Self Sovereign Identity - Decentralized Identities Through Blockchain Technology
Blockchain technology can disrupt multiple sectors. One of those areas which are ready for disruption has to be “identity”. Even though several steps have been taken to improve the identity industry, incorporating the blockchain can truly disrupt this space.
What is Self Sovereign Identity?
Self-sovereignty is the idea that it is an individual’s moral right to have ownership over their own body and life. Self-Sovereign Identity (SSI) is critical now, more than ever, because every company and entity has an online presence. Having so many siloed identities dramatically increases the chances of online fraud or identity mismanagement.
Plus, keeping in mind that we are living in an increasingly automated world that is soon going to implement IOT (internet of things), it is increasingly more critical for an individual to have identity rights.
How can the blockchain help usher in self-sovereign identity? Let’s take a look.
The Three Main Problems That Blockchain Will Solve
What are the three main problems plaguing the digital identity space which the blockchain can solve?
- Digital units shouldn’t be easy to replicate.
- Digital files should be tamper-proof.
- Digital processes should be tamper-proof.
#1 Digital Units Shouldn’t Be Easy To Replicate
Anything of immense value should be complicated to replicate. The same is true for personal digital identity. It shouldn’t be possible for two people to use the same identity details. This is not just limited to identities. In the cryptocurrency space, this problem is called “double-spending.”
Double spending means that you are using the same coin to conduct more than one transaction. Think about it like this. If you had a $10 note with you, it should be impossible for you to spend that money in more than one transaction at a time. If you are in a shop, then it should be impossible for you to buy two $10 items at the same time using the same $10 bill. You can mitigate that in fiat scenarios because:
- You are either physically transferring cash from one hand to another.
- You have a centralized entity i.e., a bank that oversees all the transactions.
Digital money is different from fiat in that regard. When you are making a transaction, you are simply broadcasting to the network that you want to send a particular amount of money to someone else. What is stopping you from making another transaction with the same coins before the entire network agrees to validate your previous transaction? How will the network know which transaction is genuine and which isn’t?
bitcoin mitigates this via the utilization of blockchain technology:
- Each transaction has to be verified by the users of the blockchain network.
- The miners validate the transaction in exchange for a fee.
- If the miners don’t catch a double spend transaction, then they will lose the fees.
If someone attempts to double spend using the same bitcoin, then both the transactions will get automatically rejected. Once a transaction is verified for a particular bitcoin, its details get added into a block.
All the blocks in the blockchain are linked via a hash pointer. Each block stores a hash of all the data that is stored in the previous blocks. Plus, as we have said before, the blockchain is transparent so all the data inside the blockchain can be visible to everyone who is part of the blockchain’s network.
So, applying this logic in bitcoin, every single bitcoin can be accounted for via its transparency. Also, any attempt to change the coin’s history will be impossible as the transactions stored in the blockchain are hashed cryptographically to the previous blocks. The immutability and transparency of the blockchain prevent double-spending.
#2 Digital Files Should Be Tamper-Proof
Back in the day, all the personal record files used to be physically stored in registers, this brought in a host of problems.
- Anyone can steal the registers.
- It is very simple to bribe someone to tamper with the records.
- Registers are susceptible to wear and tear.
Even when the system was made digital, specific problems persisted.
- The system could always be hacked.
- The bribe angle still remained. Anyone could bribe an official and make them change the records.
What was needed was a system that could store all these files and make them “non-tamperable” or immutable. The blockchain could bring this feature into the system.
Each block in a blockchain has its unique digital fingerprint called “hash”. Once the files go inside a block, they cannot be tampered with because the cryptographical hash functions will prevent that from happening.
A cryptographic hash function is a particular class of hash functions that has various properties making it ideal for cryptography. There are specific properties that a cryptographic hash function needs to have to be considered secure. One of those properties happens to the “Avalanche Effect.”
What does that mean?
Even if you make a small change in your input, the changes that will be reflected in the hash will be huge. Let’s test it out using the SHA-256 algorithm:
Do you see that? Even though you just changed the case of the first alphabet of the input, look at how much that has affected the output hash.
So, anytime someone tries to change the data inside the blockchain, it becomes instantly evident that a tampering-attempt has been made.
Plus, all the blocks are also linked to each other via hash functions. Each block in the blockchain has the hash of the previous block. As such, if tampering does occur, it changes the entire structure of the chain, which is an impossibility.
#3 Digital Processes Should Be Tamper-Proof
The third problem that the blockchain can fix is securing a trustless process. Every official institution has a process for each and every activity but they may not be strictly adhered to. This could happen for two reasons:
- General human negligence.
- Malicious intent.
As you can see, these problems are both human-related.
To secure something as important as personal identities, a set process should be followed, which cannot be tampered with. A lot of actors need to follow specific steps every single time to ensure the safety of the process and to eliminate any corrupt human behavior.
The blockchain pretty much solved this problem a long time back through the “consensus mechanism.” Think about it. A blockchain is a distributed system with a large number of actors. To make any decision, all these people need to reach a majority consensus, how do they do it? Several mechanisms help them achieve such things, such as Proof Of Work, Proof of Stake, etc.
The main takeaway is that a blockchain can ensure a seamless, secure data storage process free from human emotions/negligence.
Projects bringing in self sovereign identity
We will be looking into the following projects that are currently working in the self sovereign identity space:
- RIF Directory.
According to its website, “Sovrin is the world’s only global public utility for trusted, self-sovereign identity. Like the Internet, it is not owned by anyone: everyone can use it and anyone can improve it.” To put it simply, Sovrin is aiming to put an individual’s self-sovereign identity on the blockchain.
One of the key technologies it uses is “zero-knowledge proofs.”
Brief overview of zero-knowledge proofs
Zero-knowledge states that a prover can prove to the verifier that they possess a specific knowledge without telling them what that knowledge actually is.
Eg. Alice can prove that she has over $500 in her account without revealing her total balance using zero-knowledge proofs.
For a Zero-Knowledge Proof to work, it needs to satisfy certain parameters:
- Completeness: If the statement is true, then an honest verifier can be convinced of it by an honest prover.
- Soundness: If the prover is dishonest, they can’t convince the verifier of the statement’s soundness by lying.
- Zero-Knowledge: If the statement is true, the verifier will have no idea what the statement actually is.
Sovrin plans to use zero-knowledge proofs to make sure that a user can reveal just about enough of their identity to access various online platforms without compromising on their privacy.
According to Outlier Ventures, the concept of Pairwise Identifiers is one of the most breakthrough innovations they have ever seen. To understand what pairwise decentralized identifiers (DIDs) are, let’s look at why this innovation is so path-breaking.
Your social security number and credit card number is a constant fixed number. Anyone can use them to keep track of what you are doing, where you are, and what you are spending your money on. Such types of identifiers are called “Universal Identifiers”, and they carry significant privacy risks.
One of the best examples that clearly underlines the risk of universal identifiers is the Equifax Hack where attackers were able to steal half the US population’s social security numbers.
So, how do pairwise identifiers solve this problem?
Imagine you want to open an account on an e-commerce website. Instead of giving them your credit card number or phone number, you simply give them a DID, which you have generated just for this purpose.
The beauty of this DID is two-fold:
- The DID can be used as a simple Universal Identifier on the merchant’s side. They can use it to contact you or to charge you’re a monthly subscription etc.
- However, if the merchant suffers a breached and your DID has been compromised, you can simply cancel it and get a new one without affecting any other relationships! This simple shift makes sure that your DIDs are not worth stealing at all!
This innovation makes sure that your attackers don’t have any incentive to steal your identifiers at all.
The Sovrin Token
Before we continue, the concept of verifier, issuer, and the owner should be made clear.
Suppose you give your credit card to a merchant, the merchant needs to verify the credibility of your card via your bank. In this case:
- You = Owner.
- Merchant = Verifier.
- Bank = Issuer.
Verification of the identity of the owner is done between the verifier and the issuer.
The Sovrin token provides a global public utility for SSI which creates a virtuous cycle of issuers competing on credential quality and cost. This, in essence, creates a flow of trust that can either go from verifiers to issuers OR from verifiers to owners to issuers.
Case #1: From Verifiers to Issuers
In this case, Sovrin uses zero-knowledge payment protocol so that the issuer has absolutely no clue as to who is using the credential or where it is being used. They will only know that the issuer is being paid the asking price in Sovrin tokens.
Case #2: Verifiers to Owners to Issuers
In this case, verifiers can pay for credentials directly from owners, and owners can do the same with issuers.
Rootstock (RSK) is a smart contract platform that is connected to the Bitcoin blockchain through sidechain technology. Lying on top of RSK is its technological stack called RIFOS. One can think of RIFOS as a decentralized AWS and a “third layer.” Developers can use RIFOS to bring in a lot of interesting functionalities into the bitcoin blockchain which would have been impossible to do before. One of those functionalities happen to be self-sovereign identity, which it brings in with RIF Directory.
What is RIF Directory?
RIF Directory is the identity and reputation layer for RIF services and an important component for the decentralized sharing economy which will enable self sovereign identities. Directory will help both people and developers find services and allow people to know and learn about them. It allows people to share information about other people/ services if they want.
On RIF Directory, this information will be verifiable and reliable. RIF Name Service (RNS) is a decentralized service that allows users to have a readable domain in any blockchain. It can be used to identify other personal resources, such as payment, ID, storage, or communication addresses. RNS and the rest of Directory services.
Why use RIF Directory?
- Protects users’ personal data and empowers them to manage who can access it and gives them full control over their reputation.
- It allows users to interact with multiple marketplaces and platforms with the freedom to move from one to another without losing their track record, contacts, and social value.
- Provide users and nodes with unified APIs and libraries to interact with all major self-sovereign identity protocols.
- Users can easily control their IDs to interact in decentralized economies while building a self-sovereign reputation that will enable users, especially those excluded from the traditional financial system, to participate in the decentralized digital economy of the future.
How does RIF Directory fit in with the rest of the RIF ecosystem?
RIFOS is currently working on multiple innovations right now, which makes the need for a reputation and identity layer higher than ever before. RNS will allow users to find different services in the RIF marketplace, while RIF Directory will help in determining the reputation of the entities providing the services. This helps in creating an interoperable ecosystem within the marketplace which will speed up the design of self sovereign identities.
Self Sovereign Identity – Conclusion
RIF Directory and Sovrin are disrupting the identity space for good. As the world gets more digital and transparent, your identity becomes more important and vulnerable. As such, strict measures must be taken to fortify it as much as possible. Self-sovereign identity through blockchain should be the way we tackle the “identity problem” as we go into the future.
Get started today
Already have an account? Sign In