Over 3.6 billion people worldwide do not have access to crypto- and other digital assets because they do not have a smartphone. In emerging markets, roughly half of the population is affected. In many countries digital exclusion is worse than financial exclusion. Existing approaches to ensure universal access to digital assets all struggle with a variation of the same problem: how can custodial wallet providers prove that they cannot intercept users' private keys? As long as users have smartphones, the solution is to have the smartphone store the key. But users without smartphones have to ensure that their private keys are not only securely stored, but processed in a way that no third party can intercept them.
This issue is particularly prevalent for central bank digital currencies that are designed as legal tender and therefore require universal adoption, even and especially by users who do not have smartphones. The inability of users without smartphones to access digital assets has divided people into a group of early adopters that will benefit greatly from the success of private and public crypto, and those that have been left out.
Our vision is to eliminate this digital divide.
What it does
Our approach to provide universal access relies on one simple fact: even users who do not own smartphones occasionally encounter users who do have a smartphone. We have built a smartphone-based connector app that allows anyone to act as a payments facilitator (i.e. a connector) for users who do not have smartphones. Users without smartphones can go to a connector and use a QR code to connect with their custodial wallet hosted with Nautilus. They can then initiate payments on the XRP ledger.
Our wallet works somewhat similar to a ride-hailing app. Anyone can register as a connector (the driver in the ride-hailing example) and facilitate payments (rides) between any two users. Connectors are being paid a fee for their services. Payments will mostly be initiated using cash, which is very similar to how M-PESA and other payment providers operate across Africa with great success.
How we built it
To ensure that neither the connector nor Nautilus can intercept a users' private keys, we use a Trusted Execution Environment hosted by Nautilus. This allows us to not only promise users to not intercept their private keys (e.g. by making our source code available), but to prove to them which version of the source code we are running. This gives users without smartphone the guarantee that Nautilus cannot intercept their private keys. By using a TEE deployed on Microsoft Azure, we also eliminate the need to build large smartphone apps. Our connector app is, effectively, a web interface to our trusted execution environment, further broadening access to e.g. users on a desktop computer.
Challenges we ran into
There are two main challenges when working with trusted execution environments: Complexity and scalability. The complexity of building a service using a TEE is much higher than the complexity of building the exact same service using a normal cloud service with centralized API and database. Solving this additional complexity has been our main challenge. Scalability is the other challenge. TEEs provide only very limited memory to execute trusted applications. This means that all data needs to be stored outside the TEE encrypted with the TEE's private key (which is inaccessible for Nautilus). Consequently, the TEE needs to seal and unseal this data and process users' private keys upon their request to interact with the blockchain.
TEEs pose a number of secondary challenges as well: (i) It is impossible to persist data within a TEE; (ii) TEEs have no internal concept of time; (iii) TEEs are significantly more expensive than normal cloud storage; and (iv) Our version of Intel SGX requires the use of Rust, but not all blockchains provide a Rust SDK.
Accomplishments that we're proud of
Arguably our proudest accomplishment is to build the system so it scales to the nation-state level. In our benchmark tests, we achieve 350 operations per second per core. For a country like South Africa, with roughly 60 million users, assuming two initiated payments per person per day, the system needs to process roughly 1,400 operations per second. We can achieve this comfortably with only four cores at a monthly cost of about $2,000.
What we learned
During this hackathon we learned a lot about trusted execution environments and the XRP ledger. Our application is cross-chain compatible which enables us to turn link every connector to a centralized and decentralized exchanges, providing universal access not only for all kinds of users, but also to all kinds of assets.
What's next for Nautilus
We have already made great strides towards adding a full KYC process and two factor authentication using SMS. We will eventually also have an integration with whatsapp and, importantly facilitate access to both central bank digital currencies as well as private crypto assets, including non-fungible tokens.