.

The partitioning module 2 partitions received data into KYC data, and other data such as verifier and management data.

The encryption module 3 (also referred to as an HE module or an FHE module) encrypts the user profile data partitioned by the partitioning module 2 by applying fully homomorphic public key encryption. This conceals the user profile data and process of identification data. The encryption module 2 may store the encrypted user profile data in the database 14.

The scoring module 4 (also referred to as a credit scoring module) calculates deviation score from standard to estimate creditability of KYC in which all the personal data of digital user is masked by fully homomorphic encryption scheme without decryption. The obtained score may be stored in the database 15.

The model training module 5 inputs the user KYC data and other data being encrypted and learns an algorithm related to scoring from the input data set. The model training module 5 can reduce an inference error and achieve higher inference accuracy.

Note that the encryption module 3 includes a key generation device and an encryption device. This module may be a computer coupled by wireless and/or wired communication means. The computer includes a processor for performing arithmetic processing, a communication interface, an input and output interface, a storage medium, and a program to be executed by a component for program execution.

The first identifier generating module 6 process KYC data of each user to issue a corresponding identifier (the first identifier), for example, in a form of serial number (also referred to as ID). The first identifier generating module 6 may store the ID in the database 16.

The second identifier generating module 7 processes KYC data of each user coupled with the data of KYC verifier and management data to issue the second identifier (also referred to as verified identifier or VID). The second identifier module may store the VID in the database 17.

The decryption module 8 decrypts the ID with a private key paired with the fully homomorphic public key. The decryption module 7 may store the ID in the database 18. The decryption module 9 decrypts the VID with a private key paired with the fully homomorphic public key. The decryption module 9 may store the VID in the database 19.

The external cooperation module 10 (also referred to as an application programming interface (API) module) includes, for example, an API server. The external cooperation module 10 outputs to a terminal(s) of a third party such as each user of sovereign digital currency.

The external cooperation module 11 (also referred to as an application programming interface (API) module) includes, for example, an API server. The external cooperation module 11 outputs to a terminal(s) of a third party such as each verifier who originally issued KYC to each user of sovereign digital currency.

FIG. 3 illustrates a diagram of hardware configuration and data flow as regards validation module.

The validation module 12 which is furnished with a third party such as a validator, receives the first ID and the second ID (VID) through respective external corporation modules, and then calculates to identify the coincidence of personal data homomorphically encrypted in the ID and personal data homomorphically encrypted in the VID. If they are coincident, the ID can be trusted, and further validated. In addition to that the validator knows who or which verifier provided the VID, however, cannot access the personal data concealed in a HE scheme.

FIG. 6 illustrates a diagram of a hardware configuration of the sovereign digital currency operation system according to the present embodiment. FIG. 7 illustrates a configuration diagram of the sovereign digital currency operation system constituted with a single apparatus. When the sovereign digital currency operation system is constituted with a plurality of apparatuses, each of the apparatuses may include the constitution illustrated in FIG. 7.

The sovereign digital currency operation system includes, for example, a processor 21, a storage 22, an input unit 23, an output unit 24, and a communication controller 25.

The processor 21 is, for example, a processor such as a central processing unit (CPU) and executes processing in the sovereign digital currency operation system. The storage 22 corresponds to the databases 14 to 19 in FIG. 2. For example, the storage 22 includes a storage medium such as a random-access memory (RAM), and/or a storage medium such as a hard disc drive (HDD) and a flash memory. The storage 22 stores various types of data and information, and stores a program read and executed by the processor 21.

The input unit 23 is, for example, a keyboard, a mouse, a touch panel, or the like. The input unit 23 inputs training data for machine-learning. The output unit 24 is, for example, a display unit for displaying information such as the credit score obtained by the credit scoring module 4, a transmission unit for transmitting information to the outside via the communication controller 25, a browsing management unit for allowing access to the information from the outside via the communication controller 25, or the like. The output unit 24 corresponds to the API module 10 and 11 illustrated in FIG. 2. The output unit 24 may be a component (block) that discloses at least part of information in the databases 18 and 19 illustrated in FIG. 2 to the outside. The communication controller 25 is an interface with communication networks. The communication controller 25 performs communication control in accordance with a predetermined communication protocol.

FIG. 7 illustrates a logical block diagram of the processor 21 of the sovereign digital currency operation system according to the present embodiment. FIG. 7 illustrates a configuration diagram of a processor when the sovereign digital currency operation system is constituted with a single apparatus. When the sovereign digital currency operation system is constituted with a plurality of apparatuses, each of the apparatuses may include one or more units of the processor illustrated in FIG. 7. In other words, the units of the processor illustrated in FIG. 7 may be located in any of the apparatuses in a distributed manner.

The processor 21 includes, for example, an encryption unit 31, a scoring unit 32, a learning unit (training unit) 33, an ID generating unit 34, a decryption unit 35, a data partitioning unit 36, a reference unit 37, a validation unit 38, and a hashing unit 39. The encryption unit 31 corresponds to the HE modules 3 illustrated in FIG. 2. The scoring unit 32 corresponds to the credit scoring module 4 illustrated in FIG. 2. The learning unit (training unit) 33 corresponds to the model training module 5 illustrated in FIG. 2. The ID and VID generating unit 34 corresponds to the ID and VID modules 6 and 7 illustrated in FIG. 2. The decryption unit 35 corresponds to the decryption modules 8 and 9 illustrated in FIG. 2. The data partitioning unit 36 corresponds to the partitioning module 2 illustrated in FIG. 2. The reference unit 37 corresponds to the ID and VID reference module 1 illustrated in FIG. 2. The validation unit 38 corresponds to the validation module 12 illustrated in FIG. 3. The hashing unit 39 corresponds to the hashing module 13 illustrated in FIG. 12.

(User Profile Data)
Here, the user profile data obtained through the reference module 1 by the partitioning module 2 will be described.

The user profile data obtained by the reference module 1 is processed as follows: data that is entered in accordance with an entry form on a web site requested by an issuer, by an operation of a user, from a terminal such as a personal computer (PC), a mobile terminal, or a tablet; and data transmitted (provided) from a third party (organization, entity) such as a public or private credit information agency, and an ID information management agency (India, Bangladesh) in a predetermined form.

The data entered in accordance with the input form (registration form) may include, in a case that the user is an individual, gender, address, age, place of work, length of service, contract status of public insurance, annual income, loans, credit history, or the like. In addition to these, in some cases, an ID of guarantor, a certificate of assets held, or the like may be included. In a case that the user is a business entity such as a company, the data may include corporate registration information, a profit and loss statement (PL), a balance sheet (BS), or the like. In a case of specific purpose type (e.g., financing depending on CO₂ reductions), the data may include an ID of a party concerned, facility conditions, and operating conditions. As these examples, the data may be various types of data, and may be determined by an issuer of an electronic means of settlement in general cases.

The partitioning module 2 selects and extracts the user profile information from the KYC information. The information belonging to KYC generally includes name, address, date of birth, or the like, but in some cases, the information further includes a telephone number, place of birth, an identification number, a taxpayer identification number, a marital status, or the like. Biometric data, advanced electric signature, and the like may be included in the information belonging to KYC, for example, depending on the progress of technology, the local technical literacy, the preparations of regulations, or social demands related thereto.

A method of acquiring KYC data, methods of identification, certification and verification, a method of storing the KYC data, and a form and process in these methods may be different depending on timing, and the country or area to which the issuer or the user belongs, i.e., the preparation status of the relevant laws and regulations (including anti-money laundering (AML) and combating the financing of terrorism (CFT)). For example, some countries force a face-to-face procedure for opening a new bank account in the bank, and further combines sending of identification card or paper and the receipt of a transfer-prohibited postal item, to intentionally avoid completing the procedure only in an electronic procedure nor on-line. In a country, it is necessary to keep records of the person in charge, the method of verification, and the person who prepared the records for seven years. This seems to be a policy for protecting existing privilege of the bank. The details and methods of above contents, such as what is recognized to be KYC, should satisfy at least the requirements of the relevant laws and regulations.

In any case, other than the individual name, a quasi-identifier such as an address and a passport number from which the person is immediately identified is also classified into the KYC.

Inquiry about the registered person is made to lists of AML, CFT, economic sanctions, antisocial forces, and the like, and the registration is rejected if the registered person matches the lists. Filtering/screening is performed in accordance with predetermined conditions, and an KYC is provided to each party passing the filtering/screening (FIG. 1).
Identifier (also referred to as ID) is presented to a user, for example, in a form of serial number, shown as FIG.1 and FIG.2

It is common that all the procedures as to KYC are carried out by designated institutes which include not only a public issuer of national ID but also a commercial bank, a credit card company, a payment service provider (PSP) , an exchanger, a fixed/mobile telecommunication company, an issuer of URL, in some case attorney and the like. These institutes are thought to be blamed legally on the issuance or verification of users in compliance with a specific law or/and regulation.

Note that the degree of trust on KYC entirely depends on such institutes which perform the identification. Identifying the issuer of KYC is a key issue to determine the trust of it, when it is verified. The management data such as when the identification is performed, refreshed (updated) and terminated. Getting and presenting the identification issued and verified by the institute allows beneficially economically each user to be able to acquire the proprietary credit. It draws our attention to that the identification which provides such credit varies according to who issues the KYC, and what regulated framework of the nation or region is, particularly in term of its enforceability.

Taking the above issue into account, a verified identifier (Verified ID, VID, also referred to as a second ID) is issued to each user in addition to the ID (also referred to as a first ID) described above. In addition, the VID is not presented to each user to hamper possible manipulation and falsification by anyone but presented to a verifier and if necessary, a third party (cf. FIGS. 1 and 2). The VID represents a verified identifier and makes it clear which institute has performed the identification, and when the identification is performed, for example, the identification may be a refresh or termination of the identification. As described above, it is associated with the user profile information encrypted in an HE encryption scheme. The combination of ID and VID is possible to give great advantage and improved efficiency to a circulate KYC verifiable, without revealing a plurality of input of individual information and furthermore the trust of KYC could be confirmed by the only coincidence of ID with VID and the latter is traceable to legally authorized institutes. In other words, the present embodiment provides an integrated KYC in a verified and traceable manner by a third party, without revealing personal data for example, and thus allows cross-border money transfer.

As shown by the logical block diagram illustrating conceptual flow of an operation system of sovereign digital currency for user validation of FIG. 15, a system is desired to provide digital credit with trusted KYC data to be validated by an authorized third party without revealing input personal information of sovereign digital currency, and to ensure opt-in privacy, quasi anonymous usage as cash. The system is also desired to satisfy the requirements for public validity and confidentiality protection originally to be conflicted each other. For the purpose of solving this dilemma, it is desired for a sovereign digital currency (which encompasses credit creation/transfer means) to be furnished with the combination of two user identifiers (ID), the first identifier for a certain user and with the second ID, alternatively called a verified identifier (VID) representing who and when identified corresponding subject. Either ID entails the personal information of same subject masked by homomorphic computation. It is also desired that each party can access the information at each layer according to its authorized rank, for example some specific parties such as so-called validator are grant limited access to the similarity index value of input data though homomorphic calculation, while cannot directly access a plurality of personal data. And furthermore, it allows to validate the trust of identifier through matching each personal-data-associated ID with VID though homomorphic calculation without retrospectively retrieving input data, even from the remote validation nodes in foreign countries.

(Hashing and Storing Private Data in Blockchain)
FIG. 12 is a logical block diagram for storing of personal data encrypted with full homomorphic encryption in a blockchain. FIG. 13 illustrates a block with the personal data encrypted with a secret key. FIG. 14 illustrates a block with the verified identifier encrypted with a secret key. In one embodiment, the sovereign digital currency operation system further includes a hashing module 13 configured to hash personal data encrypted with full homomorphic encryption. The hashing module 13 adds the hashed personal data in a block for a blockchain (e.g., private blockchain), and stores the block in the blockchain. The hashing module 13 may be a hashing unit configured with the processor 21 illustrated in FIGS. 2 and 3. The hashing module 13 may be included in a server with other modules (units) or in a dedicated server.

In this way, the ID and/or the VID with encrypted personal data homomorphically encryption scheme is to be stored in a blockchain through hashing, for example by using SHA256 (Secure Hash Algorithm 256-bit). This further boosts a security level through integration of encryption of personal data with a distributed manner of a blockchain. Encrypted personal data is to be shared by all the nodes on a blockchain or by some nodes thereon.

For example, all the existing cryptocurrency has no choice but depends on the credit-checking function of an exchanger to grasp a money flow. Even though the exchanger employs an appropriate registration system for all the KYC data of relevant parties, it may be possible to grasp a money flow only when cryptocurrency is exchanged with fiat currency or its alternatives. That means credit-checking mechanism belongs to an exchanger, not to cryptocurrency itself. As a matter of what existing cryptocurrency can be said just the mean of speculation, so for recovery of investment, cryptocurrency must be ultimately turned into fiat currency.

If the function of credit-checking by an exchanger was successful, such a system could be effective. However, in a case of some kinds of completely alternative cryptocurrency as what CBDC or Libra intends to materialize, it is not necessary to exchange cryptocurrency with fiat currency. The cryptocurrency can be kept to use permanently, and the result might be that such a system with dependency on an exchanger is not able to work well, being vulnerable to illicit behavior such as money laundering and other credit risk.

When a buyer (or investor) and a user of sovereign digital currency are distinguished, the personal data of the former could be administrated in an appropriate way by an exchanger or institute where the buyer purchases the sovereign digital currency. Otherwise, although it does not matter technically, a buyer (or investor) is viewed as a part of users. Therefore, the personal data of buyer (or investor) is to be administrated in the same encryption scheme as that for a sovereign digital currency user.

As described previously, the trust degree of each KYC remarkably depends on a verifier coupled with regulation with where the verifier belongs to, and hence each V-ID’s trust is desirable to be estimated properly through scoring. Note that the degree of trust of the V-ID itself, in other words, the existence/non-existence of the person, the accuracy of profile information constituting KYC, the negligence of refresh and/or termination, moreover the involvement in interfaring AML or other illegal act is different depending on the V-ID. Therefore, the credit of the V-ID itself may be calculated using machine learning under the FHE scheme together with the credit score of the user, and the result of the scoring may be presented to a third party. A risk scoring module, for example, processes the credit risk due to KYC in accordance with three layers; first is associated with total population of country in particular, second is associated with segment of sector belongs to each verifier such as bank sector and exchange sector, third is associated with more individual factors, shown by FIG. 3.

(Scoring)
Next, the scoring will be described. The processing described below is performed by a processor or any unit, for example, included in any of the apparatuses in the sovereign digital currency operation system.

The user profile data selectively extracted from the KYC data is encrypted with a public key of the applied fully homomorphic encryption. A mathematical method for generating the public key differs from an encryption generation method used in secure shell (ssh) and the like. The user profile data is encrypted, and after that, is classified into a set of encryption sequences for each predetermined parameter, based on an algorithm such as a predetermined function (hereinafter, also referred to as a scoring algorithm) to generate the credit score.

The fully homomorphic encryption is a protocol in which addition and multiplication are possible in the encrypted state. The user profile data is encrypted by using fully homomorphic encryption (FHE), or encrypted by using somewhat HE (SHE) or labeled linear homomorphic encryption (LabLHE) that are derived from the FHE. Alternatively, personal data or the like may be encoded from one bit to a plurality of bits in a plain text space by using a BGV scheme, and encrypted while keeping an integer data type. Note that the encryption method is not limited to these methods. Encryption by which transform into an approximate polynomial is possible may be appropriately selected taking into consideration of the depth of circuits, compatibility with algorithms, scalability, and the impact on throughputs due to the presence or absence of boot strapping.

Note that therefore various calculation methodologies related to homomorphically encryption scheme may be included in the present embodiment, for example BFV(FV), BGV, CKKS, LWE, RLWE, GEW, FHEW (20), FEHE (21), and Yao’s Garbled Circuit.

An example of implementation methods using the BGV scheme will be described below.
(1) Key Generation
First, the followings are selected.

A ring is generated from the selected items.

Next, the followings are selected.

Further, Rt denotes a plan text space. The following is randomly selected with Gaussian distribution, which is set a secret key.

(Here, this sign is defined as an item selected from Gaussian distribution). A public key

constituted with

the former being arbitrary and the latter being selected randomly, is set. By using the followings,

encryption is made as follows.

(2) Decryption
Assume the following cipher,

decryption is made as follows.

The scoring algorithm described above may be determined by the issuer of the sovereign digital currency (or the operator of the sovereign digital currency operation system) from the types and amounts of items of the input data, determined by each local condition. For example, when a credit status of individual is to be scored, linear regression analysis may be used. Note that the scoring algorithm is not limited to these, and an appropriate algorithm capable of obtaining the score based on the user profile data may be used.

For example, in multiple regression analysis used in the scoring for individual, least squares method is used to a multi-variable line formed by a group of data points on the XY plane to find a solution. In this case, variables can be obtained by calculations of an inner product and an outer product. On the other hand, when deep learning is applied, a nonlinear function is needed for performing the learning. Therefore, the nonlinear function is approximated to a lower order polynomial to obtain a solution in the encrypted state.

Matching processing is performed on the calculated credit score and a predetermined parameter, and the is suability of an electronic currency and the issuance conditions (limit amount, fee, interest rate, and the like) that are associated with the parameter corresponding to the score is generated. The is suability and the issuance conditions are presented to the client.

Here, the scoring algorithm calculates correlation and similarity from a large number of user profile information, and analyzes the relationship between data. In the present embodiment, reinforcement learning is performed to achieve higher inference accuracy. In the FHE model training module4, a classifier is structured which encrypts a training data set acquired from a financial institution or the like with the fully homomorphic encryption in the same manner as described above, and inputs the training data set in the encrypted state to a training server to perform reinforced learning. An inference server receives an input of the user characteristics while being encrypted and outputs the inference result of the credit score, based on a predetermined learning model. The algorithm is optimized and/or updated in the encrypted state, for the purpose of minimizing the risk of a bad debt in a case of scoring the credit status for individual.

The inference error, i.e., a distance between the single inference result and the correct solution, may be output as a scalar value, or may be output as a classification class based on a ratio of a match between the inference result set and the correct solution set. The correct answer of the inference may be given by training data or may be input as appropriate. A stochastic gradient descent method is used for the reinforcement learning, but the present embodiment is not limited thereto. For example, in the gradient descent method, it is necessary to loop the processing to make a convergence into the solution. However, in the present embodiment, part of an overall operation for computing an inverse matrix may be computed by a matrix operation by another server having another decryption key, and only the result may be returned to the source server (FIG. 5). In other words, the source server may receive the result of the inverse matrix. In this manner, a solution may be obtained by a matrix operation and the number of computations may be reduced, which increases the speed.

Examples of an implementation method are described below. (FIG.10)

(1) Encrypting data with the homomorphic encryption and using the encrypted result as an input.

(2) Computing data in which a random regular matrix (R) is added with a random vector (r) with the homomorphic encryption.

(3) Transferring the part for computing an inverse matrix to a server of a third party. The server of the third party obtains a model by using a matrix and a vector in which a random factor is included in the original data and encrypts the result (W*) to returns the encrypted result to the source server.

(4) The server may perform the following operations while the original model being encrypted to obtain a solution.

The computing result (reward data) in a reward computing module (not illustrated) is decoded by the decryption module 8, 9 with a private key paired with the fully homomorphic public key. The reward data is then provided to the user(s) and the investor(s) as reward data via an API server and an external data cooperation server (external cooperation server).

Note that the sovereign digital currency operation system may be constituted with a plurality of servers (apparatuses). As an example, the sovereign digital currency operation system may include an encryption server including the encryption unit and connected to a location of a client including the user of the sovereign digital currency, an evaluation server including the scoring unit and computing the rating score, a training server including a classifier, an API server configured to control processing of the encryption server, the evaluation server and the training server, and a server (communication server) configured to communicate with an external data source. The sovereign digital currency operation system may further include a hashing server including the hashing unit (hashing module).

According to the present embodiment, it is possible to provide a sovereign digital currency which is issued non-anonymously, in other words, issued on the assumption that attribute information of a user is acquired, and can be used anonymously by concealing private information. Note that the effects described herein are illustrative, and the embodiments is not limited to the effects.

4. Supplementary Notes
A part or all of the embodiments described above may be described as in the following supplementary notes, but these are not restrictive.

(Supplementary Note 1)
An operation system for a sovereign digital currency with a user identifier, including:
an encryption unit configured to encrypt user profile information of a user using the sovereign digital currency, by using a homomorphic encryption scheme;
an identifier generating unit configured to generate the user identifier corresponding to encrypted user profile information;
a storage configured to store the user identifier with corresponding user profile information encrypted; and
an output unit configured to output the user identifier generated.
With this configuration, user profile information (e.g., KYC) can be associated with a digital currency (e.g., sovereign digital currency) without intervening a bank account.

(Supplementary Note 2)
The operation system according to Supplementary Note 1, wherein
the user profile information includes at least one of personal attributes of the user, personal credit information, personal location information, business office information, management information, equipment and operating conditions of manufacturing facilities, information on hypothecated assets, already issued government bonds information and macroeconomic indexes of government bond issuing countries, and transactional information.

(Supplementary Note 3)
The operation system according to Supplementary Note 1 or 2, wherein
the user profile information and the user identifier are assumed as first user profile information and a first user identifier, respectively,
the operation system further includes
a reference unit configured to receive second user profile information from a trusted third party which identifies the user to provide KYC (Know Your Customer) information, to match with the first user profile information; and
a second identifier generating unit configured to generate a second user identifier indicating at least one of an entity by which the KYC information is certified and data or time when the KYC information is certified, wherein
the storage stores the second user identifier, and
the output unit outputs the second user identifier.
The results of matching in the reference unit may be used for other processing. For example, the second identifier generating unit may generate the second user identifier in a case that the second user profile information from the trusted third party matches with the first user profile information.

(Supplementary Note 4)
The operation system according to Supplementary Note 3, further including
a validation unit configured to confirm coincidence of the first user profile information encrypted in the homomorphic encryption scheme indicated by the first user identifier with the second user profile information indicated by the second identifier.
In this regard, if the first user identifier is tampered with, the first user identifier and the second user identifier does not coincide. Therefore, such falsification can be detected.

(Supplementary Note 5)
The operation system according to any one of Supplementary Notes 1 to 4, further including
a scoring unit configured to generate a credit rating score, based on creditability of the KYC information associated with the second user identifier, wherein
the storage stores the credit rating score with the second user identifier, and
the output unit outputs the credit rating score.

(Supplementary Note 6)
The operation system according to Supplementary Note 5, wherein
the credit rating score is an index for correctness or incorrectness of KYC existence or non-existence of a target person, execution of a procedure for refreshing and/or terminating information including the KYC information, or involvement in illegal act such as money laundering and terrorist finance.

(Supplementary Note 7)
The operation system according to any one of Supplementary Notes 1 to 4, further including
a scoring unit configured to calculate credit rating score which is an index for investments, loans, credit grants, or escrow, based on creditability of KYC information with the user profile and/or transaction history.

(Supplementary Note 8)
The operation system according to any one of Supplementary Notes 5 to 7, wherein
the scoring unit uses a lower order polynomial obtained by linearly approximating a nonlinear function when computing the credit rating score by using deep learning.

(Supplementary Note 9)
The operation system according to any one of Supplementary Notes 1 to 8, further including
a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted.

(Supplementary Note 10)
The operation system according to Supplementary Note 9, further including
a learning unit configured to adjust approximation of a model in machine learning in the classifier to a function.

(Supplementary Note 11)
The operation system according to Supplementary Note 10, wherein
part of an overall operation of the model for computing an inverse matrix is computed by a matrix operation by another server having another decryption key, and
the operation system receives a computation result.

(Supplementary Note 12)
The operation system according to any one of Supplementary Notes 1 to 11, wherein
the output unit discloses the credit rating score obtained, and
the user profile information encrypted is stored in the storage without disclosing to outside.

(Supplementary Note 13)
The operation system according to any one of Supplementary Notes 1 to 12, further including
a hashing unit configured to hash the user identifier with homomorphically encrypted personal data, and add the hashed identifier in a block for a blockchain to store the block in the blockchain.

(Supplementary Note 14)
The operation system according to any one of Supplementary Notes 1 to 13, including
an encryption server including the encryption unit and connected to a location of a client including the user of the sovereign digital currency;
an evaluation server including the scoring unit and computing the credit rating score;
a training server including a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted;
an API server configured to control processing of the encryption server, the evaluation server and the training server; and
a server configured to communicate with an external data source.

(Supplementary Note 15)
An operation method for a sovereign digital currency with a user identifier, the operation method including:
encrypting user profile information of a user using the sovereign digital currency, by using a homomorphic encryption scheme;
generating the user identifier corresponding to encrypted user profile information;
storing the user identifier with corresponding user profile information encrypted; and
outputting the user identifier generated.

As described above, the personal data encrypted in FHE scheme is stored on a blockchain in the embodiments. In the embodiments described above, an identifier (Verified Identifier, V-ID) is issued. Examples of the user include a fund raiser and an investor. The user may be individual, and may be a legal entity such as a company. The homomorphic encryption scheme may be other encryption scheme within the scope of the present invention is not changed.

The present invention is useful, for example, as a social system for issuing a sovereign digital currency, identifying KYC in its operation, meets the AML, and protecting privacy for individual users.

1 Reference module
2 Partitioning module
3 Encryption module
4 Scoring module
5 Model Training module
6 First Identifier generating module
7 Second identifier (VID)generating module
8, 9 Decryption module
10, 11 External cooperation module
12 Validation module
13 Hashing module

Claims (15)

1. An operation system for a sovereign digital currency with a user identifier, comprising:
   an encryption unit configured to encrypt user profile information of a user using the sovereign digital currency, by using a homomorphic encryption scheme;
   an identifier generating unit configured to generate the user identifier corresponding to encrypted user profile information;
   a storage configured to store the user identifier with corresponding user profile information encrypted; and
   an output unit configured to output the user identifier generated.
   
2. The operation system according to claim 1, wherein
   the user profile information includes at least one of personal attributes of the user, personal credit information, personal location information, business office information, management information, equipment and operating conditions of manufacturing facilities, information on hypothecated assets, already issued government bonds information and macroeconomic indexes of government bond issuing countries, and transactional information.
   
3. The operation system according to claim 1 or 2, wherein
   the user profile information and the user identifier are assumed as first user profile information and a first user identifier, respectively,
   the operation system further comprises
   a reference unit configured to receive second user profile information from a trusted third party which identifies the user to provide KYC (Know Your Customer) information, to match with the first user profile information; and
   a second identifier generating unit configured to generate a second user identifier indicating at least one of an entity by which the KYC information is certified and data or time when the KYC information is certified, wherein
   the storage stores the second user identifier, and
   the output unit outputs the second user identifier.
   
4. The operation system according to claim 3, further comprising
   a validation unit configured to confirm coincidence of the first user profile information encrypted in the homomorphic encryption scheme indicated by the first user identifier with the second user profile information indicated by the second identifier.
   
5. The operation system according to any one of claims 1 to 4, further comprising
   a scoring unit configured to generate a credit rating score, based on creditability of the KYC information associated with the second user identifier, wherein
   the storage stores the credit rating score with the second user identifier, and
   the output unit outputs the credit rating score.
   
6. The operation system according to claim 5, wherein
   the credit rating score is an index for correctness or incorrectness of KYC existence or non-existence of a target person, execution of a procedure for refreshing and/or terminating information including the KYC information, or involvement in illegal act such as money laundering and terrorist finance.
   
7. The operation system according to any one of claims 1 to 4, further comprising
   a scoring unit configured to calculate credit rating score which is an index for investments, loans, credit grants, or escrow, based on creditability of KYC information with the user profile and/or transaction history.
   
8. The operation system according to any one of claims 5 to 7, wherein
   the scoring unit uses a lower order polynomial obtained by linearly approximating a nonlinear function when computing the credit rating score by using deep learning.
   
9. The operation system according to any one of claims 1 to 8, further comprising
   a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted.
   
10. The operation system according to claim 9, further comprising
    a learning unit configured to adjust approximation of a model in machine learning in the classifier to a function.
    
11. The operation system according to claim 10, wherein
    part of an overall operation of the model for computing an inverse matrix is computed by a matrix operation by another server having another decryption key, and
    the operation system receives a computation result.
    
12. The operation system according to any one of claims 1 to 11, wherein
    the output unit discloses the credit rating score obtained, and
    the user profile information encrypted is stored in the storage without disclosing to outside.
    
13. The operation system according to any one of claims 1 to 12, further comprising
    a hashing unit configured to hash the user identifier with homomorphically encrypted personal data, and add the hashed identifier in a block for a blockchain to store the block in the blockchain.
    
14. The operation system according to any one of claims 1 to 13, comprising
    an encryption server including the encryption unit and connected to a location of a client including the user of the sovereign digital currency;
    an evaluation server including the scoring unit and computing the credit rating score;
    a training server including a classifier configured to learn training data including user profile information and rating scores encrypted with the fully homomorphic encryption scheme, in a state that the user profile information is encrypted;
    an API server configured to control processing of the encryption server, the evaluation server and the training server; and
    a server configured to communicate with an external data source.
    
15. An operation method for a sovereign digital currency with a user identifier, the operation method comprising:
    encrypting user profile information of a user using the sovereign digital currency, by using a homomorphic encryption scheme;
    generating the user identifier corresponding to encrypted user profile information;
    storing the user identifier with corresponding user profile information encrypted; and
    outputting the user identifier generated.
    
    

Images