MYKEY: Beauty of Trustless Balance — a Brief Introduction to KEY ID Protocol
In the blockchain world, the private key is the user’s certificate of the asset. All operations on the asset need the authentication through the signature created by the private key. It brings about some problems below.
(1) Users do not understand the significance of the private key resulting in it easy to lose or leak.
(2) Users who understand this still don’t know how to keep it safe.
(3) The leakage of the user’s private key will lead to the theft of asset immediately.
(4) If users cannot obtain the private key due to improper safekeeping, the asset may never be retrieved.
It makes ordinary users who dare not bear the risk of self-management of private keys often choose to keep their asset in the exchange, which is not only ineligible to the original intention of blockchain but also restricts the development of applications on the blockchain.
Trustless autonomous identity management
We hope to provide an easy-to-use, secure and fault-tolerant solution to govern the identity of users on the blockchain and solve the private key management issue of users. KEY ID protocol has made several innovations which allows users to manage their identity by themselves.
(1) Separated authorities. MYKEY splits the user’s authorities into administrative authority and operative authority. Operative authority is used for daily operations, such as transfer, mortgage, etc. Administrative authority is the highest authority of an account, but it can only modify the user’s authority without operating the asset directly.
(2) Hierarchical key management. Once the admin key (recovery code) is exported, it will always be stored offline. We recommend users to copy multiple copies or use a hardware wallet to keep it. The operation key is encrypted and saved in the user’s smartphone. Users do not need to care about the technical implementation details and only need to provide the account password or the correct bio-metrics to retrieve the operation key.
(3) Trustless recovery mechanism. To avoid the immediate consequences caused by the loss of private keys, a certain delay is required when replacing any authority with administrative authority alone. At the same time, MYKEY Lab provides an emergency contact service. After off-chain identity authentication, the emergency contact can assist in quickly replacing the key, and it can also assist in regaining administrative authority when the private key is lost (with a delay).
(4) Risk control system. In KEY ID protocol, corresponding solutions to the risk events are provided in the case of user negligence, hacking, and theft, which can deal with most problems such as mobile phone loss, password forgetting, recovery code loss, recovery code theft, etc.
In this way, MYKEY provides a trustless self-sovereign identity system.
Design philosophy
Trustless means that even if MYKEY is malicious or unavailable, users will not suffer asset loss, so the security and reliability of the service enhanced.
MYKEY redefines the identity system using smart contracts based on the blockchain. The corresponding smart contracts can be used to manage users’ authorities and execute the operations that these authorities can perform. In order to provide reliable services, the structure of the contract needs to be considered.
One of the main objectives of the design of the KEY ID protocol is to ensure the security of the user’s assets while upgrading the business logic, to update the contract under the condition that MYKEY is available. First of all, we need to separate the user’s authority data/asset data from the business logic of KEY ID protocol.
It is not enough just to upgrade the business logic and keep the data unchanged, since the upgraded code may reinterpret the user data, which brings the user’s account risk. Thus, the contract of key ID protocol will be open source and will be audited by the authorities. At the same time, the contract will be updated following contract upgrade convention.
Implementation
At present, the KEY ID protocol has been deployed on two public blockchains, EOS and Ethereum. The contract code is open source and has passed the security audit and formal verification of three top security institutions (Slow Mist, CertiK, Beosin). For details, please refer to https://github.com/mykeylab/KEYID-protocol, https://github.com/mykeylab/keyid-eth-contracts/tree/master/reports.
In order to provide more secure and reliable services, the KEY ID contract reserves the right to upgrade in case of major changes in the main network and other special circumstances, but it needs to follow the contract upgrade convention. The purpose of the contract upgrading convention is to update the contract reasonably on the premise of openness and transparency, so as to ensure the asset safety of all users.
When upgrading a contract, we will publish the upgrading reason and the contract code in advance to the community. After the new contract is deployed, the new feature has a waiting period of 4 days to activate. During the upgrade publicity and waiting for activation, users can supervise the upgrade.
What’s more, with the development of the project, the waiting period for contract upgrading will be gradually extended and become more stable.
About Us
KEY GROUP :https://keygroup.me/
MYKEY Web: https://mykey.org/
BIHU: https://bihu.com/people/1133973
Telegram: https://t.me/mykey_lab
Twitter: https://twitter.com/mykey_lab
Medium: https://medium.com/mykey-lab
Github: https://github.com/mykeylab
Slack: MYKEY LAB
Youtube: MYKEY Laboratory
