Transcription:
Penny Crosman (00:03):
Welcome to the American Banker Podcast. I'm Penny Crosman. As banks roll out tokenized deposits and other forms of digital assets, they're having to make technology decisions such as which distributed ledger is the most suitable — Ethereum, Solana, Hyperledger, or some other. Today we're here with Daniela Barbosa, general manager of decentralized technologies at the Linux Foundation, who is going to help explain why some banks choose Hyperledger Fabric and Besu. Welcome, Daniela.
Daniela Barbosa (00:35):
Hi, nice to see you.
Penny Crosman (00:37):
So can you tell us a little bit about the Linux Foundation and Linux Foundation Decentralized Trust? How long have they been around and what are some of the types of projects you're doing under that umbrella?
Daniela Barbosa (00:51):
Sure. So the Linux Foundation for the last 25 plus years has been the home for what I would call the most important open source projects, obviously Linux Kernel, where we get our namesake. But over the years, there's been hundreds of different foundations really focused either on specific industries. For example, in cloud computing, we have the Cloud Native Computing Foundation where Kubernetes and hundreds of other projects fall under that umbrella. We have projects even in the film industry or automotive industry. Ten years ago we formed what was then known as the Hyperledger Project. And this was the first time that big banks and technology companies came together to work under the Hyperledger Project to bring what was then spoken about as enterprise blockchain solutions to the market. That project, it was one project initially, which was called Hyperledger Fabric, quickly evolved to multiple projects covering different ecosystems as well.
(02:00):
Today we have 17 different projects that sit under what is now known as the Linux Foundation Decentralized Trust. So let me take a couple of minutes to explain to you and the audience what an umbrella looks like. So the LF Decentralized Trust umbrella, much like other umbrellas at the Linux Foundation, let's say in the telecommunications industry with LF Networking or in the energy industry with LF Energy, is a consolidation of projects that fit into that category. So as I mentioned, 10 years ago we started as the Hyperledger Project. The first project that came in to the foundation at the time was called Hyperledger Fabric. And since then, we've really grown as the market for decentralized technologies or blockchains, if you might call them, has really expanded. We've been at the forefront of most enterprise adoption and the way that institutions have looked at distributed ledger technology and even decentralized identity technology as well as part of their implementations paths.
(03:11):
So we're very proud. Here we are in 2026, we just celebrated at our 10th year anniversary. We now have open source projects and very importantly, global developer communities across the world that are supporting these open source projects really focused on making sure we have the best open source communities that are building source in the open with open governance and open development to really meet the needs of institutions as well as government entities around the world. So would love to have the audience kind of understand why institutions, whether they're private sector banks for example, or government institutions, we now have 10 central banks that are a part of our community come to us because they really understand that that Linux Foundation brand and what we bring to the market from open governance and neutrality are really critical when we're building market infrastructure that we're being built penny for us, but also for our children and our grandchildren going forward.
Penny Crosman (04:18):
So I know Citigroup, BBVA, the DTCC and the World Bank are among the users of Besu. Can you tell us a little bit about Besu, what it is, what it can do?
Daniela Barbosa (04:30):
Sure. So Besu was one of our earlier ecosystems that we expanded out to. In 2019, the company Consensys with a "Y" contributed Besu to what was then known as the Hyperledger Foundation. And it's really important because that was the first really enterprise focused Ethereum virtual machine project that was made available to enterprises. And we saw very quickly adoption of that EVM project with the institutions and I can give you some more examples of that. What's really important about Besu is that fast-forward to today, Besu is a critical infrastructure execution client on the Ethereum mainnet. So the Ethereum mainnet, for those of you who might not be familiar with it, runs two types of clients. One is an execution client and the other one's a consensus client. The diversity of those clients, making sure that there's multiple code bases and multiple maintainers that are maintaining those code bases is critical to why the Ethereum mainnet is really truly decentralized and neutral when it comes to the code bases.
(05:48):
So in 2019, we were happy to bring Besu on board and that community that today as part of the mainnet, so the Ethereum mainnet is running about 16% of the Ethereum mainnet as an execution client. So really critical to the Ethereum mainnet's decentralization goals as well. Today, however, Besu is also being run as an Ethereum virtual machine. So this is as a permissioned DLT for many of the top tokenization and digital asset platforms there. You mentioned a couple of them, obviously Citi Token Services, DTCC and others. And what's really important when these institutions as well as governments and central banks around the world are making decisions is that they are looking for that credible neutrality. Open source obviously has won the battle. Everyone knows that open source is required, but really the difference between open source and open source that's neutrally and openly governed is really critical to these institutions.
(07:01):
They want to make sure that they're not picking proprietary software that has vendor lock-in. They want to make sure that there's a long-term sustainability around maintaining that code and with that you need to have multiple maintainers from different organizations contributing to those code bases and they want to make sure that there's not a possibility that maybe one company either pivots or makes a decision to go elsewhere or their VC firms make the labs, for example, pivot from what they're doing and then what happens to that code. So the Linux Foundation, as I said earlier when we were talking Penny, is really critical in bringing that technology to a neutrality perspective where organizations like DTCC and Citi and central banks can really make a decision and understand that from the who's going to maintain that code, who's going to have that code neutrality, the Linux Foundation is the place to do that for these projects.
Penny Crosman (08:04):
Well, one thing that sometimes or often comes up when you talk about open source software is privacy and security of the application and of the data that runs on it. What can you say about the security of Besu and Hyperledger Fabric, especially in this age of AI engines like Mythos that can find and exploit software vulnerabilities at blazing speeds?
Daniela Barbosa (08:37):
Yeah. So it's kind of two parts of that story, right? From a privacy perspective, especially as you think about permissionless networks and the move to a lot of banking services to permissionless platforms, is that there are technologies that have been developed over the last few years that are really focused on making sure that privacy for institutions is not something that is an after fact. And even if you look at the newest contribution that we had to LFDT, which is the project called Lineth, we just announced that a couple weeks ago, that is a ZK roll-up stack for the Ethereum ecosystem as a layer two. So ZK is zero knowledge proof. So there are actually quite a few projects within our umbrella now that are really focusing specifically on the privacy question that is so important and critical, not just for institutions but for individuals as well.
(09:38):
So we're very happy that our community continues to bring that innovation forward into production implementation. So as I mentioned, Lineth is one of our newest projects. It's a layer two for the Ethereum mainnet with linea and we have other projects, for example, like Paladin that is really focused on privacy components for Ethereum-based networks. So privacy is one thing that's quite important. On the security side, which is how does our community make sure that open source is secure for users to use? I mean, this is one of the main goals of open source is when you do have an open source code base, you have more developers, you have more maintainers, you have more eyes on these bugs and these critical features. We've obviously been working very much closely with other projects at the Linux Foundation that are focused on security. For example, we have a project called the Open Source Security Foundation that essentially brings best practices in open source to open source projects and we collaborate with them very closely.
(10:54):
All our code bases and our projects that are under LFDT umbrella follow enterprise grade best practices for open source software. We are tracking very closely what's happening around in the AI space. The Linux Foundation is actually one of the organizations that were asked to participate as part of the Mythos Access preview and many of our projects have currently been putting together governance processes and rules around AI contributions and very importantly how to use these models is just not Mythos. There's other great models that are able to help the developers identify critical bugs or even maybe not so critical bugs, but things that humans just didn't have time to get to. So this is all important ways that our communities across all Linux foundation projects. We have some of the biggest financial services projects. We have, like I mentioned, the telecom industry and the energy industry.
(12:02):
These are all critical infrastructure. So for us, security comes first and this is why we always say that our projects are not just open source, but they're open source with enterprise, making sure that enterprise from a privacy and security perspective are first as well.
Penny Crosman (12:23):
So just to go back to the fact that Citigroup is using Besu for its token services, as you mentioned. And this is basically a way for Citi to move its corporate clients' money around the world in real time, 24/7, even though its branches might be closed in certain parts of the world, certain hours. What makes Besu a good foundation for that kind of use case?
Daniela Barbosa (12:58):
So a couple of things. So your description of Citi Token Services is correct and it's really about the efficiencies that DLT, distributed ledger technology, if we strip away the blockchain and the crypto does bring market efficiencies to participants. We have a great case study on our website that I encourage the audience to go and read some more details around why Citi Token Services selected Besu and why they continue to deploy Besu across the Citi Token Services as they deploy out to different regional regions that they have. When they selected Besu, it was part of the code base, like our other code bases here are being governed openly. They have access to maintainers and contributors from multiple companies that support the Besu code bases and have products and services that they're built on it. They understand that it's enterprise grade and enterprise focused. So the roadmap that Citi and other banks are very interested in specifically to Besu that they can contribute to that roadmap.
(14:22):
We have had Citi engineers actually contribute to the code base directly as well. And this is really important for an organization, whether it's Citi or other banks, is that they're selecting a code base that they know will once again be maintained by multiple vendors and supported by that and that they have a focus on their enterprise use cases, which is what we see in the deployment of their use case as well as other banks as well.
Penny Crosman (14:53):
All right. And then as you mentioned, the DTCC is also using Besu. I think they're using it for collateral management. And again, what makes it useful for that purpose?
Daniela Barbosa (15:09):
DTCC is a very interesting use case. They've actually been on our board for the last 10 years and for the last 10 years they've been experimenting, they've been building core capacity in-house. They've been working with some of the best vendors in the marketplace that have been working with blockchain and other types of decentralized technologies. And obviously because of a lot of the regulatory clarity and the letter that they've received, they can now very publicly talk about the work that they've done. I would encourage you, Penny, and others to go talk to DTCC because they've been very open about how they make decisions. And when they do select technologies that critical things like where is the code hosted? Is it neutrally hosted? Is the governance of that code longstanding going to be neutral, that they don't have to worry about a company or a VC taking over the code and pushing requirements that might not be aligned with them as well.
(16:30):
So organizations like DTCC, maybe over the last year you've seen more of them in the news. Maybe they've reached out to you or you've seen more press releases and videos. There's a lot of great content that that team's coming up, but it really is because they've built up that institutional knowledge over the last 10 years and their decisions are made for building for the next 10 years and the next 50 years in the next hundred years. And they know that with projects like Besu, they're going to get exactly access to that to be able to do that.
Penny Crosman (17:07):
So if you step back, what do you think banks should think about as they are considering their own digital asset projects? And I know they think about things like speed and volume and privacy and security and compliance with bank regulations. What kind of advice would you give to people who are considering some of these different ledgers and how they can make that decision?
Daniela Barbosa (17:40):
Yeah. And there's a lot of decisions to make. So you mentioned speed and TPS and security and privacy. There's also a lot of discussions and a lot of work going on right now as to when do you put a use case, right? I do think it's use case specific. When do you put a use case on a permissioned ledger versus when do you do a use case on maybe a layer two or layer one? There's a lot of work happening in our community specifically around things like standards. So we have new projects that are focused on tokenization standards. How do the standards of how you define a token can be used across ecosystems and cross platforms. So there's a lot of work going on and really around the scaling of the industry specific to multiple use cases. It's not going to be one blockchain to rule them all.
(18:34):
There's not going to be one privacy approach that is going to meet the needs of every single use case from a jurisdictional perspective and a requirements perspective. So really we encourage the institutions, the banks to get involved directly, work with the vendors, work with your favorite vendors who are supporting you that support all your core banking and institutional integration projects, but also get involved directly in the community, get your engineers to events. For example, we have workshops. We have ongoing workshops that engineers from the institutions can join. For example, in July, we'll have a two-day workshop on the topic of privacy in London. And this is a two-day event really hearing from the institutions themselves about what privacy is needed, but very importantly, having the engineers have access to the maintainers and the main contributors to these open source projects and really understanding what are the use cases that they need.
(19:33):
Penny, I think for many years we've been talking about scalability and TPS and is it public? Is it permissionless? I think we're also at a critical stage in the industry that in order for the industry to scale to really have major production-based implementations across jurisdictions around the world, it's not just in the US or in Europe, we're talking Asia, Latin America, India. It really is the next phase is scalability from the industry perspective. Having tools, for example, that the smaller and mid-tier banks can leverage and platforms that they can leverage to deploy their own digital asset and tokenization standards, having standards that people can now use and apply without having to support 15 different standards around the world. So I think that the next 10 years is going to be really focused on the tooling in order to bring along the long tail or the medium tail of banking into digital assets and tokenization.
(20:44):
The big banks, the JP Morgans and the cities and on and on and on, they have that institutional knowledge. They've been building digital assets organization platforms for many years, but how do we truly scale? How do we educate engineers? How do we educate the business analysts that are working at these banks and how do we bring more vendors on board to support these implementations? And that is a core thing of what the Linux Foundation does across all industries as these industries mature. But really what LF Decentralized Trust and our community has been building and really focused on in 10 years is bringing code bases and projects into the community that are needed that are across ecosystems and very importantly, neutrally governed and supported, but also bringing in new tooling. And you'll see new projects that we have in the zero knowledge space, for example, or in the interoperability space.
(21:44):
How do we make sure that there's a portfolio of projects that the biggest institutions can leverage, but also the smallest as they bring their digital asset tokenization initiatives online.
Penny Crosman (22:00):
Well, Daniela Barbosa, thanks so much for joining us today and to all of you, thank you for listening to the American Banker Podcast. I produced this episode with audio production by Adnan Khan and WenWyst Jeanmary. Special thanks this week to Daniela Barbosa at the Linux Foundation Decentralized Trust. Rate us, review us and subscribe to our content at www.americanbanker.com/subscribe. For American Baker, I'm Penny Crosman, and thanks for listening.
