Decentralized Identity Proof of Concept with Microsoft Unified Support — The Diploma
We’ve been hard at work building our Decentralized Identity (did) toolkit that we announced last month in our roadmap. It will enable users and companies to create their own digital identities, issue verifiable credentials (claims) and also enable developers to integrate these identities into their applications. We’re working with the Microsoft Services team to develop an initial Proof of Concept that utilizes all of the core parts of decentralized identities and verifiable credentials.
All of the things we are building are based on the World Wide Web Consortium’s (W3C) up and coming credentials specifications that could apply to our every day lives in the not so distant future. The W3C is the main international standards organization for the World Wide Web.
What is Decentralized Identity
A good way to understand decentralized IDs along with credentials is to compare it to your driver’s license in the physical world. It is issued by the government and it asserts that a) your name is your name b) you look like the picture on it c) your birthday is your birthday and d) you are able to drive a car (among other things). Until now, we haven’t had a way to assert those same types of things online other than by sending a picture of your license. And we know that can easily be photoshopped.
Decentralized identity provides a way to assert those same things in the online (non-physical) world with certainty. The government could issue you your driver’s license as a “verifiable credential” which asserts the exact same things, but in a digital format that is easily presented to third parties and those third parties can easily verify the claims made in the credential. All of this uses public key cryptography to ensure everything is tamper proof and 100% verifiable.
Another very important aspect of this is that you own your identity and all the data associated with it. Unlike existing online identities that are owned by the Facebook’s and the Google’s of the world that you have no control over.
The Diploma Scenario
The diploma scenario is an example from Microsoft’s Decentralized Identity whitepaper and shows off all the key aspects of decentralized identities from creating ids, issuing credentials, and finally verifying the credentials. This is the proof of concept we’re working on.
In this PoC, the following actions take place:
- Alice, the recently graduated student, creates her decentralized ID
- U, the university Alice went to, also creates an ID that represents the University
- U issues a credential to Alice that asserts that Alice graduated from U in 2019 with a degree in Computer Science — this is her digital diploma, the equivalent of her paper diploma in today’s world
- Alice, who is now looking for a job, presents her digital diploma credential to a potential employer to prove that she has degree from that University
The Technical Part
Identifiers, aka “dids”
Identities will be rooted on GoChain, providing an immutable registry of decentralized IDs. When you create a did and register it with GoChain, it will look something like this:
This is the standard format of a did. Note the second part of the did where it says “go”, that is the “method” so when you give someone the did, they will be able to resolve it using the GoChain resolver and in turn will be provided the users “did document” which primarily contains a set of cryptographic material such as public keys that can used for authentication and verification.
In our diploma scenario above, the university, U, has it’s own did and it’s own set of keys from which it can sign the credential that Alice graduated from U in 2019 with a degree in Computer Science. It does this by taking Alice’s did (eg: did:go:123456), the claim that she graduated in 2019 (eg: “status”: “graduated”) and that the degree was Computer Science (eg: “degree”:”computer science”), then wraps that up in a data structure, signs it with the university’s private key and sends the signed credential to Alice.
Alice can store this credential for later use, such as on her phone or preferably her cloud storage so she doesn’t lose it.
When Alice provides the credential to a potential employer, that employer can check the signature of the credential to verify that the data wasn’t tampered with and that it was signed by the university U.
The Future of Identity
Using cryptography and blockchain together for identity, opens new doors that simply weren’t possible in the past. Even currently, there is no way to provide a diploma to an employer like demonstrated above, but once people start adopting this technology, it’s not only possible and quite easy to implement, it’s a far superior way of doing it. It’s much more efficient and it prevents fraud. It’s a known fact that people lie on their resumes and a lot of people get away with it unless the company calls the school to verify. With verifiable credentials, no employer would have to call a school again. And that can be applied to every other part of a resume too.
Even in the physical world, it’s a better way to do it. Imagine your driver’s license was issued this way and you wanted to go buy a beer on your 21st birthday. You could just tap your phone to transfer your “driver’s license credential” (or even just the fact that you are 21 with your picture) on a machine at the entrance to the bar and it could be verified instantly. No more fake IDs (that may be looked at as a drawback to some 😆).
GoChain is on a mission to make decentralized applications a reality and identity plays a big part of that mission. We love seeing big companies like Microsoft supporting the technologies that make that mission possible such as identity. They are supporting various efforts around decentralized identity, you can find more information here. We’re proud to be a helping Microsoft achieve their vision.
“We’re really excited to be working with GoChain on this project as we’re seeing demand from our customers for these types of blockchain based solutions. GoChain’s blockchain technology is focused on enterprise use cases and backed by enterprise-grade support. The GoChain team’s experience enables them to build enterprise solutions that underscore the value in deploying to the Microsoft Azure platform.” — Billy Smolen — Program Manager, Microsoft Services
Learn more about GoChain at https://gochain.io