Digital Identity — Part 2: The concept of identity transferred to the digital world with ERC 725

You missed Part 1? Catch up here

ERC 725

Let’s bring it down to a more concrete level. In the Ethereum world, ERC 725 is one approach to tackle the problem of digital identities. It was created by Fabian Vogelsteller in 2017 and describes itself as a “proxy contract for key management and execution, to establish a Blockchain identity”.

What might sound very cryptic the first time you hear it, is actually a description of standard functions that should be used to create an identity in the Ethereum blockchain. This standard or definition is needed to create a common language that different projects can agree on and in such create interoperability between the projects that are built upon this standard.

However, the important thing to notice is that it is not something carved in stone. It is an open and community-driven standard where everybody can participate and suggest changes and additions. Also, this standard does not try to solve all problems that could ever arise, but it focuses on a very specific topic: managing identity.

According to the ERC 725 standard, an identity can have attached keys. These keys are public addresses of wallets or smart contracts. Depending on the purpose of the key, these wallets or smart contracts can do different things. The purpose of the key includes e.g. management or claim. The key with the purpose “management” is basically the owner of the identity and can manage it. A key that is added as a claim key, can be used to do claims on other identities.

This structure allows it to have for example several claim keys for several use cases attached to an identity, which makes it very flexible.

Connection to ERC 735

Having a standard for a digital identity is an important first step. But to bring it closer to real world use cases, functions to interact with this identity have to be created.

One proposal for this interaction is ERC 735. It describes itself as a standard for “adding, removing and holding claims. These claims can [be] attested from third parties (issuers) or self attested.” An issuer can use the “Add Claim” function to claim something about an identity. These claims can have different topics. This ranges from KYC process (the issuer can claim that the person successfully completed the KYC process) up to proving that you have an account on another platform like Facebook.

Further, the owner of the identity can also do a so-called “self-claim” and claiming something about him or herself. In this case the claim is not yet verified by a third party, but depending on the situational context this could also be already sufficient in some use cases.

Access control example

To better understand how ERC 725 and ERC 735 play together and what use cases they enable, we will now go through a simple identity use case.

We will describe how a system to provide Access Control in a company could look like based on these open identity standards.

In this example, we have 3 parties involved:

• GoodLogistics, a logistics company that ships goods in different industries and needs to have a complex access management structure
• FutureKYC, a company providing KYC checks
• Employee, a new employee at GoodLogistics who needs to have access to certain buildings

These are the necessary steps to be taken:

• FutureKYC deploys the necessary contracts and adds a key they will use to make claims on identities
• The employee installs the GoodLogistics company app and starts the KYC process
• After a successful KYC process, FutureKYC adds a KYC claim to the employee
• Employee adds FutureKYC’s claim to their identity contract
• GoodLogistics deploys a smart contract that takes care of the access management and that has the rules which employee is allowed to access which building
• Employee can now use their verified identity to access the buildings

Based on https://hackernoon.com/first-impressions-with-erc-725-and-erc-735-identity-and-claims-4a87ff2509c9

Newest developments

The topic of identity on the Blockchain is still a rather new topic. Therefore, it is also important to notice, that most considerations are still on a rather theoretical level and the mentioned ERCs are also being developed further, constantly.

One of the most interesting developments regarding ERC 725 and 735, is driven forward by the ERC 725 Alliance. The thoughts are currently to split the ERC 725 approach in two, to separate the identity itself and the key management functions. The idea behind it is that an ERC should normally just present one single problem. Another aspect is, that key management itself could also be used in other use cases besides identity. The separated key management part would then be called ERC 734.

Another consideration in the community is the comparison between ERC 735 and another ERC called ERC 780. ERC 780, in contrast to ERC 735, is building a global claim registry. In this registry, claims about an identity can be made, without that the identity explicitly has to accept this claim. This means that in contrast to ERC 725, also negative claims can be added, as according to ERC 725 both sides have to accept a claim. This, of course, has advantages and disadvantages and it depends of the use case if it is a better solution or not.

Conclusion

Even if there is no „final“ and battle proven approach to the topic of identity on Blockchain, the already existing approaches have a very high potential to also support first real world applications. Companies that start experimenting with this now, will be able to create real innovations that will be able to provide real business value already and enable totally new business models in the future.