Internet Engineering Task Force IETF 115, 10 Nov 2022

Previous Meeting Next Meeting

⏯

youtube image

►

From YouTube: IETF115-SATP-20221110-1300

Description

SATP meeting session at IETF115
2022/11/10 1300

https://datatracker.ietf.org/meeting/115/proceedings/

A

So we are at time I'm going to give it another minute or two just because after lunch, everybody trails in- and we have plenty of time today- so I'm not too worried about the time.

A

Okay: let's go ahead and get started. This is the secure asset transfer protocol buff. My name is Wes hardiker and um we are. We have a there's, a mailing list. It's actually sat, not sat P just in case anybody wants to try and join it.

A

uh This is the introduction we're going to go through a few things. First, of course, thank you to Dennis, who agreed to take notes. I would love it if somebody else would help him out, because it's always a hard job. The the note taking link inside the agenda makes it very very easy to take notes, so please help them out. If you're able, uh we'll have four sort of major sections for the the information presentation for today, uh there will be.

A

You know one just about the problem: space and goals by Thomas kind of describe the use case with supply chain trade and then there'll be another use case with regulated uh Finance sort of transactions that the proponents believe. This was a good use case for and then we'll have a status report on sort of what's happening if we had a buff at our ETF 114, and the proponents uh took a lot of the advice that came from the room found it very helpful, they've been meeting frequently talking frequently and I've talked to them as well.

A

Some um so we'll have we'll get some updates on what has been done since 114.

A

and then finally, there's a lot of time for open discussion for the problem space and proposed starting Solutions I do want to hold the questions to sort of clarifying questions first um and then we'll actually have the open discussion about. You know the typical questions of. uh Is this a the what's the right outcome for the spot, um but so for the the middle part. Just please ask clarifying questions which I'll reiterate as time goes on I'm sure. Most of you are well familiar with the note.

A

Well, since this is now midday Thursday and we're not too far from the end of the conference. uh If you don't know it anything, you contribute uh will be used and recorded and that's part of the record, so uh there's a list of BCPS that will help. You understand things that include IPS and working group processes and copyrights and all that type of stuff Please, be aware of it.

A

Remember that we do have a code of conduct guidelines that includes wearing a mask, we'll see what happens at the end of this meeting. But during this meeting we have all agreed by consensus to wear masks. So please everybody do wear a mask the entire time. You can see that I'm speaking even with it. You can probably hear me pretty well, so you can actually use one at a microphone, but you're you're allowed to take it off at a microphone.

A

If you need be, if you're up front reminder, the session is being recorded, um so both in person and remote participants will be recorded, uh the the buff will be posted on YouTube, like the last one was so make sure that you you are aware of that.

A

The important takeaways for this buff are is this a problem that needs to be solving? Is the ietf the right place, for it? Are there enough participants that are willing and able to help in terms of both reviewing and editing, and all that type of stuff? Is the scope well defined?

A

Are the deliverables and the output puts expected to be correct, and is the working group likely to succeed we'll come back to those questions, so we're going to start now with the problem and proposed starting solution section which will start with Thomas and the set P problem space and goals.

B

Can people hear me okay, get a little closer, a little closer, okay, um okay and um Waze is going to yeah run this place. Thank you um yeah, so yeah, so sorry um yeah. So so some of you who attended the Philly ietf might recognize a couple of these slides I'm just going to go through and recap some of the presentations and the inputs, the good inputs we received in Philadelphia- and you know, we've Incorporated those inputs pretty much every one of them and made us.

B

We rethink rewrite some of the slides, because I think some of the some of the words were not conveying what you know what we meant to say next slide, please uh so so this is probably you know. I put this in just to clarify that that you know we have a growing number of digital asset networks. They all run on the internet. uh Many of the uh next generation of developers may not even realize that many of the you know features and protocols actually run over iitf rfcs right ifs standards.

B

So um this um this fact that that this is just a large growth and there's a lot of proprietary stuff out. There introduces a number of interesting security challenges and, of course, data privacy challenges, uh and you know my solution to this as well. You know go back to the ITF and you know do what the ITF is is best doing, namely producing written technical standards and and and goal is for interoperability of these Networks uh next slide am I, am I speaking loud enough for people online.

B

So so, uh when we say Network interoperability, the goal really is to move across a digital asset and there's a definition of a digital asset is across from one network to another, satisfying certain conditions such as you know, atomicity, consistency and so on today. What we're seeing in the industry is that people are doing just bilateral agreements and to me this, this is like the mid 90s. When we have multiple isps and isps, you should do you know bilateral peering agreements, it's almost like that today, and there are a number of other.

B

You know proprietary transfer protocols that they're being used, but again it's only for bilateral connections. So really, this is kind of a lack of written standards that financial institutions and other organizations can point to and mandate compliance of implementations. The lack of those standards are inhibiting the industry it's like. Well, you know we don't want to enter Because. If something goes wrong, we lose money, we lose assets. You know, let's just wait and I think this is a great opportunity for the ITF as a Community to actually contribute.

B

You know to the world, particularly in in the context of interop next slide next, so this is from Philly Philadelphia, so so, where there's so many types and kinds of digital assets, so we're using the term value-bearing data objects. So you have a value-bearing data, object in one network and you're trying to move it across to another Network, so that entails uh recreating exact copy on another Network and deleting or invalidating the original copy.

B

And so you need this condition that there can only be one at any one time and it needs to satisfy the asset property at atomicity consistency, isolation, durability.

B

This is your your database textbook, you know, and freshman or Junior textbook, and the transfer must be verifiable by an authorized third party, because it's got to be disputes and you need to be able to bring in an auditor or something like that that can replay and look at the traces of the transfer and say yes, you know did not happen, A Fault happen or a bug happened, or somebody was dishonest right. So that's that's a key requirement.

B

Next one, and so this is um the proposed scope- is the yellow area in the middle. So people ask me all the time what about the networks? Well, there's just too many types of networks and new ones are coming up all the time and to me this is uh if you're old enough. This is the Lan problem, if you guys remember IBM, sna networks and decnet and ethernet, you know who won that battle ethernet, but this is also exactly like interdomain and intra domain routing right.

B

So what we're saying in in our language the yellow bit is, is the bgp protocol right? Are we going to Define what a router is? The Gateway is not we're, not we're not going to build gateways; we don't know how to build gateways. That's that's. You know, implement this problem. What we're going to do is Define the interaction between the gateways and that's that's the yellow, bit um and I think this is.

B

This is the best thing for the industry as a whole, because the industry itself is still emerging and evolving in new types of networks are being created right. So we don't want to touch that. Let the market decide which type of network wins wins the day. That's fine, that's fine with me, but we want to ensure interoperability across these types of of Networks.

B

Thank you so so this is, you know just some some basic. You know assumptions uh for this: uh the yellow bit to run, which is um both that we need to share some common understanding, semantics of the data objects and and validity. What does valid mean all right? So so that's we assume this exists, because we can't impose this on the networks uh for our own design print principles. We assume the networks are opaque, so you might hear the word. Permissioned access, controlled, private.

B

Those are the terms that sometimes they use I like to use the word opaque because it refers to the data objects inside those networks. We can't we're designing for the worst case scenario, when both sides are opaque. It's nice, if both sides are open and so on, but and I when I explain this to people, I, sometimes point to just my own ISP. You know: cable, Last, Mile provider in Boston, I can't see into my ISP writing table right unless I they give me authorization so so, and I have to explain to the the undergrads.

B

uh The internet is is not the one long contiguous public network, the internet is a sequence of private isps in this backbone, fiber everywhere right. So you guys know. I'd have to tell you guys this, but we're trying to um use the same design principles that that got us the internet and the scalable scalable internet for sappy.

B

uh The third one is gateways are assumed to be trusted. We have it. We have to assume that the trusted to even begin this protocol in reality, what's going to happen, is Gateway operators need to take on liability if they screw up the thing crashes if they lose an asset they have to sign on. This is to me this is exactly like a CA, a PKA CA issuing certs right if they screw up.

B

If you know people here from various and if you screw up, you lose somebody's public key, there's a big contract there that says you're you're liable to a million dollars. 10 million dollars right all that stuff, yes, I, I wrote, I, wrote I was co-author of the verisign 100 page certificate practices statement. It's now down to the Cincinnati about it. It's like 80 pages, and this warranties there's lines there and in fact those.

A

So so that's not.

B

That's not that's, not the one Rat Hole here, that's not the strike, so the other thing that's needed is that there are cases where you don't want to move an asset. You just want to extract information out, so we've been using the term views, so somebody from outside might say: Hey. You know it could be an auditor, it could be. The government say we want to see this particular transaction on this date. On this particular record, can you extract it out? There's also the function of a grade, so it's not moving value.

B

It's just extracting information out. We some we call it. Data sharing or you know, view sharing it's kind of the same thing next, one um yeah. So this is um motherboard apple pie, so we're just we're just copying uh the architecture of basically intra domain inter domain, and the last bullet is the important thing that that, for scalability reasons, the Gateway needs to hide whatever's behind it. Just like a bgp router hides the fact that you know a domain might be running. You know ospf rip, one Ripley, we don't see it from the outside.

B

In fact, the outside doesn't doesn't really care next slide.

B

So so this is this set of documents that we propose as the starting point. A lot of them are version zero. A lot of them have holes. It is I like the the the SAT core has like blank sections with the word TBD in it, which is, which is fine, uh we're sort of taking our time there uh and um encourage you to read the architecture document, because it explains some of the design principles that we're stealing from the design of of the internet architecture.

B

um I think this is the slide last slide. Okay, any clarifying questions.

A

C

Yeah thanks: can you just talk a little bit more about when you say the gateways need to be trusted like trusted by whom, what's the trust right.

B

Right so so it needs to be trusted to function as a uh implementer of the SAT B protocol. All right, so it needs to have keys it's going to be signing stuff right, so we have no, it's not in our power to say to an implementer. This is how you're going to manage your your private Keys you're, going to use a TPM chip or you're going to use whatever an sgx capable Hardware, but we have to assume that both sides- Gateway G1 and G2- have done enough exchange of information before the flow occurs.

B

That both sides are understanding that so make it even simpler gateways have say: certificates, x509, inserts, The, Exchange certs. They understand the search belong to Legal organizations. You know financial institutions branded financial institutions and they agree to proceed now so so when we say trust trust to be running the protocol correctly, how how they manage keys, for example,.

A

B

A

We can't say so: can you drop a hint about I? Think it's in your later slides, but one of your assumptions has to do with you expect some sort of agreement between gateways or between networks. It's just like there's agreements today between routers right. All bgp sessions usually have some sort of mou or something at least right.

B

So so we've grouped the assumptions into like three groupings. The first one is the identity of the the Alice Bob, the originator and the receiver and the Gateway operator. So there's four four people four entities there. We assume that the identities have been resolved, that they know each other. The Gateway providers know each other, that's grouping one grouping two, they understand the type and kind of the digital asset being moved, or so they understand. What's what's happening, it's not that K. There's this blob coming across. We don't know what that means.

B

So that's that's assumed and then the third one is um there's some legal framework to guide them just the way, and it's a it's a bad analogy: the CPS statement for X5 owner it's a legal document today in many trading networks uh in the financial institution they have agreements and contracts between networks, so we assume I mean they exist, but not in this space. But for this new type of digital asset, new type of you know um Network. We assume they also exist.

B

So those are three groupings that we've just it's like: identity management is beyond us. It's we can't solve that. Probably assuming already exists.

D

Eric, can you clarify what you mean by auditability in particular, are you auditing for double spending.

B

Can I clarify you.

D

Said you said this can be externally audited. Yeah, my question is: is is what are the guarantees we're attempting to apply here so.

B

So the idea of audit here is that if uh there is some kind of suspicious activity occurring right, this is what happens today in the real world. Okay, if if there is a unusual uh transaction patterns across, say the Swift network uh and huge amounts of money moving suddenly and there's a there's, a the trends, look there's an anomaly there. uh The uh the end FBI I, think is whoever issues SARS warrants.

B

They can issue a war and say we want to look at that particular transaction right, so so they must be able to come in and the Gateway providers and network members might be able and Alice and Bob. They have to be able to say here's the transaction that occurred on November 1st at 1am. This is what you know. This is what it is. So then they need to be able to look at that.

D

Wow, that's not really what I'm not expecting you to say: um I, wouldn't call it audibility I call it surveillance. um These are quite different concepts. So.

E

B

Yeah, well, you could, you could argue, Swift is also being surveilled and and the credit card networks are being surveilled, we're not trying to solve that problem. That's a that's! That's above my pay grade so well,.

D

I I guess what I'm pushing on is that being a requirement, as opposed to not trying to solve? It is different from being a requirement.

D

So let me ask you a question happy to talk about this later, but like I I was genuine anticipating that answer the question so I'm a little no.

A

No, but one of the the things that I think came out in this box presentation was that list of assumptions that was missing last time and actually a lot of it came from your comment last time, Eric because you said that you weren't able to evaluate uh the nature of the security of the transaction without the Assumption. So one of the assumptions here is, if you're going to transfer something from one digital Bank to another digital Bank. How do you guarantee in the future?

A

How can somebody verify that that there isn't a duplication that you just.

D

Put that's what I was expecting him to say, but that's not what he said.

B

Whatever he said,.

D

No like like no it's like it's an important Point like like it's one thing to be the case. That bank a says you made a transfer and Bank B, says I, didn't and that's a question of like non-appediation and then another thing entirely. Is some law enforcement agencies able to go and monitor every transaction? There's like entirely different, contextual Concepts, so which one is it, which was the requirement.

A

So so I I don't want to answer a form because yeah.

B

So it's it's contractual as.

D

Okay, but then, then, are we retracting the claim about the FBI.

B

No no, so this is contractual between the two banks that, if there's some dispute, they both agree to be audited. This is how the banking networks work.

D

Today, okay, but yeah, wait, wait! Wait when.

B

I asked you that question. My apologies, maybe I'm. Just you know speaking too fast.

D

But yeah, okay, when I ask you this question, what you said was the requirement was that if the suspicious activity that they can go and like look at the transaction stream and, like you said to too many transactions like that's a surveillance property, it's not a it's! Not it's not an important, not a contract enforcement property and so um like and like am I supposed to be very concrete.

D

Like um you know it's you can imagine, building a system how to end an encryption and had installed non-repediation and therefore did not have this surveillance property and, in fact like that, might be desirable property. So I'm kind of trying to push up with actual requirements are.

B

Yeah, so so our focus is the protocol right. So how do players play in the real world whether they misbehave they try to do something illegal, that's out of scope for us when, when an Engineering Group? That's why I can't answer it, because this is a this? Is a world problem in, like the word surveillance, I, can't answer.

D

No no, but this is a question of engine requirements. The question engine requirements is is should the is? Is it a requirement that people are outside the sender and receiver of your introduction be able to monitor the transactions.

B

Authorized if you look at the census authorized entities so so both sides needs to agree that you know the government is allowed to come in right. This is by contract. So if one side says oh I, don't I don't want the government to come in. Well, the other side might say: I don't want to do any transactions with you. That's that's how it works today and almost you know, tangential to what's happening.

F

B

This is what exists today.

D

Okay, we may need to take this offline because it's like this is still like a very confusing answer to me: Maybe yeah, so.

A

Let's let the you thank.

G

You quickly answer that Dennis, maybe having two sides in what you said. The first is the consistency of the protocol itself, so if, if we spot specific assets with specific identities, uh Dennis Dennis, avilians I'm, the note taker somebody take notes, please, if we are addressing the problem of having double spending and spotting the double spending, because we know the uh the identity of the assets. This is part of what we're doing now, uh having a malicious attempt of a bank spending twice deliberately, uh because of any reason. This is outside the scope.

D

This is not me any of us confused.

A

So, let's get back to the queue and and Eric if you want to get in the queue again, let's do it that way, but I think your point is yeah. Your point is valid. That there are different types of verifiability and in the legal construct would need to specify what type it might be, whether it's always open or whether it's auditable per record.

E

uh Rick Rick from Ryan oppa Fortress, um would you explain is that you assume all sorts of things from the networks that you that you connect? You want them to Gateway um I could imagine the gateways just be be connected directly and do nothing in between um what I haven't gotten clear is what sort of Stadium what store? What procedures are you trying to establish? What sort of certainty do you want to give? What what are the problems? You are solving? That's not completely clear.

B

So the the scope again, this is I'm the first to admit this is a. This is a big big chunk of the pie. The little chunk we're trying to solve is that yellow bit where we're trying to ensure that, when an when an asset is, is being requested to be moved that that doesn't exist in two places?

B

There's no double spending, that's that's the first one uh and the you know that if there's any message, um losses or Gateway crashes that there's sufficient um data in the flow that one of one of both can recover or just resume or restart the whole thing right, so it needs to be safe right.

B

This is the acid properties that that safety and an acid that's kind of what we're shooting for just just for that, and that's why we have to assume away the all the setup and security under three groupings that that is what we call state: zero or phase zero. All of that needs to have have happened before we can even run run. The program. I hope that you know it's primarily double spending and crash recovery is, is kind of you know high on our goal.

E

Yeah and I would say double spending something at the various systems on both ends already specializing that you want to take take care of any discrepancies.

B

E

State experience due to, for example, crashing that's clear.

B

Thank you, yeah consistency. That's right! So sorry about the the is the formal language you know, asset consistency, yeah leaf.

H

Hey nothing, so this is a comment on Eric's point that I guess. The thing I want to say is that it should come as no surprise that financial markets or financial industry is more regulated than other types of exchanges. So it probably is not. It wouldn't be surprising to build a protocol that contains much more of surveillance, even though those properties might be even be undesirable internally to some of these networks.

H

That may not be properties that you can maintain when you transfer between networks- um and this also made me think about sort of the reason. I came to take a look at this I'm, a co-chair of the Tigers working group, and if you look at that, that's kind of also one of these smooth stuff between wallets.

H

um In that case, it's a personal wallet and I I'm, not 100 sure that these are always valuable distinctions and I think one of the things we should think about sort of in a activity like this is whether there are where there is significant overlap between you know other ITF activities right, if you, if you want to like make a a very, very silliest woman argument, I mean you have some acid properties when you transfer a domain name as well between registers, that doesn't necessarily mean we shouldn't go and build um Bitcoin to ethereum uh transfer on Epp right at maybe a bit too silly right, um but there's definitely like a line where it becomes silly to kind of build two transfer protocols, just because one wallet is in the hand of a new individual and the other type of wallet is in kind of an Oregon to whatever I call it.

H

So I would actually um like to have a conversation about to do. Are we actually already doing this somewhere else in the ITF and we could just adapt uh whatever we're doing in some other place? To do this as well?.

A

So that's that's solution, farming. So at this point we have two different cues and they're very different Paul.

I

A

Paul: okay, all right so Roman, you're next and then Colin and then we'll we'll. Let you do it, but do note that you're normally supposed to join the the virtual queue but I'm going to honor the virtual cue first, because that's what we're supposed to do so.

J

Yeah I'm, okay, okay,.

A

J

A

K

It's my first uh no.

A

That's: okay! That's okay!.

K

uh So my name is: is Gilbert Verdian uh I'm, a cyber security background um reason why I'm here today is uh I. I established the iso blockchain standard tc307 in 2016., there's 57 countries working on that today.

K

So that is a an international standard which, as ISO is, is the right venue for what ISO is doing is at the top level in terms of governance in terms of descriptive uh standards and there's already quite a few out um I actually chair interoperability at within ISO in working group, seven and what we're doing is creating an interoperability framework and- and that basically is what are the building blocks that different vendors and participants need to create in order to create standards that the industry can adopt? It's not prescriptive.

K

It's not saying the packet should be 64k. It should over check some of this, and it should have a anak uh handshake of that. It's not prescriptive in that sense, and that's where institutions and bodies like ietf come in and what we kind of expect is the technical engineering to be done within engineering organizations like IEEE and ITF and that feeds in to the standard that's coming out of iso.

K

Already so I'm very supportive of this and I'd really like to kind of bring some experience working in banking and in government in on the cyber security decide. One of the comments made is: is this a type of surveillance? I would argue? No, it's not a type of surveillance. It's it's a protocol enabling interoperability between different types of networks who uses that network has to sign up to some scheme rules, and this is consistent with what um happens in card networks, payment networks, Swift type, banking networks.

K

So if there's an issue, it's up to the participant to respond to that suspicious activity resolve a dispute between them and they're all in writing in contracts within the different participants within the scheme. So the way it works is you're not relying on the technical protocol to solve your problem, you're, relying on human interaction and contractual rules to solve the problem. So this protocol is not here to solve that issue. It's here to solve the technical interconnectivity between these different networks, and one final thing to say, is digital assets.

K

What we've got in ISO as as a as a defined vocabulary standard. So this is in uh ISO, cd22739 terminology and digital assets have been defined as an asset that exists only in digital form, or that has been converted from some other form to a digital representation.

K

Now these digital assets are here today and they're not going away. What we've seen from working with central banks and other banks that at the company are working at Quant, is there's a 16 trillion dollar opportunity with digital assets by 2030., so people are digitizing what they've some some form of asset that used to be uh in in a different form, into a digital form and that's not going away, but the problem which I saw from 2015 2016 was people are making these in isolation and people are making these in silos.

K

So how can these assets interoperate and how they? How can they interconnect between the different networks and ITF is? Is the right venue to create the protocol to do it all.

A

Right, thank you. Roman.

I

Hi Roman denilio, Carnegie, Mellon University, no hat I couldn't get my laptop to connect. So Paul put me in the queue uh so back to helping tease out this double kind of spend problem. We use lots of different words, so I want to try my attempt at pulling pulling this apart. The question is: when we talk about. How is the double spending problem kind of resolved to me is: it is all of that in scope or some of it at a scope.

I

So I could imagine a world where you could use different fancy kind of cryptography, different kind of acknowledgments, where the things that are getting exchanged, that's all packed in scope in the protocol and that's how you do the how you address the double spending problem. What I think I heard you say is that there are part of that verification process is out of scope.

I

So when you said surveillance, I think what you were saying correct me: if wrong is that the gateways have to produce an audit log, so the end-to-end double spend verification is actually not a protocol and not a product of the protocol. There are just some requirements about Telemetry or whatever the word you want to use that the protocol will squirt and to get the double spend. Verification actually is something that's out of scope of the problem of.

B

The protocol and of the working group is that accurate? Yes, so we've been talking about two classes of logs, so so the gateways need to log for message uh completeness and and proof that both sides have done the right thing per the RFC, the the draft definition and then it needs to allow for crash recovery. There might be some overlap in terms of the same data log to be reused for another, but we talk about two sets but you're right, Roman, that's kind of you're right, yeah,.

I

So my request would be if, as we kind of talk through this, when we talk about the security properties, we can we if we could distinguish the enablers, that the protocol will have versus what the protocol itself will kind of guarantee, and that might help us with what's in scope and what's what's not and as we know, this is a good point.

J

uh Okay, Colin.

L

James, let's go um I'm trying to think whether Rowan's just just answered my question, but some like so the question I was going to ask is so is the Assumption here? Is that the participants in a given Network trust the Gateway not to double, spend due to Legal agreements or whatever else they have in place not due to protocol cryptographics correct? Is that correct, correct.

B

So gateways have to sign stuff, you know they're going to use TLs, but you know if they're sending you know crucial messages, there'll be signatures and so on. But yes, quick answer. Yes,.

A

Thank you, Colin. That's an important point all right with that I think we'll shift to use cases. Next, uh there are two um again we will ask for clarifying uh after each one. uh These should have less clarifying questions. So really just clarifying questions about the use case, not about uh the protocol itself. That will come later.

A

And is that's the wrong one? Isn't it is that the right one? Okay.

M

Hi, can you hear me we.

A

M

Yep, all right, uh can you move to the person I think yep, all right so hi everyone, I'm Rama I, was uh present at the last iitf meeting at Philadelphia, where uh I see uh several people here who are present there as well and I, talked about the use case involving uh global trade and Supply chains.

M

So uh I'm just going to uh talk about uh same use case here with a bit more context and try to show you how it's uh it's not like a very Niche problem, but rather it's a it's a problem, that's very highly relevant to ensuring that Supply chains that you're all dependent on uh work properly in the upcoming digitized and distributed so uh just providing a bit more context than I did previous time.

M

uh The global trade has has been conducted in the past few centuries, and uh several processes have cropped up in in the space have been built on paper. Naturally, it's not a computers until the future, so these paper-based policies are quite manual and they're time consuming and the uh any uh clearance or any uh finalization of a transaction. It takes too long and uh it can often be susceptible to fraud by different uh participants. And there are a lot of those participants in you know in a particular supply chain.

M

You see that in the subsequent Slide, the shippers or the sellers and the buyers or you can think of them as importers and exporters who are usually always in different countries, uh they face a lot of God when it comes to fulfilling and international export import transaction. So there's a lot of incentive to reduce the the cost make this more efficient, because, finally, that will uh result in benefits to all of us as entrance uh the the way trade happens in this analog world.

M

It gives very little ability to forecast any uh disruptions that a supply chain faces in real time, so any anything, any message that occurs it takes a while for uh the applications to be discovered, and then it takes a long time for uh debugging and root cause analysis again.

M

Also, given that you have a lot of different players spread across different countries uh participating in different institutions that have their own privacy rules. uh Sharing information across these parties and across institutions is a very challenging task and digitization is something that is like solely necessary for all of these different reasons: an excitement so uh one uh I'll zoom into one particular problem that is very Salient whenever any two parties conduct a trade and imagine an exporter and importer or let's call them your buyer, buyer and shipper.

M

uh If uh think of the problem, that it's most basic, a buyer and a shipper or let me call them by himself- a buyer makes a deal with the seller that if a seller ships uh sends the buyer particular uh set of goods, then the buyer is obligated to make a particular amount of payment. uh Now uh this is challenging across two different countries, because the question always is who blinks?

M

First, if the seller shifts the goods first, what guarantees will have with the buyers, go to make a payment and if the buyer instead makes a payment first, what guarantees does it get that the seller is going to actually ship the goods? So what's happened in the past few uh centuries, really a processes that have evolved since the dawn of banking to manage the property?

M

To to see apart, the this process for both the buyer and seller and uh one of those documents uh that is used in uh to to see about the process called the bill of ladies so uh What. uh What happens here is that uh the buyer usually takes a short-term loan from some financial institution.

M

Let's say it's a it's a it's a bank that has International connections uh with whom the buyer is an account, uh possibly or or perhaps not, but the buyer can take a loan from that financial institution uh in order to pay the pay the seller, in effect, what happens here and if you use uh there are uh proceed like the letter of credit that the buyer can use to get such a loan issued from the financial institution, uh whereby the financial institution actually agrees to take liability uh uh on behalf of the buyer, thereby making a promise to the seller and also the financial institution back in the seller to make a payment once the seller ships equipment.

M

uh So what is the role? Does this billion document play?

M

The bill of trading document is something that the seller uh generates in connection with the uh the carrier who takes possession of the goods once the goods are ready to ship, and this bill of reading is proof that the seller has parted with the goods and what happens after that is anybody who produces the bill of lading before the buyer in effect gets it has a guarantee from the buyer that the buyer will make the payment, as it's obliged in reality, what happens if it's actually the financial institution, but in the buyer who's supposed to make that payment?

M

So the bill of trading is a very crucial document, because it constitutes proof that will conclude a an import, export transaction, good search. It shows that goods are shipped and it it obligates somebody to make a payment, uh so the financial institutions uh needs this. uh Bill of rating is collateral by the way. There's a lot of Finance involved in in this bill of training can be used collateral. It can be sold print off as a financial account. So we don't have to worry about that.

M

We just pointed about the problem where we want to ensure a safe transaction, so uh the financial institution uh in this case uh needs the bill of radius collateral. So it knows that uh there is proof of the goods having been ship, but it cannot change.

M

Okay, uh usually in the the way they had seen uh in the process of digitization of the philosophy in the past few years is that the financing part of a trade is carried out in one particular Network, whereas the shipping part and the generation of the bills of documents like the bills of plating is carried out in a different network, and these two networks are a big feature. They are oblivious of each other and they were built separately for particular reasons there are.

M

There are privacy reasons why the consortia that maintain these networks choose to be separate, and we see that and continuing. uh So the financial institutions needs to see the block rating, but it cannot actually appear intra permission. So what does it do?

M

The way we can bridge to uh networks is why I get the kind that Thomas talked about and uh the uh and these networks need to be interoperable for all the reasons that uh uh Gilbert so adequently put uh in his uh comments shortly. So this bill of plating data must be reported from the network that is surrounding the take Logistics via a Gateway that uh acts as a neutral service provider. On behalf of that Logistics Network, that is maintaining development. Okay next slide, please all.

A

Right so there's one question at the microphone that I think they have on. If you have a question on this slide, I take.

H

It yes I'm a clarifying question so um on this slide to me it it kind of looks like the the what's really described. There is sort of a transparency problem that is kind of already in scope for the um for the skit uh working group, so it it so what I would like to understand better um is how this really is a as described here. How this really is a transfer of of an asset. um To me it sounds like it's the the bill of lading and you I.

H

The the financial institution needs like a trusted way to look into the other to the bill of leading Network and see that that BL exists and that to me sounds like a transparency issue, not a transfer. It's.

A

Not an asset yeah, these are actually rated yeah.

B

Yeah, so so let me answer that one Rama that there are three types of flows that we have. If you look at the draft Charter, uh the first one I was talking about, was an actual asset transfer, and this one is what we call uh asset. Related data sharing I've been talking about extracting data. Now the the problem is that the other the bank may want that bill of lading. Today, you actually have to bring a printout. You.

H

Know understood yeah.

B

Yeah, you know that's I,.

H

Understand the requirement yeah so.

B

So this is, this is extracting the relevant fields from the state data I.

H

Didn't understood, my question is whether you know we should maybe actually focus on the actual transfer situations, because the the the transparency case is already covered in in the skipped working group.

B

I've been participating in this. This kid working group and I'll be the first to say. There is a lot of similarities that this uh information transfer extraction and.

A

And skit yeah, so let me let me put it another way right. If we can reuse parts that are in another, you know ietf area, that's exactly what we always do and the question to me is whether they need to be bound together or whether they can be two different protocols and so I'll leave that to the future. But.

I

Romans as cognizant ad of the skit working group, uh the scope of skit is the software supply chain. We talked a lot about dual use or kind of using it outside of that use case, but that's all we're chartered to do.

A

uh Thank you uh John, and then we should get on to the rest of the presentation.

N

Robot from you why I think the key thing here is is that there is an asset on at least one side of the Gateway um and I. Think that's that's! The key thing is: is that the you know the control of that asset, whatever that asset does, which is the the financial side of it, requires the information on the other side. So it's not purely transparency, I think that might be a distinguishing characteristic.

A

Okay, uh thank you. I actually have a question now, but I'll I'll return it to uh the presentation.

M

Sure, just to conclude that that point for transparency uh I mean we can probably go into this later in the presentation or during the discussion. uh Think of you have two: uh you have a network here that is maintaining a document like the bill of lading. uh The the bill of reading now has this. uh The information in this bill of lading is quite crucial to a concluding a process that is beyond the scope of that particular Network.

M

So uh we need some somebody or some process by which the this information, uh the bill of bleeding exists, and that- uh and here are the properties of this bill of leading- and here is authentic proof that this bill of dating is actually uh hosted on this network, which is now opaque to parties that are Beyond its uh its confines.

M

That is really crucial and, uh in effect, what we're trying to do is uh to figure out a view of the to provide a view into the will of leading to parties that do not actually belong to this network that were not parties who are not the buyer, not the seller, not the financial institution back in the buyer, not the carrier that is uh uh has taken possession records that the sellers provided. So that's what this example tries to illustrate.

M

You have a financial institution that is outside the uh this uh supply chain, intake logistic promotion, Network and that needs to know it needs to have you into what's going on in the logistics part of the tree, so it requests for uh the bill of cleaning and it now it can. In effect, what it's trying to do is strength request.

M

The network to provide to say, show me your real estate, but what we need is some standard way to do this, because the bill of reading- and you see later on- there's a lot in the sufficient documents- the uh it's not just one kind of document that we want to be able to expose via this uh from these such kind of networks, it's just any kind of document, uh any kind of asset or any kind of artifact uh whose properties need to be visible in a controlled way outside that Network and the Gateway.

M

We do that Gateway provides a neutral way of exposing views from private networks. So that's what this uh International! This uh slide is showing up.

A

Eliminator 2.1 seconds so two things um one: we probably need to speed up a little bit, I think the slides are um uh you're over describing them a little bit we're going to run out of time too, for the people at the Queue at the moment. uh Is it relevant to this slide or the whole concept if it's the whole concept, let's take it after the presentation.

I

It's the slide for me: okay, yeah, uh Roman, junaidu, no hat Carnegie, Mellon University uh a little bit like leaf, and this use case.

I

I, don't I'm trying to square the definition of an asset which is value-bearing something I forgot the rest of the words and a bill of lading because isn't a maybe in my head, a bill. Lading is an inventory or is this like a bearer token? It's it's.

J

Yeah, it's a it's a deed. It's your house, deed.

I

Okay, so I hold the bill of lading I, get to have everything on the ship just because I hold a piece of paper. Yeah.

M

Thank you yes, Eric. Okay, we can move on to the next slide.

D

Oh no but I'm, actually not no I'm, now I'm confused um um because, like so I guess, the point I'm confused about is that I thought this is about transferring assets like I'm, expecting to see a g on the other side of this, as opposed like a little old Bank um and could.

B

You move the slide forward, it's like yeah. Could you move forward twice to slice, for it um there's another diagram.

A

uh Did you did you say two slides or one slide this one? Okay,.

D

F

D

This is the thing that we are doing now and the other thing with background.

M

No, no, that's! Okay! Okay, let me say so you can. You can combine this in two different ways: you have what is what you're showing here? If you go from left to right, there's a bill of reading on the network on the left, which is being exposed through gate to G1 and there's a letter of credit on the network to the right which is being exposed by Gateway G2. What we're showing in this use case is a composition of both of them and both of them.

M

If we combine them together, we are showing what can be possible in the supply chain and finance rule.

D

Okay, but I guess what I guess what I'm being confused by is like if we have an assertion of this bill of lading, that is, if I understand it, being transferred from the seller to the buyer um like surely we don't want to have a bearer token, which we're then going to apply to the bank? Who could then take all my stuff right? That's not that's! Not a desirable outcome right.

M

D

M

So the bill of leading on the uh on the network to the left, it is actually something negotiated between the seller and the carrier, the carrier so the when the seller, ships, goods via a particular carrier. They have done that part in the export import, so the carrier is now supposed to provide a bill of reading to the seller.

M

This is the seller, can then take to any financial institution and say: look not any financial institution, just keep the bias financial institution and say: look I ship, the goods, here's the proof you got the bill of trading now uh give make my payment. That cannot happen in networks which are signed like this, which are isolated like this, but that's what we live in. You have networks which only run a store plating. You have other networks that only that the web financial institutions have a play part.

M

That's a network on the right, so how to uh the uh share? How do they share this information so that their respective processes can continue without uh in a trustworthy manner? So that's why.

M

Use of a particular uh record across the network boundaries that is from one network to another in a way that does not require uh the two networks to understand each other's internals. So the Gateway is.

D

Understand this point because I answer my question, um my question is: a question is simply about: if is this a bearer token, and if it's a bearer token, then then, why am I showing it to the bank.

B

It's it's! It's not a bear token, so this is flow. Number two is extracting information to show to the financial entity that this tool exists on the network and so Gateway G1 needs to sign this. This data, it's not an asset itself. It's a report, it's a subset of the fields! Well, that's the party okay!

B

So no, it's not a bear of tokens. No.

H

No, no, so all right! Yes, this is the and I'm equally confused hacker. So just a control question for either.

H

You said to to Roman that it's a it's sort of like the deed to my house, but does the does the bank or the financial institution in this example? Do they own my shipment when I take the loan.

B

Take speaking, they own the deed. Yes until so it's a short term so so.

H

You give them the deed.

B

To go to my house.

H

To the stuff on the ship, they give you a loan to pay the sell, the right the shipper right, but that, but it's not that you're not you're, actually giving them ownership temporarily. Yes, legally, you are giving them ownership. Yes,.

B

Yes, so it is so actually this is, this is what they do today. No.

H

I understand by.

B

Bringing this up, this is not enough. That's fine! It's.

H

Not in a problem scope I'm not trying to change Hotel I'm, going to start trying to understand it, because what my argument was that it was a transparency issue that it's about showing that you have stuff on the ship and the right Stones correct, which is different from giving it to the bank. You now own it and that's the thing all right, I'm getting pure answers.

H

M

There are two different things.

L

M

On here, so, let's not get confused, so there's a there's: a process of trade financing which involves a buyer taking out a loan with the financial institution and the financial institution there, thereby if, if it gets the bill of leading which is like the title to the shipment, then yes, the financial institution gets to keep the shipment until the biography of the loan.

M

But what we're talking about here is the fact that you have the financial part of a trade uh of an export import running on one particular Network, whose activities are opaque to the external world, and then you have the shipment of the logistics part of it. Turning on a different network which is again opaque to anybody outside of it, how do you connect the two?

M

They have to make them interoperable the way we make them profitable or uh allow them to provide youth into restricted use into their records, which in this case, involves those of trading on the left Network. Let us read it on the right side: Network you do that using these Gateway, you can communicate using a neutral protocol.

J

Rama I think we need to move forward.

A

Yeah so in interest of time, I think that we need to probably switch to the other use case, which is possibly a little bit simpler. I I yeah.

M

I'll just make a quick point on the last Slide the next classified, so uh the documents we've been talking about right bill of leading uh letters of credit. These are you might think these are like Niche uh use cases we're talking about, but no just in the trade space.

M

You have a nautilus or document that you see here and if you have networks that need to incorporate for uh providing views into such documents, the the same security uh problem will arise in each of the wheels cases and if you go to the next slide, uh you have a lot of different different uh parties that are involved in this kind of ecosystem, and uh this gets very complex very fast unless we have a neutral protocol that allows two different networks to operate interoperate. Thank you.

A

Okay, thank you, um I'm, having a browser difficulty that I have to overcome here.

A

I don't know if Becca is being shared, I bet it's the wrong one.

A

I need to restart my browser. Unfortunately, uh if you're on you could.

A

Now this is a weird too many X-Files open, socket problem.

A

A

Agenda sorry about this.

A

Why don't you start talking about your use case? Well, I I'm. Almost there, okay.

O

Is it is okay, this is the right place for the microphone cool, so I will um eat the microphone. The.

P

Little person yeah.

O

There you go: okay, that's not too bad Okay cool, so Martin, High groups, um I'm from Quant I'll, be talking about the uh the asset transfer use case, which is obviously the main use case for this protocol.

O

um I'm I'll wait for the slides a little bit but effectively um I'll start talking anyway. So the Financial Services Market is moving in the direction of tokenization, which is a bit of a buzzword but effectively means digitally representing um a variety of assets and then trading them, particularly things that couldn't be traded before.

O

So there are assets out there which can be traded, which represent things like future Revenue flows right, so you can buy a fraction of the income that you will get when this thing comes to Market, there's a Supercar manufacturer that does this that's how they fund the build of their cars. Likewise, real estate is being fractionalized, lots of things are being fractionized.

O

This is a big Trend in financial services and these new digital tokens uh are being traded on a new class of trading venues effectively marketplaces, so they are not connected they're built on a new generation of Technology. Some of it is distributed. Ledger, some of it is not, but the main point about it is that they are mostly not being connected to each other um from a industry point of view, there's quite strong Network effects in this kind of thing. So you see in the more established markets, there's quite a lot of big trading venues.

O

They connect to each other. um Likewise, internet lots of isps connect to each other. Whether things are proprietary, you have marketplaces like eBay, Alibaba and literally nothing else right, so Network effects can play in your favor or not. ah We've got slight awesome, so this is this Walled Garden problem that we are looking at at the moment, because um there are dozens to in larger economies, low digit, hundreds of new venues coming up um and the way I like to think of them. They are like marketplace right.

O

So if you've created one of these tokens- and you want to sell it- it's analogous to something like eBay right. So we were talking about this before and it's effectively. If I want to sell a GPU right and I want to sell it on eBay, um then that's fine. Anyone on eBay can buy it, but if I've got a buyer who is on Alibaba or something like that, how do I, let them see it.

O

What we are trying to do is basically be able to show it on the other venue be able to people to buy it on the other venue. The digital representation travels transparently from one to the other, fulfillment happens, and the reason why we're trying to do that is because there's not just eBay and Alibaba, but there's a lot of these things.

O

So as a someone who's issuing this token, who wants to sell it I want as many people as possible to be able to buy it, and those people are not all going to be customers of the one or two places that I'm a customer of. So we want to link all of these things to create a larger market effect, I think so. Yes, fragmented markets, poor issue issue as investors here are the buyers and the sellers.

O

Limited liquidity potential means there's less people to buy it um and in the case of these sorts of assets, that kind of creates um a lot of inefficiency, which usually means somebody can buy it for cheap on this one, and they can sell it for expensive on that. One and all they're doing is making a bit of profit out of the Arbitrage and not adding any value, and it isn't a very efficient market, next slide cool.

O

So what we are trying to do to do this is to connect all of these networks right so as they are they're coming up at the moment. Some of them, like Thomas, said there are some bilateral Solutions. There are some vendor and proprietary driven Solutions, um and none of them really have any attempt at standardization really other than we will try and get as many users as possible and be the next eBay.

O

um What we want to see is a technically driven standard that allows anybody to connect to a more open network. I think that is fine for that slide. I will try and make up a little bit of time.

O

Excellent, so this is in terms of what are the things that we're talking about. There's a few things that institutional tokenization is what I was talking about. They have a lot of their own jargon in this world, so issuance of interoperable digital assets. I would like to sell my GPU on eBay, and here is the data item that you will buy and which will give you the right to it. That includes things like physical things, like I, said: they're real estate gold.

O

It also includes money these days um and that's where cbdc's come in, that's a token that doesn't get redeemed for anything and the variety of other tokenized money, which is money that can be redeemed for things, and we have a question.

O

My list of examples: well, this is probably a good time for a question yeah, it's the slide.

D

So you mentioned earlier um that some of these assets um are on um you know, blockchain type networks um so um uh is in order for that to work so because of the structures I understand it. What that would mean is that the smart contracts associated with those blockchains would have to require that we have to basically allow the gateway to override ownership.

O

No so in the project, so not all of them will be on blockchain.

D

O

What the protocol needs is for the gateway to have some form of trust of the network and it when that's an implementer problem right. So if it's a smart contract that provides a guarantee to it, that's fine! If it's something else, that's fine as well. So the trust relationship that we were talking about earlier, the Gateway needs to trust the network and there will be a liability relationship between them and the gateways trust each other with this separate liability relationship. So there's right, but it's.

D

Actually trust relationships right, but in this case of the network, trust in the Gateway so like I mean if, if we're like getting nfts right, then the way the nft will be constructed is that the Gateway has the power to take anybody's nft and just take it right, correct. Okay, thank you.

O

Excellent cool, so um we will come on to. We talked about the size of the market. Well, I didn't, but the slide did, um which is in the multi-millions low billions today expected to rise to trillions. So some of the players in this area tend to be the large Global Banks um and which one was it Gilbert. One, though, um starts with an S. uh They have got a about 300 billion, something like that. Their plan is in the next two years to tokenize all of the assets that they hold. So security is everything.

O

So it's a it is a major Trend. Bny melon have put about 200 million into building platforms for this over the last couple of years um at Quant. What we did um uh last month. Actually um we were in hackathon, we implemented sapi in its draft form, um so the hackathon was run by Swift.

O

um For those that don't know, Swift is the uh Network. It's an organization, that's shared ownership organization, so all the banks in the world own it it's got about 22 000 owners. They run across four uh highly redundant mpls networks. They back off to a whole bunch of different providers. They've got a lot of data centers and they provide highly resilient messaging services for the whole financial services industry. Basically they're also interested in this right, so the hackathon had two things. One was about custody, didn't really care about that.

O

The other one was about interoperability between networks. So we do care about that. That's kind of what we do. um They also have been running their own uh internal thing on this, so they had their own announcement. They've been doing interoperability between two different networks using Swift's infrastructure, they've spent 10 months on that, and that is their proprietary one built around their message set for this one. It was more open, um so we, um the the comp piece on there is labeled, Gateway and sapi is how we connected these things, and this was this.

O

One was two different networks representing effectively a source and a destination. um The use case was around. It was tokimo's gold, there's a folks that are sitting on vaults, full of gold who think we can tokenize this and we can use it as a currency, and they are trying to do that. So this is what they're trying to do in in that case, um there's about 120 participants in it. Bny melon won it in the end because they throw a lot of money at it. We would join third with NatWest um on that one.

O

So there's a lot of UK Banks, there's a lot of interest in this area so, from a use case, point of view, I guess. The message really here is that the industry is doing this and they're doing it at scale and they're doing it in a fairly proprietary format. There are other standards groups out there that are not doing the protocol side. So, as Gilbert said, ISO are doing terminology framework.

O

That sort of thing there's tons of projects that are think their way is the only way right so particularly in the blockchain world, each of the camps think interoperability is everybody, uses their system and we were at cybus last week, which is the Swift conference, which is roughly the size of RSA. We spoke to a lot of people there.

O

um They are mostly holding off because there is no interoperability. People are doing a lot of Pilots a lot of pocs and they're waiting to see if there's a winner or if there's a standard piece of interoperability. So there's a few people going live q1 at the moment, but this is kind of this is what everyone's waiting for and it's the technical standard that we need.

A

Okay, any questions about this presentation. Any questions.

O

I'm not sure, if that's a good thing or a bad thing. Yes, yes,.

A

All right, let's go to back to Thomas uh with the status report of what they have been doing for the past three months.

B

So uh we've taken a lot of input uh in since the last ITF in Philly and and we've been having basically weekly meetings on this. So progress we've been documenting the assumptions because, in fact that was the the big question I think coming out of field is: what's the Assumption and we've been saying? Well, you know what we call phase phase zero. What needs to happen before this flow runs so so been documenting that we've been collecting use cases. We have a use cases document.

B

In fact, uh you know: we've got the digital dollar project GDP in Washington, DC, that's going to contribute text to our use case document. I asked them to give me three paragraphs and they gave me four pages, so my job is to sit down with them and and sort out through four pages. You just need three paragraphs. uh We've been working um on a the common message flow for the asset transfer. So for those who are looking at um our GitHub, there's a figures folder and there's a there's, a flow diagram.

B

It's I think where the file it's like version 15.. So so we've been talking about this, probably since before Philly, but since Philly we've been reading meeting weekly and as that particular message flow is, is sort of the the sort of Highly discussed, uh subject or topic of of our meeting. We also have a draft Charter that that is is up available on our GitHub repo next next slide. Please thanks!

B

So so uh we finally got agreement among ourselves, okay, internal consensus that- and you could just follow that- that link there. We want to focus on two key flows. The first flow is that the asset transfer flow and the second one is the data sharing flow, more completely asset, related data, sharing, what I call data extraction and we have an architecture document and a use cases document as well. I know it's ambitious. We we're shooting for 18 months uh but I've been told.

B

That's super ambitious, but okay put a put a line on the sinus at 18 months. uh Next, next slide. Please.

J

B

So, prior to uh Philadelphia we would be meeting twice a month. So it's a it was a biology. Bi-Weekly meeting, but since fairly we've been um doing, weekly and personally I was I was surprised. I was surprised, people were willing to meet. You know every week every Tuesday morning you know and some people some people like. Thank you Rama people in in India. They were on like 8 P.M, you know and then and there's uh three guys in Australia and it's like 11 p.m.

B

You know in Australia, so they've been joining and I I kind of feel bad for the Australia crew and the and the India side, but but this is kind of the rough stats and and uh it's just it's just Excel and I just cut and paste Excel. But on average it's it's about 10 attendees, which is you know, I thought about this. Pretty good right, uh you'll see some dips there um at the end of August.

B

You know when you know had like five people, and that was because it's vacation season last last chance for a vacation before um before September it's open to all the zoom is recorded. So you can, you know, go back, uh you know uh to this and the links on the mailing list I can go back and listen to the zoom recording uh next slide. Please. uh So so people ask well how come you don't have like? You know: gazillion mail items, I, guess you know it's because we we use the zoom session.

B

We talk about stuff, uh you know and that's why we're recorded I know it's not um sort of ITF tradition to be the recording, Zoom uh I personally. Think it's for me, going over start having the zoom recording has been great, I mean sometimes I have to like put in the mid-ins or fix fix the notes and having the zoom recording kind of helps. You know remember what what I said. What other people said um next slide, please uh so the set of assumptions we have a thread there on the mailing list.

B

You can have a look at that. We've been collecting this and this is I said earlier. There was a question earlier about the assumptions we've grouped them into three categories: all of them are are out of scope, but but we know it needs to happen. So legal framework side, what is the asset definition what's an asset and in different networks in different Industries? It might be different, an entity I. We don't do identity management when we don't want to do anti-money laundering and all that stuff.

B

That's that's out of scope for us, but that's kind of and if, if anyone has in an additional sort of assumptions that we think we need to add to this we're very open because we can't solve The World's problem, we just been doing doing the yellow bit in the middle.

B

So I also get this question a lot like why the idea well I, my my wine liner, is that it's the home of interoperability right. So this is where this is number one number two. You know technical review so like guys like Ecker right, so you know they're gonna, they're, gonna scrutinize, our specs, which is good I, would prefer to have our drafts uh to be scrutinized locally.

B

Instead of having you know, mistakes uh in the draft and so on- uh and you know we did- um we did look at other organizations, so we looked at that w3c they're primarily concerned right now about the verifiable credentials, the VC data structures and the did so so we kind of said: let's, let's try it here. First ISO, as you heard from Gilbert, is, is a pretty high level organization. They don't really do protocol specs right, so so I did probably to explain.

B

um There's a lot of Open Source projects out there, but I have to say to many of those open source projects. Running code is not spec right. If you go to organizations like Swift, so I was in 12, for example, in uh you know, in the cable open, cable industry, when they say a spec, they were written specification that members have to implement and they might have to hire somebody to test compliance of the implementation right. So so this is another reason why the itf.hf has a history of writing specifications in like in paper specifications.

B

Yes, we need running code. We know that. But you know more importantly, nowadays I need to explain to many people. We want written specifications uh next slide, so active supporters, uh I've grouped them into you, know ID and O. Implementing testing deploying many of those organizations say this is great.

B

You know when there's a working group we're going to come and join right, so so this is a to me. It's a chicken and egg problem right. So on one hand, we have to show to you guys here that we have a lot of you know people interested, but on the other hand they say well, look hey! You know. Why should I send my you know, chief of innovation, to a meeting in IHF and we're not going to get a working group. So it's a it's a chicken and egg problem.

B

But, however, having said that, there are people implementing this stuff, you heard Pont um at MIT, we're beginning to do an open source implementation just of the yellow bit. So it's probably just going to be a client server thing. No, no real Gateway uh compelio's doing one on the inter side. You have I mean trade, land and trade lens and mercks. They have this deployed: okay, it's a proprietary Network, and that was this. The Second Use case. This is running operating. I know this personally, because I've been helping with our project.

B

I grew up at MIT has been working with the government of Australia in the port of Adelaide and they're, a customer of trade lens, and so they're interested in this in this ability to extract out the bill of lading so that the local bank, Westpac bank or Commonwealth Bank can actually give give a loan to to the uh to the to the buyer.

A

Have you been able to ask these people if they've been willing to interact to work within.

B

The ICF absolutely yeah, they said like great yeah yeah, some of them. Yes, that's the people who brought us tcpip and ipsec and TLS. You know uh so. Yes, they they actually would prefer the IHF, because the ITF were not raising tokens. When we're not trying to raise funds, we write technical specifications, we don't own a network. The ITF is a perfect neutral entity.

B

Thank you. Okay, any any questions.

B

Okay, this looks.

A

Like everybody needs coffee right so with none I'm going to go back to my chair, slides.

A

um So there's been a number of discussions, I think uh the questions around the bill of lading and the more complex use case of how do you prove that you have something- and you know that can be transferred later type of thing is: is one discussion I heard um I think you know if there is still questions around um what Eric was talking about earlier of? Do we need to define the level of auditability or observability? You know it that is important for this work to be considered.

A

We don't think we should solve any problems today right. This is about to see if the IHF is the right place to solve that problem.

A

um So with that I guess what the questions I'd prefer to hear now are ones that are challenging in any of these statements. Right is the ATF. The wrong place, you know, is the ATF the right place. Do the problems you know. Is this a problem that needs to be solved? I'm not asking these questions yet in terms of a you know, a hum type of approach, but I'm wondering who, who has challenges to you know the typical reasons why we hold Buffs right.

A

We hold Buffs to decide if, if this working group should be formed and so I'm very curious, if there are questions or comments related to whether or not it should be formed, leave.

H

So it's maybe not a question, but maybe something that might be missing and that is kind of what what are the overlaps um I actually came in here, believing there were more overlaps than I I right now. Standing here, I think this is kind of fairly well scoped, even though there are some also some dangerous sort of aspects to this I mean the the stuff Eric pointed out that your the gateways are kind of in charge have to be right.

H

They they have rights to do stuff in the networks um that that's a dangerous thing to have around, but it it's a fairly well skilled problem for all of that right, so I I. What I would add to that is you know you.

H

There needs to be a little bit better coordination among the um working groups and and efforts in the iitf that work on stuff related to digitalization of assets, and that involves Tigris that involves uh skit. That involves um something like this right um and that that's not an argument against doing anything right, but it's an argument for making sure that you're tightly scoping whatever you're doing in this working group yeah.

H

So to specifically the use case where the user is not approving, stuff, I think that's kind of what I gleaned from Eric's statement, the user isn't necessarily approving the transfer. The Gateway is, and that's a that's a significant difference between this and and tigers, where the user is specifically in charge um anyway.

B

Not not quite true actually in our flow diagram, you see that Alice actually says to the Gateway. Do this so.

H

Yeah but that's uh that's us that signaling, it doesn't necessarily make it part of the protocol.

A

Well, so what are the assumptions right Thomas? Is that the the Gateway has a lock on the asset before the.

B

Process before doing a lock, it has to be commanded instructed by Alice the the asset.

A

How that happens in each Network.

B

Yeah, we can't, we can say correct there, correct yeah, all.

A

Right, thank you leaf uh Eric, so.

D

This is like I'm, not sure if it's a commentary question, but um uh on so I I as I was last time. I am very concerned about our confidence. Is all this problem I'm concerned about our uh um our uh pipeline into the people? Who actually are the consumers of this?

D

um So I saw a number of companies on that slide. I, don't see most of them here. Where are you from okay? How many people in that? So, if we go back to that slide, how many people actually actually deploy shipping are on this slide or actually here, I'm serious, like what I said, how many people who are not selling this solution, but are consumers? The solution are actually here in this business in this room.

B

So so I kind of I invited so the Swift guys came to Philadelphia they're back up the room, so so I. It's too much for me to ask for Swift to send two people to two ITF meetings. It's not.

D

Too, no, it is not no that this is exactly my point exactly.

B

As I said last time, Eric I I can't bring. The first question is Philly. You said bring in the developers, so I said: I can't bring everybody and then having said that, you asked the second question: bring me all the consumers. You know this is a chicken and egg program, so so.

D

No, no! No! No! When when we like I'm sorry, we ordinarily go and we and and we Charter something we Charter under the assumption that the people who are the relevant people.

D

The people who you say you don't want to come- will be in the room and you're claiming they're going to show up eventually but I'm saying they need to shop now and if they can't be bothered, they can't be bothered even to call in then actually no I think that is like a really reconcerting sign for our ability to actually understand what the requirements are after we reflect them and so to have like so and have that and like I've learned lots of percenters or people kind of like tried to remote control this through like either three people I could talk to and they talk to everybody else and like, and we always tell people this isn't going to work and I've tried.

D

It doesn't work. So I want to make sure that we actually have the right constituency room and.

A

I, don't think, there's a reason why so Eric? Thank you. I think. Your comment is very valid right. You have to have the people that are willing to do the work and Thomas talked about there. Are people willing now I think one of the questions I can put into the final closing questions for you is because we have to include the remote people right. So if there are people remote and- and you know, I didn't ask the question in a way that they could raise their hand.

A

I can add that question toward the end, so that we do get a better account of who in the room might be implementing deploying or you know, whatever I think, that's a very valid question for whether the buff, you know should succeed or not. uh Ramen.

I

So Wes I want to help you with Q management. I have a new thread. So if anyone wants to talk about the old thread, I will yield. Thank.

H

You very much disagree with you. Eric I think it's a little bit unfair too um um characterize um the turnout as weak. uh If that is what you're doing I think it's it's fair um for a new effort in a in a in a group that is new for most other companies involved. I think having at least some of them on on site is um maybe not perfect, but it's definitely an indication that there is interest.

A

And certainly the the level of dialogue that has happened weekly, uh including mail messages, you know- is a decent amount of people who they represent. I, don't know, I'll, leave that to the answer, but go ahead.

Q

Thank you from broadcom, so yeah I would like to uh support the the point made by uh Thomas about the difficulty to hire people in standardization. Even forget the ietf for a second. uh There is a lot of work going elsewhere about the lack of Industry engagement. The big difficulty we find is that when you need to make the case as a developer as an engineer as other people to participate, you need to have the buy-in from your management. Most of the western companies are clueless about standardization.

Q

There is another person who mentioned a very good point that open source is not specifications. That's a very good point. People have the impression if you do open source, that's good enough. No and a lot of the companies don't get that point either. So for them, if you tell them, I need to open an open source project. Yes, I need to go to personalization. Why cost money your trips or time you're not going to spend on on doing your day, life, job, etc, etc.

Q

It is extremely difficult not that people are not reading, but they have to fight the fight constantly, and even when this is established, when you tell them, we not get results before years.

Q

This is just inaudible for the management of most of the companies. So I understand the prime of qualifying an acre is right. In the sense we have to make sure that we have enough critical mass I completely understand that, but we have to be careful about how we manage the situations. Otherwise we will never start anything anymore. All.

A

Right, thank you. uh The Government, Can I suggest you turn off your video when you're not actively speaking only because the QR code disappears when you're and so about. Four people just walked in the room. I want to make sure people can uh can properly register. So the QR codes.

I

Roman nelio Carnegie, Mellon University I turned off my video, uh so I I've got in a sense kind of a scoping question. I heard a number of kind of use cases, some felt very different than the other use cases. So I wasn't clear to me whether one supports the other they're they're kind of parallel. So this kind of made me kind of step back. Is there an MVP, a minimal, viable product? We have and are some of these you know to spin up the MVP.

I

We need it and others are things that we could maybe defer kind of later, and we could get some clarity by focusing on kind of Base things that we work on and then assuming we're successful there. We could do kind of additional work, so I'm not sure.

A

Whether yeah, well, things are separate. Let me add to that before I think you're going to get an answer which is: can we defer the bill of lading problem to or later item.

I

uh That would excite me I mean that certainly is one that did not feel like the others, but I'm not sure how separable things are and it'd be great to have that kind of conversation. Yeah.

O

So the answer is yes, the MVP is pretty much what we did for the hackathon, which was the asset transfer side of things based on the drafts that we have at the moment, so that that's that's code, that's been done so that that would be the MVP by definition. At the moment, okay,.

A

uh Leaf is foreign okay, Gilbert.

R

I I didn't register online uh should I go, but first.

A

uh You can go first, if Gilbert's, okay with it, but.

R

Yes, uh I'm Luke Riley from Quan I just had a couple of points to make about um the trust assumption, because I think there's been a few comments on this and I just wanted to say why I believe it is good to have it so I think some speakers have mentioned that um the Gateway, as we presented, represents previous uh distributed networks and obviously there's been a lot of work on that and proven technology, but now we're moving it into the environments where you know the the networkers will read, write and own.

R

uh And secondly, if you remove the trust assumption, you start to go down a rabbit hole of decentralization and you want to think who is who are we actually going to now trust and there's a famous paper famous to me uh in the DLT interoperability space where there is no complete decentralization, you can ever can never have a complete decentralized network. If I give you analogy for similar reasons to why communism wasn't work as soon as you're, completely decentralized, no one's motivated to do anything.

R

um So lots of people have been trying different ways of experimenting decentralization and if you read the news about blockchain networks, you'll see that lots of the asset transfer protocols have major hacks cost loads of money, big problems. So that's why the two points why I think keeping the trust assumption is a good thing in this protocol.

R

K

Gilbert, thank you. um I'd, just like to just Express a uh I guess an opinion of what I've seen and comparing ITF to when ISO tc307 started. It was less than 10 people who started the initiative in 2015. There was a year worth of uh work up front to to create the technical committee, and it actually started with a group smaller than this, so I'm really excited and surprised that there's so much uh initiative behind what's happening with this potential buff and with what's happening within iitf and I would like to just.

K

You know, cast your minds two three years from now. If you look at the the rate of of tc307 there's over a thousand plus subject matter, experts across seven different working groups across 57 countries working on it. So yes there's a representation of about 65 plus whatever in the room today about 100. But this could lead to something much bigger, because we're here as an engineering task force, is what the ITF is to work on these Solutions together over the next few years and doing it as an RFC is the right way to do it.

K

It's collaborative it's open and you don't have to go through lots of rigor to participate. It's quite a an accelerated way to to bring this engineering work out into Market, which is quite exciting. Thank.

A

You thank you. Yeah I see some nodding heads on that um it to me.

A

It seems that if this works, if this work goes forward, it is likely a lot of this work will be done in interim meetings based on how it's been conducted so far, and it's actually more likely that there'll be monthly interim meanings now uh just for for the people that don't know the ietf process in our meetings do have to be announced so far ahead and they can't be too close to ietf, meaning there's a bunch of rules that you will have to start following. You know other than that. But there is nothing wrong.

A

um I, don't think in the IHF to do things in interim meetings or technically always over the mailing list. I, don't think we found any working groups that head above and then like never had a meeting but still got stuff done, but that doesn't that it couldn't be done so.

A

Okay, any other comments before I will go into other random stuff. I have slides of Charter text. If everybody wants to go back to sleep but I, don't think that's the case. But I will start asking questions soon, but Alyssa.

C

Thanks Alyssa Cooper um I do think it's typical to look at the charter, so I was going to ask you if that was going to happen or not. um I was just looking at it and um there are I guess a couple. Questions well really just one question about this, which is that um it seems to be missing the articulation of the threat model.

C

I, don't know where that would land, but it to me that that seems very important for this work, um because there's a lot of talk about assumptions and there's I understand, there's things being left out of scope um to simplify the problem space, but a lot of the threats are derived from those things being that are out of scope, so um uh I just feel like. That is something that needs needs to be part of.

A

This no I think that is a fantastic point that but I would defer that until you know, a working item to develop that threat model is is if, if I was in charge, which I'm not right, I'm just the buff chair, but that's not something that we would have to have totally isolated today. That oh.

C

No agree I'm just saying like there's Milestones listed, but it's it's yeah.

A

So at least I didn't see it yeah you're right there are, there are milestones and there is not a threat model on that. Milestone I I suspect that the proponents would not be object to adding that to the I'm, seeing lots of knotting heads yeah, okay,.

C

The other thing just to come back on, like who you know who is here to to speak about this. It's to me, it's not I'm, familiar with ISO and uh I, don't think. Actually, comparing to ISO is valuable when you come to the idea, um it's more about like the the types of participants and what their respective roles are in the system. So um you know sometimes you get like all the people who are there who have a particular slant on the problem and that colors the design?

C

um If, if you do have the consumers the asset networks, if they're not there um but they're the ones who are meant to technically be the beneficiaries of this. um But all you get are those who are representing those interests, but not those interests themselves.

C

Then I think that can be a bad situation and I say this as I think the ad who um oversaw the inter-ledger buff that we had some years ago, um which which very much had that problem like um people who had only one uh vested interest who are trying to trying to pitch this um so I, don't think it's about the number of people who show up I. Think it's about um all the entities that are meant to interact in the system being represented in the design process.

A

Okay, thank you leaf.

H

Right um that goes to my point of why um it might be a little bit different now, because we have all of these other efforts in the iitf, where some of those groups are actually present um the software supply chain- people. Yes, it's scoped to software, but it's kind of it I think, there's more um um there's more critical mass in the organization now than there was at the time when, when you were chartering the inter-ledger thing, those were the only people there who was working on similar things, um I think there's a better chance.

A

Thank you, Raymond.

I

uh Romanian Carnegie Mellon University, no hat to finesse. What I was asking earlier about the separability of the use cases in the poll a little bit on what Alyssa was talking about, so I initially was saying MVP, so the question would be typically, you have an MVP. We heard folks are willing to implement that who validates that it's the MVP and that would suggest to me the people that want to adopt it are going to run it or can say yes, indeed, those engineering it you hit the mark for us.

I

So it'd, be you know, I, don't know who that is, but it might be nice to have them here.

A

But also I guess the one way to ask that in the flip side is anybody that doesn't think that the digital asset transfer aspect of the problems statements is should not be the MVP, because I think that's the consensus. Please get in the queue. If you disagree with what I just said,.

S

Hey uh Ori Steele um transmute, um just to because I heard the analogy to some software, the skit working group and the software use cases, um and over the past couple days, there's actually been several ietf uh um groups that exist where they had a very narrowly defined initial Charter and they've built very great generic building blocks and they're talking about a re-chartering process for some of their. You know more extended use cases and so I. You know just saying that you know when we formed um skit.

S

We talked a lot about hardware and and physical supply chain use cases, and we specifically focused on the software supply chain use cases, but the building blocks that we've been designing are with the awareness and engagement from community members. Who are you know, following those other use cases as well and I, think it's very relevant to this and have seen Echoes of that in suit and teeth as well, and if anyone else would like to sort of comment on how how that's gone in those other groups, I think that could be helpful.

S

uh You know for this group thanks, agree.

B

Particularly the the data sharing, what I call the the data extraction thing, because they have the same problem: that if you have a private, you know supply chain and there's somebody outside, and you want to extract information. So yeah.

H

And by the way, this leads to failure of architecture in the IHF when we kind of scope very narrowly in order to kind of get our deliverables in, and then we build gener for for a more much more generic building blocks. And then we tend to duplicate efforts.

A

Q

Yep so um so I have a question first so because it's like 25 years I've not been in a buff meeting. So uh when when, when you create that, do you are you doing some kind of Gap analysis versus other sdos, because I I heard the iso was mentioned, uh but there might be other groups that are working on connected pieces to that and like I, just can't believe that that it would be only here. Is this part of the of the analysis to prepare to prepare a working uh above or.

A

So I'll let Thomas answer that or somebody else yeah.

O

So yes, early on, we looked at uh itu, ISO, IEEE, w3c and a couple of others in terms of what they were doing, but also what level they were working at before we settled on ITF, because it's the it is the interoperability protocol between the gateways and the other, absolutely other other folks are dealing on different layers of the same process to get the whole business process working.

A

When I asked the proponents, why the ietf a month you know or two ago they were overwhelmingly because it is the easiest place for membership to participate in because there's not fees, there's not joining requirements, there's not all the other things and it's an open specification. So it made sense to.

Q

Me, oh, it was not meaning that it was just about the inter sdos coordination. uh So when, when we, let's assume we create the working group, is there liaison statement sent to to other sdos about that.

B

Q

Invite them yeah, it's just a question, because I am another Stu's I'm, just mindful about not duplication of work but as well collaboration. That's.

A

Fair, and so one of the questions we'll ask in a minute is: is the aetf the right place to solve this problem, but I have another question preceding that, but let's just speak. First.

C

Just related point that usually we have in the charter of the other groups that this group will liaise with and this Charter doesn't have any of that. So that's probably something especially if you're going to reuse the terminology for myself, my bad, the previous.

B

Version had a whole bunch.

J

Of Institutions, my bad yeah.

A

Well, no, it's not institutions as other other standards, organizations or things like that.

C

Or I mean other working groups if it sounds like there's going to be coordination with skit or.

A

Whatever um to me, the charter editing needs to happen after we get an agreement that there should be a charter. So there's.

Q

Steps go ahead. Yeah you should say that was the the point behind my question is I was not seeing any any reference to other works. Just yeah.

A

We can do certainly do that and also within stuff within the um the ATF as well. Gilbert.

K

um Just on that point, uh in the European commission we have an annual kind of Standards check-in, so we've got IEEE itu, T, ISO, open source, even commercial entities coming, and they present the work that everyone is doing, especially in this space and that's a way where we can actually check, notes and and understand, what's progressed in different areas and what we shouldn't reinvent, because if it's already been done in one standards, body wire reinvented that that's coming up by the end of the year.

K

So if, if there's an opportunity, we can represent ITF in that Workshop to Showcase what the thinking is in ITF and then also understand what all the other standards. What is it doing at the same time? So.

A

With my IAB hat on, you know, we run, uh we are responsible for the the internet architecture board, that's responsible for reaching out to other standards, organizations where there is overlap, and we need communication to avoid duplication and things like that in agreement. um That is something the AV is, is more than willing to take on if, if this actually brings in new groups that we that the ietf needs to associate with, there's absolutely a path to make that happen. So that's that.

K

The formal Liaisons that can be established exactly yeah.

A

We have a whole process related all right with that. um I am and chairs you not at me if I'm heading the right direction here, but my thinking is, there are two aspects to the discussion today. The first is this: a problem that that needs to be solved, and that is independent of is the IHF the right place to solve it. You know, is it?

A

Do we have the the resources here to do it so I'm gonna ask the first one first, which is and I'm going to constrain it to just the the data asset transfer, so I think the wording I'm going to use is I believe so this is as if you were voting right. I believe that the problem of data asset transfers is a problem that needs to be solved somewhere, so the goal will be. You will raise your hand if you think it's a problem.

A

You know that you understand well enough and that it needs to be solved, and you will you know, click the don't raise your hand. If you actually disagree, you don't think it should ever be solved anywhere. If you're not sure, then you don't touch anything. Does that make sense, John.

A

No, oh, no! No so I'm I need to click on the button, but I don't do it before explaining it, because then we get into a whole debate of I collect at the wrong time.

A

So the poll is open, so anybody that has properly logged into the data tracker and uh you should be able to click, raise or don't raise your hand for the for Dennis make sure we do take down notes once it sort of stops ticking upward.

A

So give it a another 30 seconds or so.

A

A

I think we'll call that good. So for the for the note taker um there are 36 raised hands and two do not raise Tans if the two, the people- that's that said, you know functionally. This is not a problem that should be solved. uh If you want to speak uh now is the time to join the cube.

A

I'm not sure if I'm pronouncing her name right. Oh that was that was a raised hand problem. Okay, do either of the uh two do not raise hands. Probably people want to speak.

A

Okay, uh so the next question I'm going to ask, is this a problem. A digital asset transfer problem is the digital asset.

A

I actually had these written out ahead of time, but I'm changing the wording, of course, based on the discussion today,.

A

So I think the way I'm going to word it is: is the ietf the right place to create the digital asset transfer protocol? So we've agreed that the problem needs to be solved to be able to transfer a digital asset. Is the ietf the right venue to do that so you'd raise your hand if you believe it is the right venue- and it should be done here um with all of our processes for working groups and things like that versus I, actually think it should be done somewhere else.

A

I think there's strong consensus that should be solved. There's a question of is the AHF the right place or you'd rather see it go somewhere else? Don't raise your hand if you don't know.

A

And we do recognize our tools are a little weird, with the do not raise hand button that confuses the heck out of everybody. That's new I am actively not participating. That's that's really what that means.

A

I love seeing people change their minds.

A

Okay, so that is um that is pretty stable to where it was last time. So uh we'll note for the minutes that there are 35 people that raise their hands and three that did not and I'm going to do the same thing as before for the three people that did not raise their hands, meaning you do not think it should be done here. I'd like to hear and I'd love to hear your opinion, um Richard Burns, it looks like you're first in the queue go for it.

F

E

F

um I I did not raise my hand for because that was my manifestation of the concerns that some we were talking about. I think Ecker talked a while about about not having quite the right Community here, where the right connections to the community of folks who would ship this so I'm.

A

Not yet convinced of that, okay, can you before you leave? Can you characterize what you think the right Community is when you said you want the right Community. What would that manifestation? Look like.

F

I, what I would like to be confident of is that you know if we develop something here, we'll actually get usage, um and so you know, I I, think you know by analogy to the MLS case, which I think as I could put it on. The chat was like kind of the best case for a buffer. We had, you know a lot of of operators.

F

um uh You know in the room saying they wanted this, even though it was a future thing.

A

F

Know what I would like to see here is you know, folks who are actually doing these sort of transfers. You know moving assets around saying that you know if a tool like this were available, and it was a standard like it would help them do their business better and they would be actually moving transactions over it.

A

So let me read the wording of the next one and I'll and Eric. You can talk first, of course, but I'm sure the wording of the next question that I think I will do is I am a participant that will actively implement or deploy the results. Is that a fair answer to help you with that question? Would.

F

Be helpful sure.

A

D

Eric go ahead; yeah so I mean I, I, I I. My concerns really think the same ones are terrifically today, but I'll try to sharpen what I would actually like to see yep, which is representatives of the networks of the of the networks that are being gatewayed in the scenario being here, because, like there's, a distinction between I and the person making the Gateway and I'm the people who are operating the networks now there's the people who are operating the networks of here. Okay. So why not? If.

A

D

Are here fantastic if they're, not here, I'm like less happy.

A

All right, so uh would it be satisfactory for me then, to split it into two questions. One is you know, Implement one is Implement and and the other being involved in the networks. Actually, that will make use of it. I need to work on the wording of that, but that's sort of the point.

D

Be clear like I, hear Thomas's point and if, if if what the outcome is, is that we hear from those people in email later that they will appear and we'll even review remotely that'd be great too, like I understand that here, that's fine like but like, but like what I'd like to know. I think that the isg, when they go to provision asks, is our critical mass of those people are willing to hang out and participate in some fashion. That's the question. One question: I'm really interested in.

A

No I think Eric. Your point is a thousand percent valid right that they're. If you build it, they may still not come so we need a protocol that can both be built, and you know people are willing to do the work to build the protocol, but we also need people that are actually going to use it to say you know. This is not something that's just going to be wasting paper. I have an RFC that is only just now.

A

After like 10 years, people are starting to implement it's a very long time, I'm glad that it's finally being implemented, but it was very depressing to me that it went 10 years without a single implementation, and now it's actually going to be used by Major countries, but go.

R

Ahead, I just like to challenge that question, though, because um don't quite understand understand why you need the network people to be present compared to the Gateway people, because asset transfer is an application on top of the network. You don't need those node operators. There.

A

Something I did that question real, quick before you answer Eric, because it's relevant um the ATF does not attract operators. That is a consistent problem that we continually have.

D

Yeah basically, like I, always worry when I'm, when I hear that when I hear that the people that are the only people that I'm talking to are the vendors or the vendors, the alleged product that on this attention design. So that's that's my concern for exactly racing. Wester said.

A

Yeah I mean we have that problem, like everywhere in the ietf, unfortunately, and with some exceptions in the Ops area, it does have a few implementations. So all right so I'm, going to start with the first question of I, am a participant that will actively implement or deploy the results and we'll dive into later. Are you a Gateway, or are you actually part of a network that that'll be second to this other question?

A

So raise your hand if you are actively you know, planning on implementing or deploying the results.

A

Do not raise hand means I, am not going to actively implement or deploy the results, so yeah I know, but it comes ahead. I'm actually more interested in the raised hands right. So I think that the do not raise hands is less valuable in this particular. You know result because it's not like you're actively going to prohibit other people from doing so right Roman. You have a clarific clarifying point.

I

He'll, let the poll finish: okay,.

A

So, as I said, the the raw numbers of actively raising hands seem more interesting and that that um it'll be the number of people that are planning on implementing or deploying um the other. People might be Security Experts here that have nothing no ties to ever actually using the protocol. That doesn't mean they won't help develop it, because it was clear that they're, worse all, right, I think we'll call that good. So there are 12 11., 11, 12 darn it uh 12 people that have indicated they will.

A

You know, actively implement or deploy the results, and then there are 19 that are uh bystanders and participants of observation and protocol developers. So.

I

If possible would be super to unpack the 12 there with I believe tremas's, second or third slide that use the I and D annotation, because I think there were less than 12 on that list. So that means more people are saying: they're going to implement and deploy interesting.

A

I

I mean just practically I'm just trying to understand who are those people if they want to I mean you were the chair, but if they want to come to a mic that would be super if they would tell us or drop it in, can I jabber, or is this double counting? You know we have multiple Representatives, which.

J

Is great right, I.

I

Mean we're doing.

J

An open source simple one at MIT, just client server, not not just the middle bit, yeah yeah I'm. Already there.

A

All right so so Roman I I did not say only one organization. You know one person, favorite organization, May, representative, uh venkat Ramen, uh your first.

M

M

A lot of people who want uh who are running networks they try to instead of going towards the standard body right away, they try to seek out projects that are working on interoperability. So I can give you an example.

M

Last year we solved an interoperability or set of improbability scenarios for the bank of France and Agility, who are trying to implement several asset exchange and as a transfer use cases across their different networks, and these networks are built on different kind of Technologies like hypology, Fabric and God, and so they talked about their experience and the experimental successes in the recent hypology global forum. If anybody is interested, there are recordings available online. So what I'm trying to say is that people first try to it's a stakeholders.

M

People are running networks, first, try to seek out Solutions experiment with them, and then the kind of people who are providing Solutions like like we are doing. We are maintaining the flagship interoperability project under hyperledger time. We are the ones who are participating in the standards activities so that we can take these lessons and make sure that the solutions we providing to those companies are implying with the standards.

A

Yeah, thank you. John.

N

Yeah I'm John robot I'm I'm, the CTO of a team in ey that builds um you know, distributed data sharing, Solutions and blockchain solutions.

N

um That's why I've been participating in this um you'll see in the slide above you know the early on that we were registered as an observer. That's because ey is this enormous organization in getting the approval to say that ey is more than an observer. Would probably take me the next two to three years. Yeah.

A

That's that's always a problem too. So um one last interest question before we. We need to start to begin wrapping up and I want to give the 80s a chance to to give final things, but uh based on Eric's suggestion of wanting to know are there actual operators of asset networks that will use the protocol? That is the next question. So it is. I am an operator of an asset Network that will use the SAT protocol.

A

So raise your hand if you are an operator of a network and I, as I said, we recognize that we don't attract many operators. Please be honest here in terms of you know, you really must be running one of these Networks we're going to ignore the do not raise hands count because it's not relevant.

A

A

A

We've had one or two, but that's a good point.

A

All right so I think we'll call that good there. It looks like there are four uh people that have indicated they actually um run networks, um we've heard from a one or two at least as including some that can't actually say it.

A

Yet uh if any of those four were willing to come to the mic and just explain your particular network, if you're able to we recognize, uh there's legal applications of speaking for your company, that may not be handled yet five, so we'll count it five total for the vote for we're back to four Luke.

A

A

A

Nobody has raised their hands, unfortunately, so I I think one of the things that we should ask Thomas and his crew to do is potentially see if we can actually get real operators to to get to provide a list of people that actually say that they will deploy it. If it's um as I said, we don't attract operators um with that. I think that the the only other questions that I needed to ask were the typical review and edit type questions. Is that sufficient for you guys anything else?

A

Okay, so let's do I am willing to help review documents.

A

Review read, you know, participate in the list, be an active participant, but reviewing documents is the key part, which is why we don't say just show up at the meetings. We need you to actually read the documents and critique so um in interest of time. I'm going to cut this off pretty quickly.

A

All right, let's call that good at at 28, just in the interest of time. I am will help edit an author documents. So this is for editors and authors. We should not have 28 okay, we don't need 28 authors. That is not going to happen, so we need a few. But if you're willing to actually do the active role of editing and authoring a document and taking contributions and texts from people and massaging it into the text, um then I I know we have some people doing that already. So.

A

And there's a bunch of people that say that they will actively oppose editing.

A

I I think we'll call that good, that's 12, which seems actually like too many anyway. So um we'll call that good at this point 80s um we did not get the editing the charter. That does not surprise me. We did get a good couple of good comments um that we will take back and the proponents can add things like uh interoperability liaison ships to other organizations, as well as a security.

A

um uh What's I'm blanking on the right wording, but but looking at this producing a document that talks about the threat model, um so I think that that will be added to the goals. The charter is fairly long, so I didn't think we'd get to it today, um but it would be helpful. It is online. It's on GitHub, one of the slides actually has a reference to it.

A

um So please uh do review it and um I will let the ads have their secret conference and then they can speak.

A

A

One of you has to talk I, don't care which you can even use this microphone. If you want.

P

Okay, um so so clearly, there's a lot of digest here. um I think we will take it back and we will do some some long discussions. um There's it doesn't seem to be like an obvious solution, one way or the other or sorry it doesn't seem to be a very obvious outcome. It's a it's an interesting, complicated problem that we will need to uh think about deeply.

A

One of the things that the the leadership was talking about the other day is that it's not obvious at the end of a buff what the outcome is and and I I need to apologize for the leadership that we don't do that. Well, we take it back, we think about it and it's not at the end of the at a buff. Everybody knows the working group is going to happen or it's been rejected. That's uh there's discussions that happen afterwards and you know. uh That's definitely I think what was happening here as well.

A

So don't take this as a negative sign that or a positive sign for that matter, um because the discussions happen later in the week and in leadership discussions at the aesg in the next. You know couple of weeks.

A

um Unfortunately, what that means for usually people in the room is they leave a little confused and that's just how the process works, but there will be a answer and it will be posted to the SAT mailing list once the 80s have determined where to go from here.

I

Sure, and if we're talking process, it's also worth kind of recognizing that this is just part of the ietf community and buff is an input to the process. But we also use the robust mailing list that we're trying to kind of build to help us reason through that, and we would check any consensus. We would find there as well yep.

A

uh Any I think I won't ask for any additional questions, because we are exactly at time so I ran it perfectly to the line, and that is always the goal. uh Thank you all for participating I actually found it. A fascinating discussion, I see where there's work that needs to be done and where it's actually somewhat decided so um I think there's decent progress here, one way or another. Thank you all for coming.

P

Yeah, and also just want to thank everybody for for putting in this this, you know a lot of time and coming here and efforts, and also especially West for for doing a really good job of being a very objective outside of the process person doing the process guiding without any stake in the game. It's really appreciated.

B

M

H

Q