Making uPort Smart Contracts Smarter, Part 2: Introducing, IdentityManager

In the last blog post, we explored the pros and cons of the original uPort smart contracts. These contracts allowed us to onboard the first thousands of uPort users, test the uPort mobile app in a variety of scenarios, and collect feedback.

However, these contracts suffered from a few shortcomings that made them unlikely to ever be deployed on mainnet — mostly, they were quite expensive and had some privacy concerns.

uPort takes privacy and scalability quite seriously, and so we set about designing a new version of the uPort smart contract infrastructure to address as many of these concerns as possible. As one result of this process, we have created the uPort IdentityManager.

IdentityManager Contract

If you recall from the previous article, the main building block of a uPort identity is the Proxy contract. This Proxy contract was controlled by a RecoverableController, and both contracts were deployed anew for each new identity created.

Controller allows access to Proxy, which interacts with other smart contracts

At a high level, the IdentityManager contract combines the functionality of all RecoverableController contracts into one. When a user creates a new identity, they do so through a singleton IdentityManager contract. All uPort users who decide to can interact with their proxy contract through the uPort IdentityManager (or they are free to create their own, if they wish).

Because a new RecoverableController no longer needs to be deployed for each new identity, identity creation is much cheaper —about 7 times less gas than before. On top of being cheaper for the same gasPrice, this means a higher gas price could be chosen for on-boarding (for the same final cost in Ether), for faster deployment times and a better user experience.

Furthermore, the IdentityManager boasts features that were previously impossible with the RecoverableController: it allows multiple keys to control a single proxy contract. As a user’s private key can never be removed from their phone (obvious security concerns), allowing multiple keys to control an identity has the effect of allowing a user to interact with the blockchain from their identity from multiple devices.

Recovery

You might have noticed that there was no mention of recovery and/or the RecoveryQuorum above. This is a result of some current exploration into ways of improving the privacy of social recovery — there are a few interesting on-chain contract designs and a few interesting off-chain options (with Shamir Secret Sharing, etc) that are being explored currently. Expect more information about uPort Social Recovery in the coming months.

Conclusion

While the IdentityManager contract is far from a “final version” of a uPort identity contract, it is a great step towards cost reduction and privacy enhancement. It allows for a user to onboard at 1/7 the cost as before and allows a user to control their identity from multiple devices. As the technology stack in-and-around Ethereum continues to improve, we look forward to further improving on uPort’s on-chain presence.

Final Installment

In the final part of this blog series, we will explore Meta Transactions. At a high level, Meta Transactions are a way of allowing people to interact with the Ethereum blockchain without holding any Ether. This is probably the largest change to the uPort smart contract infastructure — and is quite a wonderful improvement (at least for many of our users — removing the largest barrier to entry for interaction on Ethereum).