eCora
Secure Transaction Processing
using Data Centric Security
Secure Application Stack
for Software Development
Programmable Money Platform
for CBDC and Stablecoin
Programmable Money Features
Multi and Tiered Ledgers
Multiple independent ledgers can be created and linked in tiers.
They can be defined as account or token (either NFT or FT) based.
They can be used for currencies, tokens, DvP, or PvP, and gross
settlement can be done across them.
Each ledger defines privacy policies and these are
automatically enforced by the platform. Privacy can be from totally public
to semi private to totally private.
Governance Domains
A set of independent and tiered ledgers are part of a Governance
Domain which specifies the rules, contracts and policies for the ledgers
in that domain. 
These rules are specified at domain level and further refined at ledger level.
Domains are independent and owned by a single organisation or a consortium. 
Transactions can occur across domains so a consortium domain can settle to a CBDC domain.
There is no global domain overseer that can impose global rules
on all the domains.
Custody and Delegation
Customers can engage a custodian to do transactions on their behalf and to provide other services.
However, in today's world, a custodian may not
actually provide the full service themselves, and may outsource to
other service providers.
We track all these levels and can check whether a
person or device many outsourcing levels away is allowed to execute a
function on behalf of a customer.
Secure Private Wallets
Wallets, key management and wallet recovery are provided.  Wallets can be
anonymous (bearer), private where only a custodian knows the owner's identity, or totally private
where the owner is a regulated entity. These wallets are capable of working online, offline, or ledgerless.
Governance policies can define the privacy of records where fields can be defined as public, encrypted or hashed.
It can also specify any compliance requirements such as KYC/B where a wallet can only be issued
if there is a valid KYC/B attribute on a SSI user record.
Technology Features
Programmable Secure Stack
We use a secure stack that runs across all platforms from IoT upwards.
Our full stack contains the secure element code, key management, smart contracts, edge processing,
blockchain immutability, custody, wallet, and user application. The stack runs
in a flat, decentralised network with no master nodes.
The stack can only run smart contracts which are defined per domain. The stack itself is actually written using
smart contracts so for example, the blockchain code is a smart contract. Each stack instance runs
on a device and connects to other devices on the network.
Hardware Backed Security
Our stack goes all the way down to silicon. The base layer of the stack is built on confidential computing technology, with cryptographic keys
generated and retained in the cpu's secure element that mean that they cannot be extracted and compromised.
This security base layer automatically controls everything that goes on in the stack, and everything in the stack is forced to
go through the security base layer.
Scalable Edge Computing
Edge computing is the successor paradigm to cloud computing and
has better global scalability and resilience. Our stack's edge component
is implemented as edge native code using rust and webassembly.
We currently use Cloudflare's edge network and we intend to implement it
on all the major edge networks however, it can also run on your own edge network.
The edge network used is defined at domain level so each domain is free to choose their own.
Fast, Efficient Blockchain
Our patent pending blockchain protocol uses a simple way to create an immutable history of events
that requires no mining or convoluted mechanisms.
Data integrity is guaranteed by a fast and efficient protocol that allows for the parallelisation of verification, removing
bottlenecks and wasteful energy usage.
Zero Trust Architecture
Zero Trust is a security architecture that no longer relies on
perimeter defences and implements security at the individual connection level.
However, we take this even further by implementing Zero Trust at the smart contract function level.
Our stack is designed to verify everything using cryptographic signatures -
all code, including the stack itself, is authenticated
and authorised before anything is executed.
About Us
David Chan and Tom Whelan have both had long careers building large complex systems,
and in 2018 began looking at the latest advances in the areas of security, scalability, and resilience.
The aim was to improve the security of application software stacks. Applications are developed with
security as an afterthought and even then, the use of security is handcoded within the application leading to mistakes.
What was needed was a software stack where security was not only built-in to the stack, but was placed at the base layer
so that it is given the highest priority and can control the whole stack. It would provide security services
automatically.
Retrofitting an existing stack with a security base layer didn't work because they are such different paradigms so
the only course of action was to develop a new stack. Along the way, new innovations were developed such as
service supply chains (custody and outsourcing) and a blockchain that utilises edge computing.
Eventually, in December 2020, the company eCora (eCoraDLT Limited) was incorporated in Leicester, United Kingdom
and received angel funding in early 2021. In November 2021, eCora filed a patent on their efficient blockchain protocol
which allows lower powered devices such as IoT and phones to run a layer one protocol.
Team
|
|
|
David Chan
CEO & Cofounder
|
Tom Whelan
CTO & Cofounder
|
Raphael Djondo
Principal Consultant
|
Contact Us
For more information, email