Understanding Decentralized Identity and Its Future Implications

The emergence of blockchain and distributed systems has led to diverse and promising solutions in a variety of industries and products. Identity management through a standardized interface that allows for more efficient digital identity verification and control has become an essential and particularly relevant concept to the blockchain space.

A proposed Ethereum standard on Github by Fabian Vogelsteller called ERC-725 (and by extension the ERC-735 proposal referencing a claim holder registry vs. in-contract claims) is a proposal specifically intended to create a simple, yet essential interface in the Ethereum ecosystem. By allowing smart contracts to interact with each other as well as with real-world identities, the proposed standard establishes an intuitive method for automatically checking and verifying identities on the Ethereum blockchain.

At Sara Technologies, we believe the role of decentralized identity is an important missing element to blockchain platforms and has far-reaching implications as these platforms continue to develop and established institutions join the industry.

What exactly is a decentralized identity and how can we help you implement it?

The ERC-725 Standard and Decentralized Identity

The ERC-725 standard is not the only implementation of decentralized identification. However, it is a useful model for examining how many systems implement this type of identity management in some fashion or another.

The general problem facing identity constructs today stems from the over-collection of personal data by third-party companies. As Nick Szabo says:

“Trusted third-parties are security holes.”

The centralized storage of sensitive personal data continually leads to hacks and subsequent fraud. The necessary repetition of personal data entry by customers on e-commerce sites and online registrations further contributes to the problem.

Three primary concepts are needed to implement an identity standard.

  • An identity needs to be unique with a particular identifier to distinguish it.
  • Parties need to have the ability to make claims about an identity.
  • There is a method for locating and verifying a claim about a specific identity.

In this context, a claim refers to a set of characteristics that are unique to an identity. For instance, a mailing address, social media account, phone number, and email are all considered claims about an identity that are made either by the identity itself or a third party. These claims are then verified using publicly auditable proofs or third-party verification methods.

The ERC-725 proposed standard focuses on managing a single identity. With the standard, an identity is established by an Ethereum smart contract implementing the ERC-725 standard and specifies an interface for key management, identity usage, and identity verification.

Key management is defined by cryptographic public keys or contract addresses associated with the identity. Identity keys can be used to make transactions, sign documents, and sign claims. There are two initially proposed keys.

  • Management Keys
  • Action Keys

Management keys are used to manage the identity with functions such as being able to add or remove keys that are part of the identity. These keys should remain private and secure to retain control of the user’s identity.

Action keys are precisely what their name implies, they are used for actions in the world and can function as a proxy for your identity. These keys are replaceable, and others who interact with you should always check that you still retain these keys in your identity; otherwise, somebody else can use your action key and fraudulently manipulate your identity. Notably, action keys can’t remove or change keys, which reduces the risk of losing your entire identity at once.

Identity usage can begin with the identity deploying an identity contract, the identity is then either able to make claims about itself, or a third party can make claims on the identity. The claim issuer can be a third party such as an established and trusted claim issuer or a smart contract. Claims are searchable using the claim holder registry as defined in the ERC-735 proposal standard or through using in-contract (on-chain) claims that are verified by signatures and not necessarily blockchain specific.

The method for verifying identity through this standard is useful for a variety of reasons, specifically standardizing also allows other identities or claim issuers to add claims to an identity. However, it is an early standardization for decentralized identity tailored explicitly towards Ethereum. It can be optimized and formatted in similar designs for other models and platforms though.

Platforms Using Decentralized Identity

Today many platforms are using different models of decentralized identity verification. Notably, many of these platforms have the functionality baked into the larger design of the platform as a unique component while other platforms — like Civic — focus entirely on providing decentralized identity solutions.

What are these platforms and how are they pushing the limits of decentralized identity innovation?

Civic

Civic is built on Ethereum and provides multi-factor authentication on mobile devices without a third-party authenticator, username, password, or physical hardware wallet.

Civic does not have access to user keys, and identity data is fully encrypted on the user device with biometric access. Users can share their identity anywhere, and Civic’s existence on Ethereum’s public blockchain allows any to integrate with its infrastructure to support it.

Origin

Origin is a sharing economy platform that removes the intermediaries and has the decentralized identity verification feature baked into the platform. Identity works in combination with reputation to ensure reputable and verifiable partners on the platform.

Origin provides a direct interface for using the ERC-725 standard. Once a user has a verified ID on the platform, any contract that they interact with can look for verified claims issued by trusted sources to authenticate identity before interaction.

Login With Coinbase

Coinbase recently made headlines with the purchase of Distributed Systems for integration with their broader Login With Coinbase initiative for digital identity management.

The move represents a major step for Coinbase in continuing to build an infrastructure for an open financial system where decentralized identity will play a significant role.

Sara Technologies and Decentralized Identity

We are familiar with both the ERC-725 and ERC-735 identity standards on Ethereum and continue to follow the most recent developments in the space. Decentralized identity carries with it the promise of substantially reduced instances of hacking.

The future decentralized Internet will need decentralized identity to function properly. With various iterations of how to implement digital identity management systems, it’s difficult to stay on top. At Sara Technologies, we’re with you every step of the way to help you learn about and integrate your systems with decentralized identity management solutions.

Contact us to find out more!

Visit https://www.saratechnologies.com

Oakland, CA (510)768–7101

San Diego, CA (HQ) (858)848–1748

Albuquerque, NM (505)814–0011

info@saratechnologies.com

Sara Technologies Inc.

Written by

Sara Technologies, a US-based IT firm located in San Diego, Oakland, and Albuquerque. We are experts in creating industry-specific blockchain solutions.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade