ixo + Microsoft Hack
We jointly developed a mobile SDK for decentralised digital identity & verifiable claims
The ixo dev team came together in Cape Town during the first week of February with a team of senior software devs from Microsoft US. Our joint mission was to develop an open-source software development kit (SDK) for mobile that securely generates and manages decentralized identifiers (DID) and provides signing services for other apps — including for Verifiable Claims.
Our use case
Service agents and evaluators need to identify themselves and create verifiable claims for the impacts they deliver and evaluate. Verifiable Impact Claims are core to how the ixo Protocol operates. These claims are the basis for establishing Proof of Impact that generates Impact Tokens and verified impact data assets.
Having a world-class mobile module that can serve as the ‘engine’ for managing identifiers and generating these claims, should be a game-changer for applications developers to build on the ixo Protocol. This is also an important demonstration of how the new internet standards for decentralized identifiers (termed the DID Specification) and verifiable credentials, that are currently undergoing the standards-setting process through W3C, can be used in real-world applications.
The ixo context
Users of the ixo Protocol have a powerful new way of funding, delivering, evaluating and trading proofs of sustainable development impacts. This is done by configuring Impact Projects, using blockchain smart contracts to coordinate and incentivize participants in these projects.
There are three generic participant roles that must be identified and authenticated, using digital identity credentials: service agent, evaluation agent, and investment agent.
We wanted to rebuild our purpose-specific mobile applications for interacting with Impact Projects, into a multi-purpose SDK that any developer can configure into their own use-case applications.
The mobile application should enable an individual to register an agent identifier (DID), with cryptographic keys as signing credentials, choose an impact claim template for the project/impact they are going to deliver, then submit signed claims.
We split the functionality in a modular SDK:
- A form-display app that agents use to access claim templates
- A signing app that agents can use to digitally sign data, with their DIDs.
On the last day of the hack, we caught up with Shawn Cicoria from Microsoft and Nicolaas Vercuiel and Donovan Risk, developers from ixo, to reflect on the group’s progress, accomplishments, and insights for the future.
What was the goal for this hack with Microsoft?
NV: One was to build an app that dynamically pulls form data and generates forms. We pull in the adjacent schemas on Github, and from that, we dynamically generate the forms. We also need to sign the form data to send to the protocol. There are two signing algorithms — if I can call it that. Built into the SDK, we can generate Sovrin key pairs, so the Sovrin DID, which uses Ed22519, and then ECDSA, which is what Ethereum uses. We can also generate signatures for data. The usual process flow is to first generate your key pairs, then collect and sign a data submission in the verifiable impact claim format. So the two apps we want to build are essentially a signing app and a form-based data capture app. After capturing impact data using the Data-Collection Form app, the agent signs the data schema using the signing app. The signed impact claim with its associated metadata is submitted using the ixo protocol for validation and evaluation.
What do you hope to achieve with the end product?
SC: Number one, we hope to achieve awareness that we’re starting to see actual usage of many proposed and in-flight technologies, protocols that are being developed around decentralised identity and the blockchain. We see this as contributing to the efforts to establish self-sovereign digital identity as a fundamental new web standard.
What do you hope to achieve with the end product?
NV: This SDK will make it easy for third parties to develop apps using the ixo protocol. Part of this hack was to enable our ixo module to support React Native apps. The other part is to give crypto signing capabilities to mobile applications.
We want to make it possible for anyone to use their smartphone to capture claims by completing standardised form-based data schemas and to sign the form on this device. Your keys pairs are generated on the device and your private key is stored using the device’s secure enclave. Each time signing takes place directly on the device, so your device could be offline — which is more secure and versatile.
What is the ixo Template Schema?
SC: Using the ixo Template Schema, we’re able to rapidly provide new projects with standardised data structures that service providers can use immediately without much customisation design or the need to have technical skills for application development and coding. A service agent should be able to discover projects in which they might be interested and eligoble to participate and then to implement their services making claims uising a simple form rendering capability.
What is the role of a DID to sign into an app?
DR: The DID is a unique identifier for the person using an app, which enables them to authenticate against this identifier (without the need to remember user names and passwords) and to sign data in a way that authenticates you as the controller or owner of the DID.
Did you achieve your stretch goals?
SC: We had a few stretch goals for the week that we were able to achieve; mutli-app transition and a single app that provides key storage, key management, and DID management. This also allows more than one app to take advantage of early incarnations of this protocol and make it easier to transition and manage the (potentially many) digital identitifiers that people will have.
How did you feel about the experience of this Hack?
SC: For the past 5 years, my team at Microsoft has been engaging with customers and partners using this “hack model”, where we’ll take a focused period of time to work towards some technical solutions or technical approaches. We use this as a way to rapidly iterate, innovate solutions, identify what works, potentially fail and hopefully succeed in coming to find the ones that will work best for the use-case and context.
With ixo, we were able to to successfully achieve this in beautiful Cape Town. Much of the technology we are jointly working on is brand new. So we are inventing some new things whilst also using existing frameworks and technologies that we can build on.
DR: I’ve definitely learned a lot. I think with the contextual and cultural difference, you definitely see new ways of doing things. I’m interested in the Impact Economy as a whole and how we can generally create a positive outcome for people and society. Instead of technology removing people from their own personal data and giving it away to advantage big corporations, without proper consent, people should be able to use their data to their advantage and the advantage of people around them. We must use technology in better ways — how we originally hoped this could bring people together and help each other out. This can now happen on a global scale. It’s definitely a great way forward!
SC: At Microsoft, we’re really concerned with the worldwide human condition. For myself, making it possible for anyone to participate in our economy without being judged on prior bias or excluded for not having certain technological capabilities is not sustainable. I believe that technological innovations such as self-sovereign, decentralised digital identity, are going to level the playing field and allow people to present themselves on a more equal playing-field of opportunity.
We look forward to demonstrating the results of our hack at the upcoming Rebooting the Web of Trust design workshop in March.
We also invite all developers and application developers who want to build solutions for the impact economy, to join the conversation on Telegram and contribute to the open-source ixo project on Github