xGov#200 - Biatec Identity

Please comment on xGov#200 - Biatec Identity by scholtz · Pull Request #200 · algorandfoundation/xGov · GitHub

We will build identity solution where users can pair their algorand account, verify their identity and use more services on algorand blockchain.

MiCA and other EU regulations requires independent entity to verify the identity of users, even self custody accounts.

Algorand dApps will be able to verify, if specific account is not terrorist nor its thief who steals algorand assets from other algorand users.

We will also create the activity ranking system, so that more active algorand users can receive for example better prices at dex swaps.

Who will the KYC exactly?

Anyone who will want to be KYCed…

Some Biatec CLAMM LP pools will be deployed with required verification level 2, which means that anyone’s account who will want to execute trades there must be linked to verified profile.

This will make the algorand DeFi trading secure because people does not have to be afraid that they will receive stolen algos or they fund the terrorists.

Some pools will have verification level 4 required so that only regulated institutions will be trading between each other.

Anyone can use this info in their smart contracts if they want to be on the safe side with the MiCA regulation or other regulations.

Let me rephrase as a word was missing in my sentence: How will you do the KYC? Who gets the info and verifies it?

We will run the business of verifying the identities.

Ok and why should anyone trust you? That’s an odd decision imo

I think this proposal needs to be improved a lot. There is no mention of what data would be stored or how it would be stored. I do not think anyone would want passport.jpg to lie unencrypted on a server, databreaches happen often and details around that have to be included in the proposal. I also wonder how you will identify “terrorists and theives” as this is what you say your solution will do.

Either way I dont think its enough to put a spec for a single json object of data in a proposal along with a few sentences of wishy washy text filled with weird promises. A solution like this needs a serious team, and a proposal for KYC in xgov should be a lot more though out.

hi @lobo and @Swaggelwander ,

thanks for raising your concerns

I did run the regulated commodity exchange for more then 10 years and have enough experience in collecting and processing the users kyc data and communicating with government. I was also one of the developers of the portu.cz product where the biggest investment bank in czech republic (Wood&Co) decided to do retail product and we developed the KYC verification processes.

In the proposal is clearly stated that the personal data will be stored in the secure offchain decentralized storage, so that if someone hacks one specific server he will not have access to the data. The solution will be open source, and everybody can audit the secure storage process which will be in place.

Can i please kindly ask you to refrain from humiliating Biatec group team or products please?

None of this was included in the proposal, maybe it should be? This is exactly why I said that your proposal is quite thin, clearly there are positives wrt your team that should be included there in the actual proposal.

In the proposal is clearly stated that the personal data will be stored in the secure offchain decentralized storage, so that if someone hacks one specific server he will not have access to the data.

I think this has to be expanded on. Currently the only information xgovs have to go on when voting for this project (with respect to security of their personal data) is two sentences:

We will develop secure offchain decentralized storage.


All personal data will be stored offchain.

Maybe describe some more about how you will make sure this is actually secure, because loads of hacks happen and data is leaked all the time, and I know for one that I would really dislike if someone could easily connect my personal identity to my crypto currency holdings as that severly increases the risk of stuff like 5$ wrench attacks…

Can i please kindly ask you to refrain from humiliating Biatec group team or products please?


1 Like

How does that proposal benefit me? What are the “more services” i can use when i verify my identity with Biatec?

You already have an open clAMM proposal that needs its first milestone completed. Based on this comment from @Adri, it would seem that the xGov rules do not permit this proposal at this time. xGov 202: Pact Stableswap Retroactive Grant - #14 by Adri

@scholtz just requested payment for previous milestone last week on github

Smart contract delivery: https://github.com/scholtz/BiatecCLAMM/
DEX: https://github.com/scholtz/BiatecDEX
Web: https://dex.biatec.io/
Group page: https://www.biatec.io/

ClAMM will be integrated into the Biatec DEX.

Might be a good idea @sholtz to mention on the grant proposal that this is a follow up milestone for proposal xGov-80.

Are you saying this is connected to xGov80? Seems like it’s an entirely different project not contained within any of the xGov80 milestones.

Or, are you saying that all milestones for xGov80 have been met and therefore new proposals can be submitted?

Any future dApp that will want to deal with AML check can use this service, and thus more apps will be usable to users of the Biatec identity then others. At the moment biatec CLAMM smart contracts is integrated to this solution as 1) the AML check can prevent blocked users interacting with the AMM, 2) the engagement levels directly influence the trading fees. Without the frontend and management of this identity contract all fees are little higher, which benefits the liquidity providers. Users of the identity service will have lower trading fees and ecosystem will be more clean of gray economy.

Even though CLAMM is connected to this project, the identity service is self governed project which is not dependant on CLAMM. More dApps can use the service.
Also the milestone 2 of the ClAMM has been reached and smart contract has been delivered. Within this delivery also the identity smart contract (which was not originally planned) has been delivered, and this grant request proposal is basicall the frontend management and offchain secure data storage solution for this identity smart contract.

The proposed accepted milestones in xgov80 : 1 and 2) has been delivered. The third milestone was not approved in the last voting session, and i cannot propose more than 2 proposals in this voting session.
The identity service is basically not related to xgov80, only that the clamm uses identity service such as anybody else on the blockchain can use it.

My understanding is that the third milestone funding was rejected because the prior milestones hadn’t been delivered yet. I wish you would have resubmitted milestone 3 rather than proposing a new project. But it is what it is.

While I recognize that there will be a need for KYC verifiers under MiCA, I’m concerned you are biting off more than you can chew. Are there not other, larger entities tackling this issue in an industry wide way?

It seems like to run a competent KYC verifier one would need to do this at scale. For instance, one of the data points you have listed is in person verification of Govt ID. That’s only possible if you are operating with physical offices in many jurisdictions. That requires a lot of capital up front, and is certainly not something that could be supported by the needs of just Algorand users.

We already have dApps on Algorand that integrate KYC procedures utilizing existing providers. For instance, AlgoMint previously required KYC, and Stasis has KYC to get EURS. Why is that not sufficient?

Yes, even with asa.gold we have option to register your personal data, mainly so that person can request the delivery of physical gold coin to his address.

None of the services you mentioned provide KYC services to third party, so technically we cannot use it. And it is not just about collecting the KYC data, the main thing is pairing the unique person id with the algorand address onchain, so that everybody can see that the algorand address is legit.

I would love to use this type of service if it existed.

What do you mean? Are you saying that there are currently no methods for Stasis to operate in a MiCA compliant way? If you aren’t, then what need is this addressing that is not currently met?

I’m struggling to see what this proposal adds compared to existing providers or how this would scale without significant capital contributions and a crypto-wide focus rather than just Algo.

No, what i meant to say is that stasis is providing KYC service for their own project only. The same as AlgoMint. They do not provide identity services to third party.

Biatec identity is solution where third party can use the service to ensure MiCA & AML requirements. And btw its going to be open source, so other projects can use it for themselves if they want to.