Identifying Users

Sean Coates
2 min readNov 18, 2019

--

When using a ledger, it is crucial to be able to identify the participants involved in each transaction.

In a simple paper-based ledger, you might identify participants by their name. For example, a transaction might appear as “John Smith paid $20 to Alice Jones on 8/3/2019”. Here, the participants are identified by their names. Obviously, this runs into problems when another person comes into town claiming to be John Smith. Now, there isn’t enough information to tell which John Smith the transaction refers to. To address this problem, ledger designers required participants to have a unique participant identification number (“ID”). That way, there can be several John Smiths, each with their individual ID.

If a ledger is used to prove ownership of assets, a person only needs to present their unique ID to the administrator of the ledger. Since this attributes value to the ID, it becomes crucial to protect it. If a bad actor presents someone else’s ID to the administrator, they could steal the assets.

The more valuable the assets are, the more critical it becomes to protect the ID. Early forms of ID were simply a slip of paper or cardboard printed with an organization’s logo. Perhaps it was embossed or contained an official signature. These ID cards would be somewhat challenging to forge, but not that hard for someone with practice. As organizations increased in size, additional measures were added to make ID cards harder to forge. The makers of ID cards included unique, rare materials, holograms, computer chips, and other items to make them harder to forge.

While this has helped a lot for in-person interactions, protecting the ID for online transactions is more complicated. To work online, the ID is reduced to data. For many years, this was simply an ID and a password. If a hacker acquired access to both of these, they could gain control of the assets by performing actions in the ledger. That’s why we are always told to choose passwords that are hard to guess.

By the time Bitcoin and other cryptocurrencies arrived on the scene, passwords became very complex indeed. The designers leveraged the technologies of public-key encryption, using the public key is as the ID, and the secret key as the pasword. These keys are very long and cannot be guessed through brute force methods, not even if you had control of every computer on Earth. The keys, by themselves, are anonymous, looking like random strings. This doesn’t make cryptocurrencies completely anonymous; keys may be associated with other identifiers over time through the use of wallets and exchanges.

--

--

Sean Coates

Occasional posts from @fooyay about software engineering, crypto, finance, and more. https://fooyay.com for current content.