Our service Trust-Wise is under development and available to pilot for early adopters. Trust-Wise serves to enable trusted end-to-end data sharing across supply chains, automated verification of acquired product data for regulatory purposes, and integration of certifying bodies assurance processes. Trust-Wise is built upon security by design principles, 100% encryption pipelines even before data enters the cloud, and compliant with global and EU emerging trust registries for digital identities. 

The foundation of Trust-Wise is a data orchestration engine to provide all nodes within a supply chain from Tier 1 to Tier 6 with a decentralised IT service to collect, manage and exchange data in a secure and trusted manner.  Either on top of a companies existing IT system using API exchanges, or as a standalone service that can be used by itself. This means that each node is fully isolated and operates independently in a self-sovereign manner where the owner of the node decides what data to share under its own decisions with another counterparty. Connections between nodes are made on a flexible basis based on transactions between each party, forming a node network. Nodes can be formed for free with data presenting but without data request capabilities. 

Compliance management is automated in Trust-Wise based on verification reporting of product information, using a database of regulatory compliance points that are cross-checked with presented data, that can come from Digital Product Passports, the data vault server within a node or from the facility, process or material accounting deployed under Impact-Wise. To initiate a verification report a node in the network with a Trust-Wise license can request a compliance verification check and report. 

Data exchanges using Trust-Wise can include product claims between one party to another in the node network. Claims always come with a transparent uncertified and certified status, based on whether a 3^rd party has provided a certificate that verifies the claim made. The management of such certification processes is also supported by providing special decentralised nodes for certifiers, allowing these to audit selectively provided information and issue certifications for transactions and their product claims across the decentralised node network. In complement to existing certification management systems.

Trust-Wise's decentralised data orchestration architecture

In contrast to centralised supply chain registration solutions, Trust-Wise operates in an open fully decentralised manner. A company can operate independently by exchanging data securely using a selective disclosure manner to another node, selecting from specific exchange message options. The data is exchanged based on a decentralised identity and verifiable credential architecture, and utilises an innovative technical approach that allows plug and play creation of digital signatures and private-public keypairs within the node without a centralised party. 

Trust-Wise's data vaults for secure data exchange

The basis of secure data exchange in a Trust-Wise node is a data vault that is operated in the server of a manufacturer. The data-vault is fully based on decentralised information management, which is under development and available for piloting for early adopters. 

All data in the data-vault and the transfers of data from it are end-to-end encrypted using digital signatures, with only the non-sensitive metadata identifying a piece of data made available. Our data-vaults require verifiable credentials to be presented for exchanging data that contain identity claims of the two parties that are transacting to authenticate them (see for more details the section, How EcoWise platform is built upon six layers of data security for maximum trust in data safety and data access). They are also self-operable meaning that a party can self-sign their digital signature and does not need EcoWise for the signing process, making the data vault fully decentralised. 

In addition to the data vault itself, EcoWise Platform also offers a secure way to provide end-to-end encryption to enter data into the data vault from a local offline IT device. This is done by a special encryption programme that can be installed on a local device that opens a secure encrypted pipeline to our data vaults using standard messaging pipelines. The innovation means that at all stages as soon as data enters the cloud and is managing in the cloud it is fully encrypted and secure. 

Setting up and digital linking of nodes for data exchange within supply chains

The EcoWise platform established a node setup process so that manufacturers can provide a data collection, management and exchange node easily to their supply chain partners. This allows for rapidly making automated data exchanges possible in a secure manner for thousands of companies in a decentralised network. To enable exchanges, each node is registered based on its main identities in a trusted node identity registry, which allows looking up of the entity based on standardised identity references provided upon registration.   Two companies that want to exchange information can easily find eachother if they are aware of each others identity references.

A critical point of trust is that the identity manager and onboarding process needs to be secure to ensure that companies are 100% verified and no fraudelent entities are registered in the node identity manager. To this end our trusted identity registires is itself based on a decentralised architecture following global best practices, which includes emerging verification procedures as well as interoperability between trusted identity registry. Thereby in the future registries that are certified can be connected creating the possibility for a global identity lookup system fully compliant with web3 technologies.  

Two key emerging systems are under development. In the EU business registries are in preparation using decentralised architecture, prepared by the European Blockchain Services Infrastructure (EBSI), which are expected to be formalised over time for all EU companies. To this end a proposal for EU Digital Business Wallet proposal will be launched by the EU commission at the end of 2025. Similarly, globally trusted identity registries for decentralised identity management are under development by the United Nations Economic Commission for Europe (UNECE) under its subsidiary, the United Nations Centre for Trade Facilitation and Electronic Business (UN/CEFACT). More details are available under the Trust Registry project outline of UN/CEFACT, which will define standardised requirements of trusted identity registries using decentralised identities and verifiable credentials.