ICO Pass ICO details
Start Date: 2018-5-8
End date: 2018-6-8
- Site: ICO Pass site
- Twitter: https://twitter.com/icopassid
- Facebook: https://www.facebook.com/icopassid/
- Github: http://github.com/icopass
- Reddit: http://www.reddit.com/r/icopass
- Bitcointalk: https://bitcointalk.org/index.php?topic=2854220
- Medium: https://medium.com/icopass
- Telegram: https://t.me/joinchat/Fc2D7BEPyFu2XQbTXvmQ2A
ICO Pass – Easiest way to do KYC checks
ICO Pass is a suite of tools for the gathering, verification and exchange of know-your-customer (KYC) information.
The target audience are tokensale organizers on the Ethereum blockchain.
For each contributor, ICO Pass gathers:
- full name
- date of birth
- mobile phone number
- nationality and country of residence
- address of residency
- photo of ID document
- photo of person.
This information is verified against multiple backing providers (initial version uses Onfido), then it is signed with an ICO Pass key (0x612fadf295ce8bbbcf83ecd5dc2832b5ace583e3), encrypted against the public crowdsale address, and published to IPFS.
For tokensale organizers, ICO Pass provides smart contracts with modifiers to verify sender address on time of payment, and a web-application to access and manage the gathered KYC information. No sign-up or up-front work is required.
For contributors, ICO Pass publishes a mobile application, which facilitates the gathering of KYC information. Contributors will prove their address ownership via small token ethereum transfers, which will be refunded (minus the network fees).
While legally KYC checks are increasingly more important, there are many ICO organizers that choose the path of the least resistance (and don’t gather KYC information at all). So one of the end goals of ICO Pass is to enable KYC verification as easily as possible for the ICO organizers.
Additionally, KYC verification does not guarantee that the ICO organizer will be able to get in touch with the contributor. Should a bank, or a regulatory agency ask for more information regarding a specific contributor, ICO Pass aims to have a way to allow ICO organizers to get in touch with the contributor.
Even with contact information and KYC information available, there is the matter of tooling. There are no KYC management systems that can interact with blockchain-based data. Also, different ICOs use different smart contracts to manage their crowdsale. Often crowd sale contracts are audited, and may not be easily changed.
Working back from these assumptions, we have decided on a few design goals:
— payments from non-eligible addresses should be refused at the smart contract level. This will reduce the amount of work required afterwards to refund non-eligible contributors
— enabling contributor verification should be simple – ideally with no more than just a Solidity function modifier. This should ease auditing constraints.
— additionally, a proxy contract can be deployed to forward only verified funds.However, since an audited crowdsale would have to audit the whole setup, thena proxy contract does not offer significant advantages over a Solidity function modifier.
To satisfy these constraints, the KYC data needs to be queryable from Ethereum. On the blockchain, ICO Pass consists of a suite of contracts, which facilitate:
— proving ethereum address ownership to a verifier;
— a claim registry, where subject addresses can be matched to data (signed by a given verifier);
Initially ICO organizers who would adopt the ICO Pass, would have to trust the ICO Pass verification key signatures – because there would be no other verifiers.
However, in theory, new verifiers could appear and submit information about ethereum addresses.
Additionally, ICO Pass provides a few non-blockchain services as well:
— a mobile application for gathering information (including contributor photos);
— a webservice for interacting with the mobile application, and signing the KYC information gathered with the ICO Pass mobile application.
The mobile application will be open-sourced after the ICO Pass crowdsale. At no point will it ask for private keys from the end-user.
The webservice, which performs KYC verification and submits signed information to the blockchain, will not be made open-source initially.
Since storing data in the blockchain is expensive, most of the data would have to be stored elsewhere. The blockchain-based registry will store only a value, which can be:
— nationality index as an integer value
— short text strings for public entity identification
— URLs to encrypted content of personal information
— additional Ethereum addresses, e.g. for address linking:
What about non-Ethereum funds?
Formally, ICO Pass only supports Ethereum addresses. However, cryptocurrencies that use the same elliptic curve for its user keys should be verifiable as well.
ICO Pass currently does not support smart contracts for contributor verification on non-Ethereum platforms. It has not been tested with Counterparty.
In a matter of minutes ICO Pass verifies authenticity of person’s ID documents, does a face-matching, checks Sanction lists and the country of origin & residency.
All data is encrypted and without the consent from person, it is not possible to have access to it.
As KYC process is automated and accurate, it is possible to significantly reduce costs. Moreover, once a person is identified – they can re-use the identity for several ICOs.