 My name is Mark Rimsah. I am a product manager for Web3 Alpha Products at Consensus Mesh. And today I'm going to talk to you guys about decentralized business automation for Enterprise, how it's realized with ZK roll-ups on Ethereum, Firefly, smart contracts, and DAOs. So I'm going to give you guys a quick intro, talk about some of the problems that enterprises are facing, and I'm going to dive into decentralized business automation, why it's critical for future business success, how it can be realized as a service, where it's being used, and what's next. So before we get into the thick of it, I work for Consensus Mesh. We're a VC incubator in the Consensus family, and my team sits in the Applied Research and Development Unit. And we focus on advancing the enterprise use of the baseline protocol, ZK, ZKEVM, and other relevant technologies for enterprises. So let's dive into decentralized business automation or DBA for short. So quick question, can anybody tell me how much revenue they're generating from digital transformation? Or what about the initiatives that your company has? Where does digital transformation sit on the list of priorities for your enterprise? Well, the short answer based on what the data is telling us here is that it sits very high on the list of things that your enterprise, that you as an enterprise need to worry about, and already 65% of the world's GDP has been digitized by 2022. And because there's so much value being driven in digital transformation right now, it's coming to a crossroads for enterprises because there are some problems that are happening because of this. The first major caveat to digital transformation is that enterprises can't just rely on themselves to provide end-to-end services for their customers. They have to rely on collaborating with other parties to actually deliver these things for their constituents. So right now enterprises are exchanging data with external partners and customers. 75% of them are exchanging data with their customers across two to five business processes. And another question here is how many customers do these enterprises actually service? Is it 100, 1,000, 10,000, 100,000? Based on how many customers you have, you're going to be sharing lots and lots of data with hundreds of thousands of other people and encountering lots of regulatory and compliance headaches. Because how can you really guarantee that your data isn't going to be leaked once it leaves your company walls? How can you actually guarantee that any data that you share about customers to deliver services won't be used against them? They won't be leaked. They won't be used by other parties. And how do you know that you're not going to be breaking the law whenever you do that? And especially given the shifting regulatory landscape right now, even if you're sharing data right now to deliver a service, that could change and you might be in trouble and you might have to cancel your service or reconfigure how it's done. And to make matters worse, not only are enterprises sharing this data to digitally transform their service offerings with varying degrees of safety, but they're also experiencing with this huge increase in the amount of parties that they're sharing data with, this also comes with a vast increase in devices and entities that are accessing these business processes. So, you know, a simple example of a business process that is using, that are using these IoT devices could be like ordering something from Amazon using your Alexa smart device or who's using their phone for smart driving apps that adjust their insurance rates on their phone. Any time you use these entities, any of these IoT devices to initiate these business processes, any of these IoT devices that are streaming data, private customer data, that's influencing these business processes, triggering business processes in different organizations, how can the big problem with these IoT devices is that none of them have a trusted identity, none of them can verifiably prove the source of their data and they can't actually prove that transformations that occur to their data are done verifiably correctly. And what this is turning into is exponentially increasing costs of conducting digital business for enterprises. So, we have this great meme on the right here, enterprises are embracing digital transformation with open arms because it's supposed to drive all of this revenue, but they're running into this huge problem of this shifting regulatory landscape, sensitive data that's crossing all of these trust boundaries across enterprises, and there's really no way to guarantee that once data leaves your system that it's being used safely or effectively or that any of the data that you're receiving from these inputs to your business processes are correct or that they even should be trusted. So, as the, and really this speaks to how the edges of these networks for enterprises are increasing and it's hard to balance all of these cybersecurity risks that companies are encountering right now. The increasing costs of digital business, you could characterize this as the increasing cost of trust between enterprises that are trying to collaborate across these digital services that they're offering. And really, we consider this cost of trust to be the cost of cybersecurity and regulatory compliance. This happens when you can't trust the data that the data from or the integrity of the business processes that other entities are providing you with. So, what we really need is we need automation that can handle these strict regulatory requirements that businesses encounter and also can handle the challenges of security that are imposed by these expanding networks that are all exchanging information between each other. So, what we really need is we need private and trusted decentralized business automation. So, what is private and trusted decentralized business automation or DBA? It is, these are digital processes that occur in zero trust and under zero knowledge. So, what does this really mean? Well, the first requirement here is that in the digital business process, you need to authenticate and authorize every participant for every single digital business interaction at all times. From there, once you know that you're working with the right entities, that the right entities are accessing your resources, you need to prove and verify the authenticity, integrity and correctness of every single digital service transaction and its entire data supply chain. So, this means that if someone is accessing a resource that is supposed to kick off a process on my end, like let's say an insurance company wants to adjust the rate for my vehicle based on my driving. If I'm sending them my location, they need to know that it's coming from the right device. They need to know that the device is sending the right location. It's not somebody else. And every single time I share a location, they need to know that every single time it happened from time zero up until now that it was me and it was all happening properly. This is very important for these complex digital supply chains where businesses are collaborating on hundreds of thousands of processes that are all based on prior inputs. So, how can we prove, and so finally here, for regulatory compliance, if we're sharing this data with each other and we can prove that it's me, that it's correct, well, we don't just want to be sharing this private, sensitive customer information in clear text over the internet. We need to minimize this exchange of sensitive information ideally to zero. So, the real question here is how can we actually prove and verify the integrity of this supply chain if we're not actually exchanging data? What does this actually look like? Does anybody have an idea? We have an idea. And so, the first thing we need to unpack here is zero trust. Zero trust is a direct response to the increasing sophistication of cyber attacks that's going on right now. It's actually a mandate by the Department of Defense for enterprises and government agencies to incorporate into their network architecture. And really, the underlying philosophy of zero trust network architecture is to assume that no entity should trust any other entity at any point in time. And this is the first step for decentralized business automation. And I kind of touched on this already. We need to authenticate and authorize every single person at all times. And the big thing here, too, is we need to shrink the trust zones. We need to make sure that we're not just letting someone into our network and accessing everything they want. We need to move checkpoints closer to the resources that these enterprises need to access for these services. So, like a good example of this is on your phone. For anybody who has a VPN or antivirus or anti-malware, these are all decent examples of a broader zero trust framework. They add checkpoints to your devices that make sure whether or not something is allowed to access your resource at any point in time. And this is what enterprises need to put outside of their own resources. If I'm a healthcare provider and I want to exchange data with someone, there needs to be a checkpoint very close to that data that I'm trying to access that verifies who I am and that I'm allowed to access that data. So, yeah, that's basically zero trust in a nutshell. And the real purpose of this is that we need to prevent unauthorized access to data and services and make this access control enforcement as granular as possible. So when we do this, we need to find a way to actually prove that the people accessing our information, our data, our resources is correct. And a big way that we can do this is with zero knowledge cryptography. Zero knowledge cryptography allows us to prove authentication, allows us to prove authorization. And in the case that there is some program that's executed as an input to my digital business process, we can actually use the zero knowledge proof to prove that something happened correctly without actually revealing the underlying execution of the program. So this allows us to have entire chains of processes that occur that are all done trustlessly and they minimize the amount of information that is transmitted across each of these steps. So what's really important here is to get into multi-party zero trust under zero knowledge collaboration. And our team is focusing on enabling decentralized business automation with three specific parts that allow trusted identities to verify who they are, a ZKEVM as this trusted execution environment for these programs, and bridges as the secure messaging layer between these nodes. So the ZKEVM is important as the execution layer of this environment because it allows private and verifiably correct execution of smart contracts. Any business process that can sit between organizations that they need to trust can be encapsulated in a Solidity smart contract where it's automatically proven. And really a ZKEVM roll-up is great for this shared digital business process execution because it's very easy for companies to prove the execution of their programs. They don't have to write custom ZK circuits, they don't need to use domain specific languages. They can just write any old plain Solidity smart contract and it will automatically prove that this execution is correct. And a ZKEVM roll-up here can act as this trusted synchronization point for automation between parties. Both parties can trust that this program is executed correctly. You can actually prove with a proof that it happened without revealing anything about it at all, other than that it's correct. And an even bigger point about this is that when you're settling these proofs to Ethereum you can actually guarantee that the state of your roll-up is correct and what it should be and you can't actually tamper with the state of your roll-up. Other enterprises that can see or know they can't actually do anything about it. So this right here is a good visualization of what an enterprise ZKEVM roll-up would look like. You would have a Web2 system that can submit trusted, authorized, authenticated transactions to a ZKEVM. A ZKEVM can verifiably execute these digital business processes and then any output of these digital business process steps, they can be communicated across a bridge to another party's ZKEVM but they can verify that that output of that process is correct and all they need to see is the proof. And the underlying execution that happened in that ZKEVM, they don't actually need to see it. So you can have private states on these nodes that allow one party to privately execute a smart contract, submit an output to another party where they verify the proof, they take that output, then they can kick off their own digital business process. So this allows you to perform very complex end-to-end digital services for your customers without the worries of leaking sensitive data or any worries that the output that you're receiving for your process is incorrect. So in the case of this diagram right here, I have AT&T, State Farm and Ford with this mobile and insurance adjustment example that I gave already. You can ensure that if I'm driving around in my car with my phone and it's tracking my location, well AT&T has my location but they're not actually sharing it with State Farm when they're adjusting my rates and Ford, who could be collecting my location as well, they're not sharing it with anybody who doesn't need to. But a big barrier for getting enterprises to hop onto this decentralized business automation train is easy ways to set this stuff up and to encourage enterprise adoption of this, we need to offer this stuff as a service. We need to make it so that enterprises don't have to maintain complex infrastructure. It needs to be cheap for them to manage. It also needs to be out of the box so it's easier for them to use. They also need to be able to configure it for their needs. And one of the things that our team is working on right now is developing ZKEVM as a service with Kaleido. This is an offering that would give enterprises the ability to set up their own ZKEVM node and submit transactions like you saw in that diagram earlier that allow this that give them their own trusted execution environment for their private and sensitive business processes that they don't want to share with other parties. And so really the ZKEVM nodes should be like a private theater. You need to control who can enter your theater and you want to control what the movie is, what they can actually see in this theater. And another big thing about this too, hosting it through Kaleido, is the fact that enterprises, they don't want to have to hold crypto. If you're operating a ZKEVM node and you're executing these transactions, rather than holding crypto on your balance sheet, they should just be able to execute these things with meta transactions and normal fiat. So this is a good diagram of how enterprises would interact with ZKEVM as a service on Kaleido. If you could take any normal API gateway, any ZKE connector and you can submit transactions to ZKEVM nodes where they process your business transactions. And then from there you can stream the ZKEVM node events, any outputs to off-chain systems and again you could use custom ZK circuits to validate that the outputs of these transactions are correct and you can link this trustless execution of business processes in this way. And where it gets interesting is when you actually add Firefly in between these ZKEVM nodes and what it can turn into is like a trustless ZK Internet for enterprises. It's really just a bunch of enterprises exchanging messages, events, data sharing, transactions, but because all they're really doing is exchanging ZK proofs, no sensitive data is being exchanged, it's like a trustless ZK Internet. They can freely, trustlessly exchange information, I can kick off a business process, I can send it to the next downstream actor and they can do what they need to do. And everything is very frictionless in this sense. And I guess another thing that I could add too is that each ZKEVM node could be thought of as, you could think of it as its own ERP system, just its own little mini ERP system that's taking care of a specific granular business process except these business outputs like often in supply chain or things like this by your seller, there are a lot of disputes about what we're actually receiving whereas with this trustless ZK Internet you don't actually have to worry that your supplier or anybody who's feeding you this information about their inventory, etc. is incorrect because it's all proven under zero knowledge and it's all done under privacy, it's fully regulatory compliant. So this is like a brief look at what a trustless ZK Internet would look like with Firefly. You can see who's on your node, you can see what processes are running, you can see where assets are being transferred and Firefly is open source. Anybody can take this general multi-party zero trust under zero knowledge stack and they can connect to this network of enterprises that are all transacting and interacting with each other. So there are a handful of industries that our team is looking at for first pilots to try out this multi-party zero trust under zero knowledge concept and I've listed a couple of them on the screen here. Finance, supply chain, insurance, telecom, healthcare, mobility. The big link between all of these different industries is the fact that they all handle a lot of sensitive customer information and it's a big problem if they're leaking this information and it gets into the wrong hands. And they work with a lot of different parties to deliver end-to-end services. So the first industry that our team is working with is telecom and multi-party coordination is a hallmark of the telecom industry. Just a very simple example is international connectivity services and telecom. If you wanted to connect a Singapore office to the New York office, if you want to connect the data between these two offices, this data has to pass through a local provider and then a wholesaler and then another wholesaler until you get to the local provider who passes it off to this office. This type of collaboration with these digital services is not uncommon Just this simple example really sheds light onto how scary all of this digital transformation can be for enterprises. You have to be really sure that this data isn't getting into the wrong hands and that everything that you're receiving is correct. So our team is developing two pilot products that we're testing out in telecom using ZKEVM as a service where these organizations or these service providers can deploy smart contracts on a ZKEVM as this trusted execution environment between these different parties. So in the case of SLA assurance, this would allow parties to execute SLA assurance. It would allow them to execute SLA assurance solidity smart contracts that allow them to make sure that there are no disputes. It would allow them to calculate how many credits or debits a buyer and seller is owed. Well, there aren't any disputes because they can just verify with a zero-knowledge proof that it's correct. And then another product that we're creating is DAO as a service which I'll get into a little bit later but another contract that we would be putting on this ZKEVM as a service is a televerse DAO which is a trusted platform for connectivity availability and pricing data which would be like the expedia of international data connectivity services. It's a trusted integration point where everybody has visibility into the availability of data and what it's priced. It allows them to, through this DAO, through a decentralized autonomous organization, to actually collaboratively create rules around how these connectivity services can be delivered and it could even automate the actual payment and provisioning of these services as well. So that brings us to Enterprise DAO as a service, which I touched on briefly already. This decentralized business automation across enterprises, it requires something like a co-op which I just touched on. They need to have a way to configure the way these end-to-end services can be delivered in this digital supply chain. They need to have a way to easily deploy it to their ZKEVM node because handling this complex Web3 infrastructure is tough and they need to have visibility into this and an easy way to manage all of this. And this is a quick view of what this Enterprise DAO as a service would look like. You can configure it out, deploy it out, you can govern your DAO, and you can run your DAO services. These DAO services could be things like quoting and ordering, like I mentioned, trusted location services. Really, these DAO services could really be any digital business process that companies want to collaborate on and they want to have visibility in how these processes are executed. In the case of AT&T or Verizon, if AT&T has to do something in their system and provide it over to AT&T, it's not necessarily important for Verizon to see it as much, but if they're collaborating on something, it is important to have visibility into that process and DAOs are a great opportunity to do that. So finally, for our R&D team, we're focusing on a couple Alpha products in and across more industries. We're focusing on mobility. There's a handful of use cases that we're focusing on, like mobility as a service, trusted location services, secure EV battery supply chain management, secure autonomous vehicle communication, and secure electric vehicle charging infrastructure. With insurance, we could do secure coverage underwriting and verification, and in mobility, we can have secure location and membership-based insurance adjustments. And really what ties all these use cases together is that they are collaborative business processes that exchange sensitive customer information, need to keep this sensitive information under wraps while still proving that what you're providing to this other party is correct. So just to summarize everything, decentralized business automation is critical for future business success to minimize the cost of digital business, which is exponentially decreasing and needs to occur in zero trust and under zero knowledge. Together by combining self-sovereign identity, Ethereum, ZK EVM, and Firefly, we can create this trustless ZK Internet where people can trustlessly pass packets of information back and forth between each other without worrying that it's incorrect without disputes. And to actually allow enterprises to achieve this trustless ZK Internet, we need to offer this as a SaaS solution. We need to shorten the time to market, reduce the costs, the risks of implementing these very complex, it's like a complex cybersecurity problem that we're trying to solve for. And then some industries have already started doing decentralized business automation, the telecom industry like I mentioned, and we're looking forward to piloting more. And if you're interested in any of this, please come talk to us and see how we can help you achieve some trustless ZK Internet pilots of your own. Thank you.