Blockchain holds the potential to be a powerful accounting system for many transactions taking place today.

Most importantly it can be a tool to account for sustainability and impact investment, things that money has had trouble accounting for truly.

The decentralization blockchain provides is key to this possibility, so that it does not become another centralized value system.

Decentralization requires centralization of decision making with INDIVIDUALS on the network through a sovereign digital identity protocol that is cooperatively owned and governed by the users. 

In order to preserve the decentralized capabilities of encrypted digital ledger technologies, Future Culture strives to educate and help facilitate implementation of a digital sovereign identity protocol.

An Open Source Protocol for Sovereign Digital Identity

Sovereign digital identity is the right to one’s online identity including the right to decide and know how it and data related to it is used. This right includes the ability to participate in and govern the protocol used to create sovereign digital identity and understand the implications associated with releasing any personal data. This system is the opposite of most privately owned technology platforms today in which a select few are the decision makers for the protocol that is the infrastructure for the many.

Technically, it is a protocol that protects this right by placing the power in the hands of the identity holder. In order to protect this right the identity protocol must remain a public good and not a privatized infrastructure with centralized stakeholders. It is cooperatively owned and governed by all of the users.

Jack Miller is our main technical collaborator who has wrote this open source code for Ethereum (available on Github). We intend for this protocol to work across blockchains and eventually develop a global cooperative ledger for identities. He would appreciate your input and feedback and reuse!

About the Code

This contract is available on the Kovan testnet: 0xd8fab77b7125de6d1a17dfacbdc0062837949a11

Features

  • Securely store identity data

  • Associate Ethereum account with identity data

  • Securely share approved data with applications, granular down to the individual data point

  • Scanner for sharing with applications

  • Revoke sharing permissions

How It Works

The works by creating personas which are a mapping of data to an Ethereum address. The data is stored in IPFS and encrypted so only you can decrypt it. The IPFS file paths are stored in the blockchain. You can share data with applications on an attribute by attribute basis, and encrypt the dataset with the public key of the entity you'd like to share with, so that only they can decrypt it. Sharing can occur by the client scanning a QR with data following an expected format which allows the client to approve the request to share data, and submit the transaction to the blockchain so that the application can get the files from IPFS and decrypt the data.

Screenshots

Screen Shot 2017-07-31 at 6.21.29 PM.png

 

NOTES

  • The public key used to encryption is derived from the private key and is NOT the public key of the Ethereum address.

  • This only deploys data to local IPFS nodes at the moment.

  • This is still a little raw, and I plan to move it to a library

Prerequisites

This app requires node and uses IPFS to store files. You must first install IPFS https://ipfs.io/docs/install/

To run

npm install
ipfs daemon
browserify main.js > js/bundle.js
node app

What can We Do with An Identity Protocol // Why Do We Need It?

This identity protocol functions as a cryptographically secure container for ourselves and our data that can act as our portal to the next generation Internet.  Ownership of an account starts with owning a private key, which is akin to a more secure password.  The owner of the private key is the only one with full control over the data.  An address is a public facing identifier that is safe to share with others, unlike the private key.  With your address and private key, you can submit transactions that get written to the blockchain.  Instead of trusting a third party to safeguard your data behind closed doors, you can trust in the advanced math that secures the system, known as public key cryptography.  Since the blockchain is public, you could even read the blockchain yourself and check the math if you were so inclined.  

Over time, you will create a history based upon all the transactions that you have sent, contracts that you have signed, and any other information associated your account that you wish to share.  This history can be turned into a reputation for your identity that you fully own.  You will be able to prove your identity in any situation without compromising your personally identifiable information.  

You create your online persona by having your data associated with your address and private key.  You can add and edit your information like you just like you would with any other online profile.  -NOTE - this is how it works now, but this does not mean it’s the best way  - we welcome open source contributions.

This means you enter your data, like your name, which gets securely stored as files in decentralized storage infrastructure using your address and private key.  The location of these files is stored on the blockchain in a smart contract.  When you want to share you data, for example when logging in to an app, you confirm which data fields you would like to share and the location of that file is stored in the blockchain.  The app can then look in the blockchain for your data files, and the data is encrypted in such a way that only that app can decode the files using their private key.

Apps can can access your data by finding the location of the files written in a smart contract.  A smart contract is an if/then statement written in the blockchain.  They are similar to other computer programs except they are publicly accessible and verifiable.  For those unfamiliar with coding, the most basic form works like a decision tree:

If SOMETHING_IS_TRUE then

DO_THIS

If not, then

DO_THAT

When you register a persona, your data files are stored in the PersonaRegistry contract:

contract PersonaRegistry {

   struct Persona {
       mapping(address => string) ipfsPointer; //app you’ve shared with => data file location
   }

   mapping(address => Persona) personas;

   
   function createPersona(string ipfsPointer) {
       personas[msg.sender].ipfsPointer[msg.sender] = ipfsPointer;
   }



   ...

}

The client encrypts your data locally and submits a request to add the location of your data file to your persona. Changes to data associated with a persona can only be added or changed by submitting requests signed with that persona’s private key.  

Apps fetch the location of your data files by calling this function:

contract PersonaRegistry {

   …


   function getPersonaData(address entity, address personaAddress) constant returns (string) {
       return personas[personaAddress].ipfsPointer[entity];
   }

}

You may notice that since all data in smart contracts is public, that location of the data files could be read by anyone willing to read the smart contract.  However, the data is encrypted locally and can only be decrypted with the correct private key, so we are safe to store the file location in the smart contact.

While the inner workings of this identity system require technical knowledge to understand, you will not have to understand how this system works to be able to use it.  The details should be hidden from view and the experience of using your identity online should be familiar and the integration with apps should be seamless. The user interface for the smart contracts and the identity blockchain must be designed to be intelligible for all people.

Why is this Protocol Necessary?

At the root of the blockchain revolution is the relocation of trust which requires sovereignty of one’s digital identity. Rather than proving your identity to a third party (think bank or Paypal or Facebook in order to connect or transact with other people), you are connecting with them directly. Thus it will be important the protocol for proving your identity, and your reputation in that context (think your Airbnb reputation, but not determined by just one company).

There are many cryptocurrency and blockchain companies claiming that they are building an identity system will make it possible for people directly with each other, enabled by blockchain technology, without the need for a third party like PayPal or eBay or governments to facilitate the transactions.  What most of these companies are not disclosing, though, is that they are acting as the new third party gatekeepers to this Utopian narrative of the future in which we transact using their digital marketplaces, their reputation systems, and, most importantly, their identity systems.  The subtext is that with their centralized investment structures, they will be beholden to delivering profit first to their shareholders rather than enabling the best infrastructure for global identity for all peoples.

Governance

The rules for governing the protocol should be democratically decided by all identities. The protocol can live on a global identity blockchain which can serve as the identity layer for digital systems. Robust reputation systems can serve as community based security features that prioritize decentralization of the trust placed in centralized identity providers today.

Once we have a suitable identity protocol, we can start to build the applications that are made possible by the decentralized nature of blockchain like sharing locally produced solar energy, attesting to decreasing greenhouse gases in the atmosphere, and collaborating with like minded artists, from a digital identity that we can rightfully claim.

Past Events:

Name *
Name