How XSL Labs Builds Go-To Ecosystem for Decentralized Identity Management

Modern blockchains, with their attack resistance, full decentralization and unparalleled computational capacities, provide amazing opportunities for data management. Meanwhile, the segment still lacks one-stop infrastructure solutions for enterprises and individuals interested in switching from traditional centralized data management systems to blockchain-based ones.

XSL Labs, a France-based software development incubator, is focused on building dApps infrastructure to allow people and businesses to regain control over their data. The time has come to dive deeply into a smart-contracts-oriented approach to data protection systems.

Decentralized approach to sensitive data management: View from 2021

The first attempts to "decentralize" data management were unveiled in the pre-blockchain era. In 2005, Houda Lamehamedi of Troy University in New York published a thesis to introduce the concept of "data grids" that can exchange data in distributed networks and decentralized applications.

In the 2010s, several cloud computation moguls, e.g. Amazon Web Services, attempted to implement decentralized data storage models. The "microservices" concept for AWS addressed the replacement of traditional SQL server mechanisms with distributed logics.

At the same time, all of these attempts were either "too centralized" (as in the case of AWS, as its administration controls the entire data storage mechanism) or too sophisticated for mass adoption. Thus, the market demands an all-in-one, tokenized, peer-to-peer, tamper-proof blockchain-based data management system. This, in turn, faces one obvious burden: regulation.

Blockchain products and GDPR

Implemented in 2018, the General Data Protection Regulation (EU GDPR 2016/79) is the most advanced—yet the most draconian—regulatory framework for personal data management. It is designed to provide clear and simplified "game rules" for all processors of citizens' data.

In a nutshell, it requires companies to take all personal data issues very seriously. No data should be processed without notifying the client. All information about this or that client must be disclosed to him/her on his/her request. All data breaches should be disclosed to supervisory bodies within 72 hours: all violators are subject to severe punishment (up to €20 million or up to four percent of the annual worldwide turnover).

According to the latest EU documents, in many cases, blockchain-based systems simply cannot be compliant with GDPR requirements:

There is significant tension between the very nature of blockchain technology and the overall structure of the General Data Protection Regulation.

Thus, building GDPR-compliant decentralized data storage systems is really sought after by the cryptocurrencies market in 2021.

Decentralized identity management with XSL

XSL Labs releases an ecosystem build around SYL token. It will include a decentralized application store focused on privacy-first data management, identity solutions instruments and a cross-blockchain interoperable application that enables the utilization of fully protected data.

Why is it better?

Compared to centralized data management instruments, XSL systems allows for the elimination of third-party control over both the data gathering and its manner of further utilization. Once users' data is put into the blockchain through the mediation of XSL's tools, no one is able to somehow counterfeit, delete or hijack it.

Compared to existing blockchain-based systems, XSL strives to achieve full regulatory compliance. Thus, businesses across the jurisdictions subject to GDPR and similar laws (EEA, Chile, Japan, Brazil, South Korea, Argentina, Kenya and so on) may rely on these products without risking being accused of data fraud.

XSL: a family of decentralized data management solutions under one umbrella

XSL ecosystem includes a Decentralized Identifier, the SDI, which is a set of encrypted personal data; SYL Library, a store of decentralized applications (dApps) and related extensions; and ONE, a distributed application for SDI management that works with SYL tokens.

SYL token will go live on XSL's native blockchain Pulsar. Meanwhile, the company will initially launch it on Binance Smart Chain as BEP-20 token. It will allow early-stage customers to receive them in a familiar manner and ensure the reliability of the system in its nascent stages.

Additionally, the system will harness Flare (FLR), the much-anticipated "utility fork of XRP Ledger." Actually, it is a new-gen programmatic blockchain with EVM-compatible smart contracts. Turing-complete Flare will be built on the Avalanche consensus and BFT technology. Following a massive Spark (FLR) airdrop for XRP holders, this blockchain (mainnet expected in May 2021) will involve the entire "XRP Army" in its operations.

SYL token will have the maximum supply of 10,000,000,000 tokens: this number is hard-coded and is not subject to change. Up to 70 percent of SYL tokens will be distributed through its initial coin offering (ICO). Thirty percent of tokens will remain in the project’s escrow.

SDI, user-managed data sets with blockchain-grade privacy

SDI represents the collection of user-generated data. The cryptographic keys to access it are only available to an SDI creator. Then, he/she is able to share the data from SDI with third parties: KYC service providers and service issuers like banks, public institutions and certification authorities. The integrity of data in SDI is ensured by a specific hash.

Technically, SDI will be created by a smart contract. By default, the SDI lifespan will not exceed 30 days while the owners of non-zero SYL wallets might expand it to infinity. The manner of SDI creation and destruction is fully compliant with GDPR requirements.

SDI will have two levels of verification. With the basic one, which actually only confirms that the SDI creator is not a robot to prevent the network from spam entries, only limited services are available. By contrast, the KYC procedure with national ID allows SYL holders to use the full range of XSL services without limitations.

SDI sets will be interoperable with other Web3 systems, so they can act as a "one-for-all" identification solution.

ONE, the first application of the XSL ecosystem

ONE can be described as an "entry point" into the entire XSL ecosystem. From the user point of view, it is a front-end solution for multiple privacy-focused tools. With ONE, a user can create "private space," manage his/her SDIs, send and receive money from encrypted wallets and so on.

All these services will be connected without sharing personal data, so it will significantly reduce the user's exposure to data harvesting. To control the integrity of his/her processes with SDI, ONE will provide users with their full history of activity in XSL-based systems.

XSL team supposes that ONE will have plenty of real-world use cases, including job search services, private messaging in chats or forums and privacy-focused social networks. At the end of the day, ONE will significantly reduce the "digital footprint" of its clients.

Three functions of ONE will include personal data protection, scalability/adaptability (the flexible nature of the service will allow it to easily adjust for potential use cases) and interoperability with numerous systems of various types as well as the usefulness of its in-app wallet.

SYL Library: customizing identity policy with new-gen dApps

SYL Library will act as a decentralized privacy-focused marketplace. All applications there will be reviewed in accordance with GDPR rules. Its logics will resemble those of the AppStore and Google Play, leading online stores.

Meanwhile, its users will enjoy a more robust and transparent manner of monetization. Creators of dApps will be able to customize the "store commission" required for the sustainability of the XSL ecosystem. Its "entry threshold" will be as low as 0.01%.

To ensure the truly decentralized nature of dApps featured in SYL Library, its team will require every user to have its active node or network. This will be checked automatically and violators will be unable to have their dApps published by SYL Library.

All services in SYL Library will be verified by SDI as collateral for its team's fair behavior regarding the rules of network interaction. Thus, SDI will be used to protect all customers of SYL Library.

Bottom line

1. The applicability of blockchain systems in decentralized data management remains an unsolved question in many jurisdictions subject to GDPR, its derivatives and similar laws. Meanwhile, due to its trust-free, attack-resistant and tamper-proof essence, blockchain provides data storage systems with a number of unparalleled opportunities.
2. XSL Labs is focused on building the first-ever GDPR-compliant blockchain-based ecosystem for data protection. Its inaugural iterations will harness Flare and Ethereum blockchains before switching to native platform Pulsar. The core utility asset of XSL is dubbed SYL; 70 percent of its supply will be distributed in ICO.
3. SDI is a Digital Identifier (DID), an encrypted multi-purpose data set by XSL. Its data is exclusively accessible to the SDI owner, so it is he or she who decides with whom to share this data.
4. ONE is an end-user application that allows for the application of SDI sets to real-world use cases. In a nutshell, it simplifies the privacy experience acting as an "out-of-the-box" personal data management solution.
5. SYL Library is a decentralized marketplace for privacy-focused dApps. It adheres to the fair distribution of value between marketplace teams and dApps producers. All applications in SYL library will be 100 percent GDPR-compliant.