Private Subnet network design options

Rayls Private Subnets have been designed to be highly flexible and configurable, based on the intended purpose of the Subnet and user needs.

However, with great flexibility comes greater responsibility.

To help you get the most value from Rayls, see some examples below of how the configuration of a Private Subnet can be tailored to best meet the requirements of your specific commercial purpose.

Example 1: A CBDC network

In general, central bank digital currency (CBDC) networks are set up and governed by a country's Central Bank to mint and transact CBDC tokens (the central bank's liability) between their domestic banks.

For this use case, the Central Bank is the authority of the network, the sole issuer of their own currency (token) and sometimes also the regulator (other times they delegate this responsibility to a separate financial regulator entity).

So, let's explore how we would create a tailored Rayls Private Subnet that is fit for purpose for this use case:

1. The Central Bank installs the Private Subnet and assigns themselves as the Subnet Governor (they use their 'master' private key to deploy the governance smart contracts during installation of the Private Subnet).
2. The Central Bank also installs a Privacy Ledger to play the role of Mint and manage money (token) supply. This Privacy Ledger then requests to join the CBDC Private Subnet.
3. The Governor (the Central Bank) accepts their Privacy Ledger registration request and assigns this Privacy Ledger the role of Issuer (remember, only 'Issuers' can register tokens, such that they can be teleported across the Private Subnet between Privacy Ledgers).
4. All other Privacy Ledger members (the country's wholesale banks) will only be assigned the role of Participant, as only the Central Bank should be able to mint CBDC tokens and this is the only token that will be transferred around the Private Subnet.
5. Depending on the jurisdiction, the Central Bank may also be the regulator and take on the role of Auditor to be able to decrypt transactions between the transacting Privacy Ledgers (the country's wholesale banks, in this example).
6. Alternatively the Central Bank may delegate the role of Auditor to a different organisation (the country's financial regulator, in this example). Note that only the Auditor is able to view encrypted transactions between Privacy Ledgers, so if the Auditor role is delegated then the Governor can enforce governance, but will have very limited visibility.
7. If the Governor and Auditor are separated across different organisations, smart contracts can be developed to automate the workflow across the Commit Chain for flagged transactions to trigger governance actions (e.g. automatically freeze a fraudulent token).

This example shows how Rayls Private Subnets can be configured to be fit for purpose for large financial market infrastructure providers and public sector organisations that require the highest levels of privacy and governance.

Example 2: A tokenised asset exchange platform

Now let's consider a fictitious financial asset tokenisation Private Subnet.

This network is comprised of many commercial banks that each issue their own commercial bank bond tokens and transact them between each other, and a 'tokenisation platform registrar' that operates the Private Subnet, with whom all commercial bank bonds must be registered.

In this example, the tokenisation platform registrar acts as the Private Subnet Operator, playing the roles of both Governor and Auditor at the same time.

So, let's run through how we would set up and operate this Private Subnet:

1. The Operator installs the Private Subnet and assigns themselves as the Subnet Governor (they use their 'master' private key to deploy the governance smart contracts during installation of the Private Subnet).
2. The Operator also assigns themselves as the Auditor, so that every time a new Privacy Ledger joins the Private Subnet they receive a Diffie-Hellman (DH) key exchange, enabling them to peek into encrypted transactions on the Commit Chain.
3. Each commercial bank installs their own Privacy Ledger and requests to join as a member of this financial asset tokenisation Private Subnet (they communicate with the Governor who then approves / rejects their request to join).
4. The Governor (one of the roles played by the Private Subnet Operator) conducts their due diligence and approves the requests, assigning each commercial bank with the role of 'Issuer' (because each commercial bank should be able to register their commercial bank bonds so they can be traded with other banks in the network).
5. The Operator, in this example, also wants to provide a stablecoin that can be used by the commercial banks in this Private Subnet to make payments and to purchase commercial bank bonds via a DvP transaction. A regulated third-party stablecoin provider installs a Privacy Ledger and is permitted to join the Private Subnet where it mints and privately distributes the stablecoin to the other commercial banks within the network.
6. Each commercial bank begins issuing (minting) their commercial bank bonds within their respective Privacy Ledgers. When they do so, they request to register these newly minted bond tokens with the Subnet Operator. The Subnet Operator checks the asset ID for uniqueness (against their on-chain and off-chain systems) and once confirmed, approves the token registration to the Private Subnet (so that it can be traded) and updates their registries.
7. Once the commercial bank bond tokens are registered, and the stablecoin is in circulation, the commercial banks can begin trading freely with one another... buying and selling their bonds in exchange for stablecoins with complete privacy and anonymity.
8. Under their role of Auditor, the Operator can continue to monitor the encrypted network activity by validating proofs (Pedersen commitments) regularly published to the Commit Chain by each Privacy Ledger to ensure consistency, legitimacy and validity. Note that the Auditor does not have direct access to the encrypted transaction payload data. Any issues can be flagged and some may even be actioned automatically (by the Governor role) using smart contracts under certain conditions (e.g. freezing a member).

In sum, this example demonstrates a configuration that blends privacy and governance with restricted auditability (proofs only, not the underlying data) unless fraud has been detected. This flexibility demonstrates that Rayls Private Subnets can be optimised for precise privacy, governance and compliance requirements.

Example 3: An autonomous decentralised NFT marketplace

In our final example, let's look at a very different set up.

In this example, we will describe a NFT marketplace that is Operated by a decentralised autonomous organisation (DAO), where governance rules are determined by votes cast by governance token holders, and the integrity of the Private Subnet is secured by Validators within the Rayls Public Chain.

In this Private Subnet, Privacy Ledgers represent NFT Platform companies, where each mint their own NFT collections on behalf of their customers and enable them to be transferred freely (internally) between their Privacy Ledger customer accounts.

Here are the steps involved:

1. When the NFT Platforms request to join the NFT Marketplace Private Subnet as a member, the DAO automatically approves so long as they meet the basic criteria and automatically assigns them the role of 'Issuer' so they can register their NFT tokens.
2. Note that the NFT Provider must also agree to the terms and Governance Charter of the Private Subnet, as voted for by the DAO's governance token holders - they are therefore bound by the outcomes of these terms in the case of malicious actors or issues when transacting.
3. NFT Platforms can then register their NFT tokens with the DAO Operator, which again automatically approves based upon pre-defined criteria and token uniqueness (i.e. the token hasn't already been registered).
4. As voted on by the DAO governance token holders, payment for NFT tokens can be made within the Private Subnet via a number of options, such as the Rayls token ($RLS), a third party statblecoin that has been issued within the Private Subnet or specified cryptocurrencies (such as ETH).
5. NFT tokens are bought and sold privately across the NFT Marketplace Private Subnet between Privacy Ledgers.
6. The Auditor role is managed by Rayls Public Chain proof verifiers, who have no access to encrypted transaction data unless their proof validations show that there has been fraudulent activity and therefore enables a transaction to be decrypted (for this example, we assume this was defined in the Governance Charter and permitted by the DAO, who acts as the Private Subnet Governor).

As such, this example demonstrates how Rayls Private Subnets can be used to facilitate private and secure transactions within a highly decentralised network, without any single entity or individual having control over what commercial activity is permitted nor access to transaction data.