Interview by S.R.
Tell us a little bit about yourself, your background, how you came into the blockchain space.
Nicolas Reffé, President and founder of Blocs & Compagnie. I hold an MBA and an engineering degree in electrical engineering and applied mathematics. I spent the first half of my career reengineering organizations, implementing lean manufacturing, flattening management structures and improving process visibility. During all this time, I kept active in the design and the analysis of cryptographic primitives and protocols, as a leisure. From 2006 on, I created my own company and started working full time on an IoT based secure traceability project for critical aerospace and defense process traceability. We developed a low footprint security protocol implemented on an RFID ASIC, in partnership with EPFL in Lausanne. It was not called Blockchain yet, but involved cryptographic chaining of data blocks, signature and consensus upon logistics and maintenance traceability data, accessible in a distributed and hostile environment. By 2017, I started Blocs & Compagnie, focusing specifically on business process automation, targeting insurances and banks. We were not happy with the existing Blockchain frameworks and decided to build our own, based on an innovative graph approach : Coneix.io. It is not suited for digital asset transfers, but was designed from the groundup to propose a shared, distributed and trusted environment for business process automation between multiple actors.
Your project has been incubated by Swave, can you tell us more about this incubator and the kind of projects generally admitted into it?
"Swave" is the Fintech and Insurtech incubator of Paris & Co, the largest startup incubator in Paris. Paris & Co hosts multiple thematic incubators - circular economy, sports, smart food...throughout Paris. We are part of the first Swave batch, which started in January 2018. We have been selected by the program sponsors - insurances, banks, and institutional partners, based on our technical innovation and business potential.
Who are the other notable members of the project team?
I started the company with Franz, our CTO. My background is in cryptography, security implementation and trusted architectures. Franz's background is in Cloud, scalable and service oriented architectures. We are very complementary, each of us with 15 to 20 years of technical experience, and a solid entrepreuneurial background.
As far as I understand it, the Coneix.io project primarily involves selling to banks and insurance companies a software solution that would allow them to build permissioned blockchains to handle their back office operations. Is my understanding correct?
You are right. We provide a shared and trusted automation environment where insurances and banks place their products workflows in production - subscription, contract and compensation. Internal and external users then connect to this service which fully automates the process, providing the ecosystem with an automated back-office with shared visibility and benefits:
- For Banks and Insurances - reduced back-office costs, increased capacity and reduced file handling time
- Easy integration of products into external platforms (e-commerce) and internal Information Systems, and simplified exchanges between parties (reporting, billing)
- For users - fluid experience, hassle-free and fast processing
Could you explain it somewhat more precisely what operations your product would allow clients to automate, and why there is a pressing need to automate those operations?
We automate the complete contract management process - subscription, contract emission, contract execution, user compensation. The market is moving quickly towards user oriented, short cycle products for contextual needs : pinpoint financing, cancellation insurances for ticketing or travel, usage-based insurance for goods... These products are generated in high volume, at very low-margin and the classical back-office way of handling them is no longer appropriate. Nevertheless, classical RPA tools are not suited: Contract management and compensation require a trusted environment providing shared traceability and immutable proofs of proper contract execution.
Will clients be able to overrun the software in certain cases?
Yes, our solution can deal with fully automated flows, but also side human exchanges, for marginal cases not handled automatically, still providing trust for the overall process.
Can you tell us why you chose permissioned blockchain approach to this problem instead of, say, building a dApp on top of Ethereum, for example?
Blockchain was introduced as a disintermediated solution for digital asset transfer. This is a simplistic vision. Blockchain is a digital trust solution, allowing to conduct complete digital transactions between peers, automatically and without unnecessary intermediaries. I prefer "without unnecessary intermediaries" rather than "without any intermediaries", because running business transactions without a deterministic governance, or business rules, and without litigation management does not make sense for many industries.
A typical transaction involves :
1) Exchanging information in order to establish a contract
2) Executing a contract by verifying that all clauses are satisfied
3) Processing property exchanges - services or products vs. monetary value
We focus on the full contract management (1 & 2) and emitting a compensation order, but we do not manage the value transfer on our Blockchain.
Our keywords are distributed trust and automation.
Our customers buy productivity, capacity, process visibility and fluidity.
For that purpose, we have developed a dedicated Blockchain framework, Coneix.io, because:
- Business process and contracts run like graphs, they are not linear. Therefore Coneix.io is a graph-based Blockchain running graph-based smart contracts. A block may have multiple predecessors and successors. Workflows and contracts are described under a trusted graph format. This provides us with an extremely effective way to map process and contracts, while insuring flawless implementations from a vulnerability standpoint.
- Blockchain is complex to parametrize and operate. Coneix.io is trivial to integrate, parametrize and operate and do not require specific training.
- The Graph nature of Coneix.io provides excellent transaction handling capacities, along with asynchronous properties : nodes may work offline without any synchronization problems when reconnecting.
- Finally, compliance is key for banks and insurances, and Coneix.io is the first Blockchain framework compatible with the eIDAS regulation, by design.
I do believe in the disruptive potential of public Blockchains. In the long term. In the meantime, our customers need some sort of governance, managed by an ecosystem, when moving an existing business or parts of it to the Blockchain.
This is an open and ongoing debate. Public and private Blockchain do not target the same type of applications. Private Blockchain make sense for defined ecosystems looking for better business efficiency through shared and trusted process visibility and automation.
Public Blockchain are clearly "full disintermediation oriented", but few industries are ready for it today. In my opinion, what is confusing is that despite this ambitious statement, public Blockchains are not disintermediated: there is a clear bias introduced by the tech community, and there is a form of governance, highly technical, with its own emblematic figures, leading to confusion... the challenge will be to involve users in the orientations decision process. Not an easy task.
You are probably aware that there are quite a few permissioned blockchain frameworks on the market such as Hyperledger, Corda, PoA Network, Parity Substrate, Enteprise Ethereum, etc. Why do your think your proper permissioned blockchain solution is superior to them for the back office use case? What are the key innovations you think you are introducing?
- Graph-based Bockchain - Business process, contracts, efficient data management are all graph-based. Think of it !
- Simplicity - Blockchain will be adopted by people who can actually use it. So far, this adoption is limited to the Blockchain community only.
- Compliance - industries, especially the payment industry, and governments have spent 30 years coming up with good practices in terms of security implementations and digital identity management. It is a mistake to disregard this know-how and expertise.
How do nodes in your permissioned blockchain framework achieve consensus? Do you use proof of authority or some other mechanism?
We manage data, process and decisions only, therefore we do not face the "replay" constraints adressed by digital asset transfers consensus. We use a Proof of Process consensus, highly scalable, efficient, and adapted to the graph nature of Coneix.io.
Is there something analogous to Ethereum’s smart contracts in your framework? If yes, in what language are they written?
We have developed our own graph-based smart contracts, where a contract or program is transformed in a decision graph, based on open-source standards. This leads to very simple programming and robustness to attacks.
You mention that your product is compliant with the relevant regulatory requirements. Could you briefly explain what kind of requirements you are talking about and how has the compliance been verified?
We have integrated the eIDAS regulation by design into Coneix.io. eIDAS states how to generate certificates, associate them to physical or moral entities and how to properly implement signature schemes. The Blockchain security mostly relies onto digital identity management, certificate and signature forgery being the main threat.
eIDAS solutions are audited and certified by independent auditors, accredited by national security agencies.
Has your software passed independent security audits?
Our eIDAS certification is underway.
Tell us about the current state of your project. Do you already have a functioning product? Are there potential clients who expressed interest in using it?
Coneix.io is live since 09/2018. We are now working on the eIDAS certification and the design of toolboxes to allow our customers to place by themselves their process workflow and smart contracts into production. We have ongoing projects with two insurance companies, two banks and Telco operators.
Is your project currently primarily focused on French business clients or is it broader?
We focus on the french market first, we have ongoing discussions with german companies, our entry point to Europe. Our roadmap will include north america in a near future.
Are you aware of any competition with regard to your particular use case?
Lots of Blockchain companies are targeting the insurance market by providing their own insurance contracts backed by public Blockchain. We are proposing a shared trusted automation space to existing insurance companies to push their insurance products. The approach is different.
Interview by S.R.
Tell us a little bit about yourself, your background, how you came into the blockchain space.
Nicolas Reffé, President and founder of Blocs & Compagnie. I hold an MBA and an engineering degree in electrical engineering and applied mathematics. I spent the first half of my career reengineering organizations, implementing lean manufacturing, flattening management structures and improving process visibility. During all this time, I kept active in the design and the analysis of cryptographic primitives and protocols, as a leisure. From 2006 on, I created my own company and started working full time on an IoT based secure traceability project for critical aerospace and defense process traceability. We developed a low footprint security protocol implemented on an RFID ASIC, in partnership with EPFL in Lausanne. It was not called Blockchain yet, but involved cryptographic chaining of data blocks, signature and consensus upon logistics and maintenance traceability data, accessible in a distributed and hostile environment. By 2017, I started Blocs & Compagnie, focusing specifically on business process automation, targeting insurances and banks. We were not happy with the existing Blockchain frameworks and decided to build our own, based on an innovative graph approach : Coneix.io. It is not suited for digital asset transfers, but was designed from the groundup to propose a shared, distributed and trusted environment for business process automation between multiple actors.
Your project has been incubated by Swave, can you tell us more about this incubator and the kind of projects generally admitted into it?
"Swave" is the Fintech and Insurtech incubator of Paris & Co, the largest startup incubator in Paris. Paris & Co hosts multiple thematic incubators - circular economy, sports, smart food...throughout Paris. We are part of the first Swave batch, which started in January 2018. We have been selected by the program sponsors - insurances, banks, and institutional partners, based on our technical innovation and business potential.
Who are the other notable members of the project team?
I started the company with Franz, our CTO. My background is in cryptography, security implementation and trusted architectures. Franz's background is in Cloud, scalable and service oriented architectures. We are very complementary, each of us with 15 to 20 years of technical experience, and a solid entrepreuneurial background.
As far as I understand it, the Coneix.io project primarily involves selling to banks and insurance companies a software solution that would allow them to build permissioned blockchains to handle their back office operations. Is my understanding correct?
You are right. We provide a shared and trusted automation environment where insurances and banks place their products workflows in production - subscription, contract and compensation. Internal and external users then connect to this service which fully automates the process, providing the ecosystem with an automated back-office with shared visibility and benefits:
- For Banks and Insurances - reduced back-office costs, increased capacity and reduced file handling time
- Easy integration of products into external platforms (e-commerce) and internal Information Systems, and simplified exchanges between parties (reporting, billing)
- For users - fluid experience, hassle-free and fast processing
Could you explain it somewhat more precisely what operations your product would allow clients to automate, and why there is a pressing need to automate those operations?
We automate the complete contract management process - subscription, contract emission, contract execution, user compensation. The market is moving quickly towards user oriented, short cycle products for contextual needs : pinpoint financing, cancellation insurances for ticketing or travel, usage-based insurance for goods... These products are generated in high volume, at very low-margin and the classical back-office way of handling them is no longer appropriate. Nevertheless, classical RPA tools are not suited: Contract management and compensation require a trusted environment providing shared traceability and immutable proofs of proper contract execution.
Will clients be able to overrun the software in certain cases?
Yes, our solution can deal with fully automated flows, but also side human exchanges, for marginal cases not handled automatically, still providing trust for the overall process.
Can you tell us why you chose permissioned blockchain approach to this problem instead of, say, building a dApp on top of Ethereum, for example?
Blockchain was introduced as a disintermediated solution for digital asset transfer. This is a simplistic vision. Blockchain is a digital trust solution, allowing to conduct complete digital transactions between peers, automatically and without unnecessary intermediaries. I prefer "without unnecessary intermediaries" rather than "without any intermediaries", because running business transactions without a deterministic governance, or business rules, and without litigation management does not make sense for many industries.
A typical transaction involves :
1) Exchanging information in order to establish a contract
2) Executing a contract by verifying that all clauses are satisfied
3) Processing property exchanges - services or products vs. monetary value
We focus on the full contract management (1 & 2) and emitting a compensation order, but we do not manage the value transfer on our Blockchain.
Our keywords are distributed trust and automation.
Our customers buy productivity, capacity, process visibility and fluidity.
For that purpose, we have developed a dedicated Blockchain framework, Coneix.io, because:
- Business process and contracts run like graphs, they are not linear. Therefore Coneix.io is a graph-based Blockchain running graph-based smart contracts. A block may have multiple predecessors and successors. Workflows and contracts are described under a trusted graph format. This provides us with an extremely effective way to map process and contracts, while insuring flawless implementations from a vulnerability standpoint.
- Blockchain is complex to parametrize and operate. Coneix.io is trivial to integrate, parametrize and operate and do not require specific training.
- The Graph nature of Coneix.io provides excellent transaction handling capacities, along with asynchronous properties : nodes may work offline without any synchronization problems when reconnecting.
- Finally, compliance is key for banks and insurances, and Coneix.io is the first Blockchain framework compatible with the eIDAS regulation, by design.
I do believe in the disruptive potential of public Blockchains. In the long term. In the meantime, our customers need some sort of governance, managed by an ecosystem, when moving an existing business or parts of it to the Blockchain.
This is an open and ongoing debate. Public and private Blockchain do not target the same type of applications. Private Blockchain make sense for defined ecosystems looking for better business efficiency through shared and trusted process visibility and automation.
Public Blockchain are clearly "full disintermediation oriented", but few industries are ready for it today. In my opinion, what is confusing is that despite this ambitious statement, public Blockchains are not disintermediated: there is a clear bias introduced by the tech community, and there is a form of governance, highly technical, with its own emblematic figures, leading to confusion... the challenge will be to involve users in the orientations decision process. Not an easy task.