Skip to content

nettijoe96/decentralized-identity-resources

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
 
 

Repository files navigation

Decentralized Identity Resources

A comprehensive overview of decentralized identity projects.

Precursors and Related Technology

PGP: pretty good privacy

  • OpenPGP: open source version of PGP
  • key servers (reddit): searchable public keys and key signing
  • key signing party (Zimmermann-Sassaman, Brennen): in-person attestation of public keys using signatures to generate a web of trust. Zimmermann-Sassaman consists of 3 stages: before, during, and after. Before the leader accumulates all keys in a list, each participant verifies their key and prints out all keys and checksums. During the party, each participant attests to their fingerprint and then proves their identity with at least 2 government IDs. After, each participant signs other people's keys that were valid.
  • PGP web of trust (wiki): an emergent network of trust based on key signing. Problems include bootstapping, sybil attacks, difficulty of use for average user, key revocation, and key loss.

certificate authorities (CA) and HTTPS

  • Provides secure websites and eliminates man-in-the-middle attack by using a hierarchy of certificates. Base certificates come preinstalled in OS and browser.

signalling in hard/soft forks

  • activation, MASF, UASF (link): Miner activated soft fork (MASF) is governance through block signalling. The more mining power or stake one has, the more blocks one can produce. Pools signal as a group. User activated soft fork (UASF) is governance through full nodes. The consensus rules supported by the "economic majority" of full nodes are the winning rules.

decentralized DNS

  • Namecoin (whitepaper): key/value pairs. If key (name) is not unique, transaction is invalid.
  • Stacks (docs, whitepaper): layer on top of Bitcoin that includes name ownership

schelling games and data oracles

  • schelling games are relevant because they are a precusor to Kleros.
  • original work by Thomas Schelling (book)
  • Schellingcoin: A minimal-trust universal data feed. (post)
  • Truthcoin (whitepaper)

decentralized data storage

  • decentralized identity might use decentralized data storage for storing larger amounts of data (and then referencing it via a hash on the blockchain)
  • IPFS (whitepaper): A decentralized storage system that is essentially bittorrent with a distributed hash table (DHT) for routing and discovery.
  • Filecoin (whitepaper)
  • Siacoin and Skynet (website,medium): unfortunately Skynet will not continue developing due to lack of funding

decentralized social media

governance

  • Decred (docs): governance focused blockchain that uses stake-based voting to decide software changes and budget allocations. Decred's consensus is a hybrid of POW and POS where POW generates a block and POS accepts/declines block. This allows for stakeholders to regulate the behavior of miners.
  • DAOs (website, molochDAO): a smart-contract organization where decisions and allocations are made collectively through stake-based voting
  • Kleros (whitepaper): a stake-based court system where jurors are selected based on staked pinakion (PNK). Jurors that do not vote with majority have stake reallocated to majority jurors (Schelling game). Reallocation incentivizes jurors to actually participate and not vote randomly. However, it gives even more power to those with greater stake to influence the outcome.

CAPTCHA: Completely Automated Public Turing test to tell Computers and Humans Apart

  • original paper (paper)
  • Idena FLIP (medium): Human-generated CAPTCHA. The theory is that it is easier for AIs to complete generated CAPTCHAs than human-generated CAPTCHAs.

Current projects

soulbound token (SBT): non-transferrable identity tokens

  • original post (paper, Vitalik, ERC1155)
  • Masa (website): One of the first SBTs launched on Ethereum. Creating a decentralized credit bureau.
  • Kudos (website): This is not a proof of personhood protocol but it can contribute to building a decentralized identity. Users can get soulbound tokens for achieving stuff. For example, a user could recieve a Kudos from a course they completed.
  • Sismo (docs, video): smart contracts (attestors) that can create a variety of SBTs using previous ethereum transactions. For example, an SBT showing Alice was active in a DAO.
  • Goldfinch UID (docs Uses government IDs to verify identity and mints the SBT on OpenSea.

web of trust (WOT)

  • BrightID (whitepaper): P2P web of trust. Nodes that are weakly connectly to graph or distantly connected to strong identities are discarded. This solution does not guarantee uniqueness of identity.
  • duniter (docs)

biometrics-based

  • Worldcoin (website): Uses iris scanning device to generate proof of personhood. Hash of biometric stored for privacy purposes. Relies on trusted hardware.

puzzle-based

  • Idena (docs): proof-of-personhood based on frequent CAPTCHA-like puzzles. Missing or failing identity tests slashes stake and downgrade identity status. Idena has it's own blockchain with POP consensus. There are three downsides. First, repeated validation is needed to maintain identity. Second, individuals fast at solving "flips" can have more than one identity. Lastly, AI will (likely) catch up with human ability to solve flips.

convincing humans

  • Proof of Humanity (paper): People make a video of themselves saying they would like to join the registry while holding the text of their address. They must stake ethereum. People whose identities are already verified can vouch for new members by using their stake. People can challenge the identity and or a voucher of an identity. If there is a challenge there is an arbitration court that will resolve the challenge. Kleros courts are used to resolve the challenge.
  • Upala (docs, github): users join a pool of members and have a currency value assigned to their identity. This currency can be redeemed by deleting their identity and this depletes the pool's account. This mechanism incentives pools to assign higher values to more trustworthy identities. User's want higher scores for lowest investment. Apps that want identity can require a minimum score to use the app. This solution does not guarantee uniqueness of identity.
  • HumanityDAO (medium, github): Dead project. Verification though DAO members voting on social media links and bio. Identity rejection forfeits user's stake. Only incentive to vote honestly is maintaining the future growth DAO (Cartel problem).

corporate

proof-of-personhood consensus (POP)

A consensus mechanism where each unique identity receieves equal voting power in consensus. When the number of identities is too large to efficiently run consensus, a subset of staking identities are randomly selected. The randomness source could be the previous block hash or VDF result. There is some small mandatory stake for any identity that wants to participate in consensus. With a reasonable group size, pBFT or another BFT protocol can be used for efficient consensus. Every cooperating identity recieves a reward and non-cooperating entitites get slashed. In a consensus round, identities must not know who else is participating in consensus--otherwise there is a clear risk for collusion. BLS signature aggregation can be used (like in Casper) to make consensus more efficient. In fact, any secure POS consensus can be used for POP consensus because POP can be modeled as POS where all stakes are equal. POP suffers (like POS) from weak subjectivity, which is when a full node that joins or reconnects to the P2P network needs to ask peers what the correct head is (to avoid long range attacks). Weak subjectivity increases the scope of sybil attacks and also the importance of proper peer seeding. 51% attack in POP is 51% of identities colluding, which is significantly harder than in POS/POW--provided that the identity mechanism is secure.

use cases

  1. less spam and misinformation
  2. accurate ratings and reputations
  3. democratic governance of DAOs and blockchains (vitalik, quadratic voting)
  4. univeral basic income (UBI)
  5. replacing CAPTCHA with signatures
  6. replacing stake-based applications with identity-based equivalent applications (courts, data oracles, gitcoin, etc)

further reading

  1. https://bford.info/pub/dec/pop.pdf
  2. https://arxiv.org/abs/1806.07583
  3. https://eprint.iacr.org/2020/934.pdf
  4. https://medium.com/ethereum-optimism/retroactive-public-goods-funding-33c9b7d00f0c
  5. https://vitalik.ca/general/2017/03/14/forks_and_markets.html
  6. https://vitalik.ca/general/2017/12/17/voting.html
  7. https://vitalik.ca/general/2021/05/25/voting2.html
  8. https://vitalik.ca/general/2021/08/16/voting3.html
  9. https://vitalik.ca/general/2018/03/28/plutocracy.html

About

list of decentralized identity resources and projects

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published