XDEX is a permissioned system, meaning that all participating XDEX Network node operators are known and documented. Additionally, user accounts must be verified and approved by a certified registrar authority.
XDEX defines the “state” as the consensus about user data (accounts, balances etc.) Unlike Bitcoin derivatives, user state exists on all nodes as in memory data and it can be freely accessed.
The state is maintained through XDEX Network consensus by following the longest available chain of blocks. Nodes can replay that longest path by applying each recorded transaction in order and reach the current state (or the state at the time of any block in the past).
Since user state is regularly accessed and modified by the node application it cannot be stored in an encrypted format on disk. The data must reside in RAM for performance reasons, making access control far more difficult.
The assumption within the XDEX Network is that all blockchain transaction-level data on the ledger itself is public to authorized users of the XDEX Network ecosystem. User accounts (and thus the balances that are linked to account IDs) do not store personally identifiable information. All user-specific private data is stored on separate, privately authenticated servers in a form of encrypted traditional data.
Consequently, only the users themselves know the actual ID of their account — thus keep their extended data private from outside observers.
To achieve transparency of XDEX operation, the XDEX Network must be partially opened across a consortium or association view. This is essential to the auditability of the ledger and requires that the block explorer show unfiltered blocks with all the data from transactions. Users are able to deploy their own Ledger Nodes to observe the XDEX ledger and query the state (balances, accounts, and other data).
For example, the authentication server can reveal user data for KYC validation purposes to comply with legal regulation. The users can be made aware of that fact (and ultimately the necessity to comply with the law).
Within this privacy model, trust must be placed in the authentication service of the XDEX Network. The end users still have a reasonable expectation of privacy in the system as their transactions, accounts, and balances are not known to external parties. KYC information is also provided in the current cryptocurrency exchange systems by legal requirement. The authentication service has a strong incentive not to divulge the private information to outside parties because it would ultimately harm the overall value of the network. It also reduces the amount of trust the user must place in the network. Since all transactions are public, there is no possibility for manipulation of balances and user state, which become the form of “public record” for transactions in the ledger.
The only requirement is that the authentication servers are kept secure from intrusions. This however is a much easier task then securing the entire XDEX network because the attack surface is much smaller — so access control can be tightly regulated. If identity and other extended data is properly secured and shared, a potential intrusion does not necessitate a total loss of privacy as the attacker only gains a certain amount of private data.