Blockchain

Contents

DG CNECT

DG FISMA - OTC trading

Demonstrator (2017-2018)

DG FISMA - European Financial Transparency Gateway (EFTG)

Proof of Concept (2019)

  • EFTG.EU - portal POC, based on Steem
    • uses witnesses, nodes that produce and seal 'blocks' and add them to the blockchain
    • witnesses are selected by approval voting
  • EFTG.EU - testsite

Demonstrator (2018)

Google Cloud Deployment (PwC) OAM DLT nodes EFTG portal OAM client application (Java simulator)

Sourcecode Public portal for for January 26, 2018 demonstration (AWS, managed by EC) Other info

Other

PwC

  • FIDES - blockchain notary by PwC

Energy and utilities

Customs

  • DG TAXUD - customs on Hyperledger Fabric - Excise Movement Control System
  • DG TAXUD - Excise Movement Control System (accijns)

European Blockchain Partnership (EBP)

  • CEF Digital EBP homepage
    • Policy Group, Technical Group (including TechGov/Security)
    • Legal Social Economic Group
    • Use Case Groups
    • Node overview
    • And more: common documents, terminology, early adopters, ...

Conferences

CEF EBSI public domain info

Other EBSI public info

EBSI v2 Early Adopter Program

DIGIT

DIGIT admin

EBSI project management

EBSI service desk

DIGIT EBSI software assets

  • EBSI BitBucket - code repository
  • Uport - useful basis
  • Uport - Ethereum DID registry - the Ethereum contract code that allows the owner of an ethr-did identity to update the attributes that appear in its DID-document. Exposes an API to call the contract functions using Javascript.
  • DID/Ethereum JS modules - NPMjs.com - Albert Solana
  • app-jwt - library to create sessions between Apps registered in the EBSI Trusted App Registry.
  • validate DID - library to use ethereum addresses as self managed DIDs and wrap them in a DID Document

EBSI trust

Trusted Issuer Registry legal analysis and agreement Verifiable Attestation Diploma Service Agreement GDPR: SSI user's information notice

EBSI legal landing pages

Legal 'Get started with EBSI' - legal assessment reports

  • Legal assessment reports
    • ESSIF Onboarding Service (EOS) legal analysis
      • For the scope of EBSI 2.0 the service of onboarding users to self-create the DIDs will be referred to semantically as “ESSIF onboarding service”, not as “Trusted Registration Authority" which insinuates the involvement of a public authority.
      • For the scope of EBSI 2.0 it will not be required that the onboard service involves a real name identification of users to create DIDs. It will be a service, not a certification.
    • SSI eIDAS report - drill down
      • Part 1 Introduction to SSI
      • Part 2 eDIAS
      • Part 3 Legal scenarios related to SSI and eIDAS
        • General considerations:
          • extend ESSIF to legal persons
          • assert VC as equal to electronic documents
          • a NP's DID is a pseudonym
          • a LP's DID is most likely an asset property of the legal person
          • it can be imagined DID are used for authentication or signing
        • Very short term: use of notified eID means/QCs to issue VCs, role of eIDAS bridge and eIDAS nodes
        • Short term: use of Verifiable IDs as eIDAS means, issuance of QCs based on DIDs
        • Mid-to-Long term:
          • Extension of eIDAS notification to Verifiable Attestations
          • Issuance of Verifiable Attestations as a trust service
          • Regulation of Identity Hubs as a trust service
          • Regulation delegated key management as a trust service
          • Regulation of specify types of DLT-Nodes as a trust service
    • GDRP report - drill down

Overview of actors - 'Use case governance/trust model'

Agreements

Legal/technical

EBSI versions and environments

EBSI V2 on CEF Digital wiki (eu login)

EBSI V2 Functional aspects

High Level Scope/subscopes
EBSI V2 RFCs
EBSI V2 Architecture
EBSI V2 RFCs/transition
Functional documentation for all UCs (table of content provides a detailed breakdown)
Functional documentation ESSIF
Some materials related to the topic of correlation/traceability-related:
  • Business-level -- On DID-correlation:
    • https://www.w3.org/TR/did-core/#did-document-correlation-risks
    • https://www.w3.org/TR/did-core/#herd-privacy
    • https://www.w3.org/TR/did-core/#service-privacy
  • Blockchain-/Transaction-level – On anonymity of blockchain transactions:
    • https://arxiv.org/ftp/arxiv/papers/1510/1510.07782.pdf
    • https://ieeexplore.ieee.org/document/9012681
    • https://ledgerops.com/blog/blockchains-arent-anonymous-but-they-can-be-05-01-2019/
    • https://www.sciencemag.org/news/2016/03/why-criminals-cant-hide-behind-bitcoin
Functional documentation Diploma
Functional documentation Notarisation
See webex slides.
Functional documentation TDS
This use-case was originally proposed by the European Court of Auditors (ECA) with the aim to develop a blockchain-based Registry that could provide beneficiaries of EU funds with a tool to systematically notarise audit-relevant documents (e.g. invoices, proof of payments, supporting documents, bids, etc.), thus creating a trusted, fully digital audit-trail linked to the EU budget spending. Such a registry, which acts as a TDS service, can be generalised and its use can be extended beyond the scope of the audit of EU funds.

TDS:for the purposes of this use case, the TDS of a certain input (document and its metadata) shall be intended as the recording on blockchain(s) of an hash generated from that input. The imprint can be used at a later stage as immutable proof of authenticity/integrity of a given file. (source: https://ec.europa.eu/cefdigital/wiki/display/EBP/7.+TDS_Use+Cases+Requirements+Submission+Template+Document)

Originally started by the ECA, later extended to TAXUD's IOSS-DR (Import One-Stop Shop).
Wallet
eIDAS bridge/sealing

EBSI V2 Ledger

Besu
Fabric

EBSI V2 Risk management

EBSI V2 Technical governance and security

EBSI V2 Technical governance
EBSI V2 Security
EBSI V2 security deliverables - WIP
EBSI V2 security - preparation
  • EBSI V2 security-related RFCs
  • EBSI V2 security
    • EBSI V2 Security Requirements, last seen at https://ec.europa.eu/cefdigital/wiki/display/BLOCKCHAININT/EBSI+V2+Security+Requirements(see also user journey pages)
    • EBSI V2 Security Guidelines, last seen at https://ec.europa.eu/cefdigital/wiki/display/BLOCKCHAININT/RFC+-+EBSI+V2+Security+Guidelines
  • EBSI V2 Security and crypto (Iulian), last seen at https://ec.europa.eu/cefdigital/wiki/display/BLOCKCHAININT/RFC+-+Security+and+Cryptography+of+each+component+in+the+architecture
  • Other
  • PreProd DNS round-robin demo

Jira

Overviews

  • JIRA - Tracker - System Dashboard, beyond EBSI
    • Select 'Boards' then 'EBSIINT-scrum'
    • On the left then select 'backlog', 'active sprints' or 'reports'
  • JIRA - EBSIINT tracker includes Kanban board, issues, tests, reports, ...
    • Two views: Activity and Statistics (from where you can drill down)

  • JIRA - EBSIINT tracker RapidBoard, Product Backlog

Issues - EBSI V1

Issues - EBSI ITSRM2

  • EBSIINT-635 creation of the EBSI ITSRM2 documentation processes for P1 (System Security Characterisation) and P2 (Primary Assets), and the creation of an initial first Security Plan.consists of subtasks (which are issues themselves):
    • -833 P1 System description, -834 P1 Roles and organisation, -835 P1 Constraints and measures
    • -836 P2 Primary assets, inventory, -837 Impact scenarios
    • -838 Security plan, risk acceptance criteria, -839 Security plan

Issues - EBSI V2

  • EBSIINT-1309- brief developers on security
  • EBSIINT-827- Tech Governance definition with EBP Tech Reps and EBSI Architecture, should produce:
    • EBSI Technical Governance Guiding Principles
    • EBSI TechGov Decision-making bodies
    • EBSI V2 Technical Governance Rules
    • EBSI V2 Technical Governance Operational Guidelines
    • EBSI V2 Technical Governance Node Operator Terms & Conditions Guidance

  • EBSIINT-1323 - approach 'from business to technology'
  • EBSIINT-592 - EBSI V2 mapping component to capabilities (+gap analysis).
    • Creates Functional and technical capability map
    • Creates Requirements and Capability maps - terminology:
      • Requirements are specified from Use Cases down to User Stories, made up of Steps (this is unsettled)
        • EBSI V1 has 4 Use Cases: ESSIF, Diploma, Notarisation and TDS
        • Use Cases are described in Journeys, providing an end-to-end description of the Use Case
        • Journeys are made up of User Stories (e.g. request diploma, issue diploma, receive diploma) - e.g. In order to start using ESBI services, as a Legal Entity, I can Setup My EBSI Enterprise Wallet
        • User Stories are made up of Steps, described in Gherkin:
          • Feature: Setup My EBSI Enterprise Wallet
          • Given I'm IT Administrator of the IT Infrastructure of the Legal Entity
          • And I have the required administrative right on the servers
          • And I have connection to Internet
          • When I start the setup of my Enterprise Wallet
          • And I download the EBSI Enterprise Wallet installation code on a specific URL
          • And I launch the installation of the Wallet on my server
          • And I define a new password to protect the access to the wallet
          • And I write a recovery passphrase in case I lose my password
          • And I receive setup successful message
          • Then my EBSI Enterprise Wallet is installed
      • Capabilities implement what is required. For this purpose, User Stories are mapped onto Capabilities of the EBSI platform

  • EBSIINT-1030- ticket for Sprint 4 security work as per KA
    • Oddly enought it's called 'DID-method / VC-Registries on Distributes Databases or Ledgers - security assessment', while it should be related to a user journey such as ESSIF onboarding of a natural/legal person
  • EBSIINT-1048- ticket for Sprint 4 security work as per KA
    • Oddly enought it's called 'As a user I can access the EBSI wallet (citizen) (configure ESSIF agent) - security assessment', while it should be related to a user journey ...

  • EBSIINT-1381 - assessment of eIDAS impact on EBSI architecture
  • EBSIINT-2639 - EBSI V2 Security Management Guidelines
  • EBSIINT-2998- ticket for RFC on production 'dry-run' scoping as per KA