Please describe your proposed solution.

<u>Introduction</u>

GLEIF, Global Legal Entity Identifier Foundation, was created in the wake of the 2007/08 economic crisis by the G20 countries to help improve financial stability worldwide and make sure counterparties to transactions could be readily revealed. GLEIF issues Legal Entity Identifiers (LEI) that provides key information about businesses, funds and governmental organizations participating in business transactions, including their name, when they were formed and, crucially, their ownership structure. More than 2.3 millions of Legal Identifiers were issued so far to companies around the world, a number that is rapidly increasing over time as the regulation enforces their use.

Recently, the GLEIF began to issue a verifiable credential called vLEI (verifiable LEI) that allows the assertion of delegation chains and the digital proof of correctness of things like signatures in financial reports. The vLEI allows those Legal Entities to participate in the verifiable credential ecosystem.

Those verifiable credentials are based on a fully Decentralized Identity technology called KERI/ACDC that requires supporting witnesses to provide a second source of trust. On Fund 9, rootsID got funded to develop the first Proof of Concept for a KERI witness on a blockchain, a project that was delivered successfully on time.

<u>Our Goal</u>

Our goal is to make Cardano the best alternative as a witness for legal entities that participate in the vLEI GLEIF ecosystem. Those credentials, also called as Organizational Identities, provide a person or thing to prove their authority to represent an organization outside the boundaries of that organization. As this medium article explains, “when the authority of a person or thing claiming it can be instantly verified, the world will be different…

• The authenticity of any digital document, agreement, purchase order, filing, or other piece of data will be instantly verifiable;
• Phone calls, texts, email, and other digital communications originating from authorized representatives (or devices) of an organization — or any delegate from that organization — will be instantly verifiable;
• Some documents will prevent signing and some systems won’t be accessible without the expected authority (a parallel to access control lists);
• The authority of every approval, signature, or other digital action in a supply chain will be instantly verifiable by downstream actors, and irrefutably auditable in real-time;
• Authority will be verified before identity in most interactions, and identity not at all in many;”

All those use cases and any other that you can imagine need to be backed by a network of digital trusted witnesses or notaries. Cardano blockchain, with its extensive decentralization and scalability properties, is an unbeatable option to be selected by those Organization.

<u>Our Solution</u>

We propose to create a KERI Super Watcher to monitor Key Event Logs (KEL) captured by witnesses and analyzes for suspicious activity that need to be reported to verifiers.

In order to understand what a Super Watcher does, we will explain briefly the following concepts:

• The key events are produced por Organizational Identifiers when keys are rotated, verifiable credentials are issued or revoked or when other information needs to be anchored in the identifier.
• All those events are notarized by a set of witnesses selected by the Organization. An example of a witness is our PoC KERI backer developed as a funded proposal on Fund 9, that we are also proposing to improve in Fund 10.
• A verifier is someone that need to verify a signature as in a verifiable credential or a document for example, and decide if it's authentic, valid and if belongs to the Organizational Identity in question.

A Super Watcher is a service that can be used by verifiers to protect against duplicity events and malicious activity. It's under the verifier control instead of the Organizational Identifier control. It's an observer that acts as a Jury when divergence, inconsistent or suspicious activity is detected. Hence, the goal of the Super Watcher is to detect dishonest identity controllers or malicious third party may have exploited vulnerabilities on the controller of the identifier.

This proposal is to develop and host the first Super Watcher for the vLEI GLEIF ecosystem. It will be designed to provide the following funcitonalities:

• watch and analyze Key Event submitted to the Cardano Blockchain by witnesses
• watch and analyze Key Events available by public witnesses (such as GLEIF witnesses)
• Report suspicious activity
• Discovery of Identifiers participating in GLEIF ecosystem
• Verify signatures

The service will be hosted in RootsID AWS cloud instance and will be available for queries from verifiers.

How does your proposed solution address the challenge and what benefits will this bring to the Cardano ecosystem?

GLEIF vLEI ecosystem is being adopted globally and as the number of participating companies grows, it will increase the use of verifiable credentials that enables a smarter, less costly and more reliable way to make decisions about who to do business with.

We believe that if we can position Cardano as a first option for a witness to their Legal Identifiers, the adoption and usage of vLEIs will directly impact in the adoption and promotion of Cardano. That is the business value that we are envision to generate to Cardano with this project.

In regards to the Challenge P&I, we'll be providing a product in the Decentralized Identity space designed for the vLEI GLEIF ecosystem cited before. This products is also part, but independent, of this proposal in Fund 10 towards the same goal. We strongly believe the the integration of Cardano with the GLEIF ecosystem is of mutual benefit.

How do you intend to measure the success of your project?

The immediate direct measurement of success of this project is to have a Super Watcher instance deployed in mainnet with real Legal Entities Identifiers using it as their witness.

In the long run expect to see increasing use Cardano by inspecting:

• numbers of identifiers witnesses by Cardano
• number of transaction events submitted by those identifiers

The immediate direct measurement of success of this project is to have our own Super Watcher instance deployed in mainnet with real Organizational Identifiers using it as their witness.

In the long run expect to see increasing use Cardano by inspecting:

• numbers of organizations witnesses by Cardano
• number of transaction events submitted by those organization
• number of credentials issued by those organizations
• number of witness instances deployed in Cardano mainnet
• number of suspicious events detected
• number of queries received
• number of signatures verified

There’s also a less quantifiable measurement of success that corresponds to the growth of visibility of Cardano blockchain and the benefits and assurance it can provide for the organizations that participate in the vLEI GLEIF ecosystem.

Please describe your plans to share the outputs and results of your project?

We are engaged actively in the KERI community attending weekly meetings where we have the opportunity to show and demo our contributions. Additionally, as we also provide technical services to GLEIF and have a direct relationship with them, we will promote the Super Watcher to became part of the recommendations in GLEIF Governance Framework.

Additionally, we are in conversations with the Cardano Foundation to deploy its own instance of the Super Watcher and help promote the adoption.

What is your capability to deliver your project with high levels of trust and accountability?

The RootsID team has been delivering Open Source building blocks for the Self-Sovereign Identity ecosystem in Cardano. We have been funded in several Catalyst projects since Fund 6. Our funded proposal are listed in our web page and also in lidonation, where you can find that we have delivered successfully and on time 18 out of 19 funded proposals. Proposal links, reports, and final videos can be found in those links.

The team is constantly engaged in all Self Sovereign Identity Cardano activities such as Atala Prism Astros, Atala Prism Pioneer Program, Prism+SSI After Town Hall break rooms, and meeting periodically with partners or related Catalyst projects with the aim of collaboration and help adoption and growth of Cardano in the Identity world.

Additionally, the team participates actively in the worldwide SSI community by attending and collaborating to several working groups in the Decentralized Identity Foundation, the Hyperledger foundation, the Trust over IP foundation, and the KERI community.

We’ve been providing technical services and consultancy on Decentralized Identity to several companies and organizations including:

• IOG
• Cardano Foundation
• GLEIF

What are the main goals for the project and how will you validate if your approach is feasible?

The main goal of the project is to deliver an open source production ready KERI witness on Cardano for the GLEIF ecosystem. Since this is a continuation improvement project from a funded proposal on Fund 9 where the objective was to deliver a Proof of Concept, we are using the successful outcome achieved as a validation of feasibility of what we are proposing.

Now we are proposing to deliver a Super Watcher that its an overlay on witnesses, but follows the same principles as the witness.

Since the last project, we have been focused on learning and contributing to the open source KERI stack. We delivered most of the code for Signify-TS, a TypeScript tooling for KERI, and important contributions to KERIA. We are comfortable with our knowledge to build this new service. Additionally, since we participate actively in the KERI community, we are counting with the support of the experts in case it’s necessarily.

Our cloud instance will have a public web page with a dashboard to track usage metrics.

Please provide a detailed breakdown of your project’s milestones and each of the main tasks or activities to reach the milestone plus the expected timeline for the delivery.

Project plan consist of the following three milestones and activities with its corresponding duration:

Milestone 1:

• Design: 1 weeks
• Documentation: 1 week
• Project planning and task allocation: 1 week

Milestone 2:

• Development: 5 weeks

Milestone 3:

• DevOps and deployment: 2 weeks
• Test and improvement iterations: 2 weeks

TOTAL DURATION: 12 weeks

The high-level scope of each of the six activities from above is composed by:

• Design: this is a technical design of the architecture and the proposed features.
• Documentation: documentation on how the witness interacts with the Cardano blockchain and how the service should be deployed and maintained
• Project planning and task allocation: definition of individual development and operational task using an Agile methodology and allocation to developers and devops.
• Development: actual development and coding activities as defined previously
• Deployment: containerization and deployment of the service in RootsID AWS cloud instance in both test/preview and main net
• Test and improvements: iteration cycle of testing and improving performance and reliability

Please describe the deliverables, outputs and intended outcomes of each milestone.

The deliverables of this projects are:

• Milestone 1: the design documentation of the project available in a public GitHub repository as well as issued created for each individual task
• Milestone 2: the open source code of the KERI Super Watcher available in an our public GitHub repository. Note that most part of the code will be open source but may be required for some part to be private.
• Milestone 3: a working cloud instance hosted on AWS pointing to mainnet

Additionally, this team adopts Agile methodology based on the tools provided by Github. Besides progress reports, the advancement will be tracked by public Github issues, project views (like Kanban board) and commits. Intermediate progress will be reported as Sprint Burndown, a KPI metric that shows the progress in percentage of each development sprint.

Please provide a detailed budget breakdown of the proposed work and resources.

Budget is mostly composed of development hours at a ratio of $100/hr (aprox ₳400/hr), plus the hosting costs. Based on the activities defined above the requested breakdown budget is:

• Design: 20hr = $2.000 = ₳8.000
• Documentation: 20hr = $2.000 = ₳8.000
• Project Plan: 20hr = $2.000 = ₳8.000
• Development: 300hr = $30.000= ₳120.000
• DevOps tasks: 50hs= $5.000 = ₳20.000
• Test and improvement iterations: 50hr = $5.000 = ₳20.000
• Yearly AWS instance: $500 = ₳2.000
• Domain name + SSL: $25 = ₳100

TOTAL BUDGET: $46.525 = ₳186.100

Who is in the project team and what are their roles?

This project will be delivered by:

Rodolfo Miranda is a co-founder of RootsID and contributor on several of our projects, including RootsWallet.

His background includes a MS EE degree at Stanford University and more than 25 years of successful work experience in both large multinational companies and owned startup projects. His main activities involve architecting, developing, and implementing large scale software solutions for the Telecommunication Industry. Lately, he was engaged in blockchain technologies and became an enthusiast of Self Sovereign Identity. He’s an active contributor in the Aries, DIDComm, KERI and Anoncreds Working Groups.

He’s also involved in the Cardano Community, participating as a veteran Proposal Advisor, member of the LATAM Cardano Community, and the Cardano Community SSI Alliance.

LinkedIn

Lance Byrd is a co-founder of RootsID, a group of decentralized identity specialists building open source software for digital identity. Several of their projects have been funded by Catalyst. He is primarly focused on RootsWallet, the end-user identity wallet.

His background includes a BS in Computer Science (UMBC) and MS in Information Assurance (Capitol College) and more than 22 years of software development as a consultant. He has developed massive scale data analytics and visualizations, machine learning analysis pipelines, and worked with University researchers to bring their work to market. He has also built and taught technical certification courses for several different topics in data analysis, big data, and compliance.

He completed the first cohort of the Atala Prism Pioneer program and is now part of the Atala Prism Astros program.

Linkedin

Alex Andrei is an experienced open source developer who has a passion for architecting decentralized data solutions. With vast knowledge and expertise in data, Alex is able to create, secure, and scale systems that have the most demanding needs . He’s currently working on the open source identity wallet, RootsWallet. He’s actively participating on standards at Hyperledger, DIF and IETF.

Linkedin

Rodolfo will be leading the project counting with Alex and Lace as supporting developers of KERI technology. We are also including two extra developers currently working for RootsID that will help with the efforts of UI design and DecOps.

Since we are participating in 7 proposals, we carefully planned time allocation for each of us. We defined our individual commitment per week as if all of the proposals are funded including extra activities. Based on that, we defined the allocation per proposal for each of us needed to deliver the proposal in time.

How does the cost of the project represent value for money for the Cardano ecosystem?

The cost of the project goes directly for the development of an open source product that can be deployed by anyone interested. Likewise, we envision that the product will help onboard Legal Entities/Organizations that participate in the vLEI GLEIF ecosystem. The real value is provided when those Organizations anchors their Organizational Identities in Cardano, producing actual transactions in the blockchain that contribute in the trustfulness of their business operations. By this means, not only the transactions fees contribute to the Cardano ecosystem, but also consolidates the benefits of Cardano Busines community.