IOHK | WHY WE ARE BUILDING CARDANO | 06/28/2017    We have already deployed an address structure that contains an attribute field. It is currently being used to store an encrypted copy of HD wallet trees structure for fast wallet recovery (see HD Wallet documentation). Later versions will generalize this construction. Authentication and Compliance Closely connected to transactions are the topics of the right to make transactions and the ownership of funds. For example, while there might be sufficient funds to buy something (for example alcohol), there could be restrictions on its purchase (age requirements). Ownership and origin of funds are typically providence of know your customer regulations. When a money service business like a bank or exchange opens an account for a new customer, it is usually required to collect basic facts about the customer and where he acquired his funds from. The technological challenge is that in the process of submitting this legally required information, the user sending it has no guarantee how it will be used, stored and if it will ever be destroyed. Compliance information is commercially valuable. It could be stolen for identity theft or resold where regulations permit. For Cardano, we want to innovate as much as possible. On the software side of protocols, there is little to provide a guarantee that the receiver of compliance information will behave within a scope of conduct. However, on the hardware side of protocols, using trusted hardware, one can leverage Intel SGX and other HSMs to enforce certain policies. Thus we are exploring using Sealed Glass Proofs alongside a sharing policy to permit the safe transmission of compliance information to a verifier who in turn is forced to comply with the policies it was transmitted under. We believe that both uniform standards could emerge and also that this method will reduce risk to verifiers by preventing the loss of customer data from hackers. As a corollary to this effort, the layered model we propose for Cardano separating value from computation also can benefit from this approach. If the computation layer is run by regulated entities (say exchanges or casinos), then they would need to conduct compliance checks and potentially enforce tax policy on users. Using SGPs, the user can send funds alongside personally identifiable information without concern that it will leak into the broader internet or be preserved by the consensus nodes of the WHY WE ARE BUILDING CARDANO  Creative Commons Attribution 4.0 International License Page 38 of 44