Blockchain Based Digital IDs & Privacy: Our Approach to Blockchain Identities
In general, it’s difficult to provide a consistent, all-encompassing definition for identity. Indeed, there can be several answers to the question, what is identity? Not intending to proceed with such vagueness, let’s take World Economic Forum’s definition which regards identity as an entity comprising three major attributes: inherent, accumulated and assigned. Inherent are those attributes that are present at birth, such as one’s biometric information. Accumulated attributes include the likes of health, education or service records, while assigned attributes cover passport, voter’s ID, driving license, etc.
Traditionally, paper-backed IDs have always been a globally accepted standard mode of identity presentation. However, it is prone to high risks of loss and fraud, apart from being rather irrelevant for digital domains. On the other hand, the present architecture for digital identification is predominantly centralized, meaning that identities operate through centrally located data silos.
In this article, we discuss decentralized Self Sovereign Identities or SSIDs, which represent the potential for a truly human-centric, seamless, and interoperable ID system or Identity 3.0. Furthermore, we discuss RSK’s contributions in this regard, as well as its holistic approach to blockchain-based identities.
Index
The Need for Digital and Privacy-Enhancing IDs
Self-Sovereign Identities & The Role of Blockchain Technology
Privacy & Security
Interoperability & Monetization
RSK’s Approach to SSID: RIF Identity & RIF Name Service
RIF Identity
RIF Name Service (RNS)
Prominent Features of RIF Identity & RNS
RIF Identity Use-Cases
DIDI
Taringa!
The Road Ahead
Closing Thoughts
The Need for Digital and Privacy-Enhancing IDs
Discussions regarding digital identities and privacy can consider many angles and have been significantly prolonged—but why? What is the need to care about these matters in the first place? Why does privacy matter and what is the need to have digital IDs? To properly understand the solution, we must first grasp the gravity of the problem.
When we talk of digital IDs we refer to digitally verifiable credentials, which mostly represent assigned attributes. Nevertheless, they may also include inherent and/or accumulated attributes. Bearing that in mind, let’s briefly consider paper IDs. Despite being the backbone of modern-day economies, physical, paper-based identity documents are difficult to store, can be forged easily and are susceptible to losses. Furthermore, the process of recovering lost IDs is usually long-drawn and extremely frustrating for the individual.
Apart from these problems, the increasing digital transformation of institutions and processes is also rendering physical IDs irrelevant in many cases. Consequently, traditional identity information is being variously represented digitally, while newer forms of digital credentials are emerging. Although this mitigates the problem to an extent, the current framework supporting digital IDs is highly centralized, which brings forth an altogether different paradigm of concerns. There’s a gross imbalance in power dynamics, wherein users have little or no control over the authorization, dissemination and privacy of their credentials. In the centralized hub model, individuals don’t exercise meaningful ownership of their credentials and have no say in the security of their personal data.
Despite security innovations for digital identity management systems, their use of centralized servers makes them prone to multiple attack vectors. These could include hacks, breaches, censorship, and espionage, as it has been multiply instantiated in the recent past. As such, any identification system involves three major roles: the concerned individual (provider), an issuer, and a verifier (recipient).
Presently, verifiers are mostly centrally governed, profit-oriented corporations that validate, store, and often sell the user’s identity information, all in the name of personalized experiences. This is a trust-maximized model that can be easily gamed as the process of identity presentation is fraught with security and usability weak-points.
First, the verifier may reject the integrity of the issuer for whatever reasons, ranging from personal and/or political motives to unfamiliarity. Second, the inter-role communications can be breached or intercepted by third-party bad actors, given the system’s single point of error. Third, the ecosystem’s siloed nature implies that ID management systems often cannot interact with each other, forcing the user to provide their credentials separately for different platforms and services.
In today’s world, where most things that people do—from shopping to banking to communicating—partially or fully involves the internet, these weaknesses need riddance. The demand is to shift from a corporation-centered, centralized architecture to a more human-centered, decentralized and privacy-prioritized identity management ecosystem. Apart from individuals having absolute control and ownership of their credentials, the need of the hour is distributed, encrypted and algorithmic identity verification processes.
Self-Sovereign Identities & The Role of Blockchain Technology
In general, Self-Sovereign Identity or SSID refers to a form of verifiable credentials wherein the individual is the ultimate owner of their identity, and has full control over the storage, distribution, and third-party access of this information. Above all, the SSID ecosystem doesn’t involve any centralized authority, but rather leverages mathematics and cryptography to ensure clarity, transparency and integrity.
The principle that individuals are the makers of their identities is the foundational principle of SSIDs. Apparently, this seems obvious and intuitive, but this isn’t the reality of the aforementioned centralized ecosystem: that is, internet-dependent Identity 2.0. Over and above the security and privacy concerns, individuals are rendered at mercy of centralized authorities for access to their own assets and credentials, while having no say in the process of identity resolution.
As such, the conceptual framework and demand for SSIDs have existed for nearly two decades now. However, the technological framework had been missing, until the introduction of blockchain technology in 2008. Combining blockchain’s distributed ledger with cryptography and peer-to-peer technology, we now have the backdrop for reinstating control over identities with the individual. Apart from secured storage in decentralized wallets, credentials can now be verified through the likes of Zero-Knowledge Proofs, which don’t require the individual to reveal the actual content of their identity information.
Let’s explore some of the practical advantages of adopting blockchain technology for SSIDs.
Privacy & Security
On the one hand, the rapidly increasing population of web users generates massive amounts of data, but on the other, they don’t get a share of the consequent profits. This is a picture of grave injustice and data relating to identity isn’t an exception. In turn, this enables non-consensual sharing and monetization of users’ data by corporate oligarchies, which is a serious threat to our privacy and autonomy.
Leveraging blockchain technology, SSID holders can regain control over their credentials. Since the data is secured using cryptographic keys, it can be accessed by third-parties only when explicitly allowed by the identity’s owner. In a reversal of the centralized model, this represents a trust-minimized model, wherein users have the right to revoke access at any time. The use of private-public key pairs means that the information is always held by the individual and only shared on purpose with verifiers.
Furthermore, the elimination of centralized authority minimizes the risks of censorship and espionage. The decentralized, blockchain-based SSID ecosystem stores identity information on a globally distributed computer network, rather than on centrally located servers. In turn, this significantly minimizes the risks of security attacks and breaches, as there isn’t any single point of error.
Interoperability & Monetization
As mentioned previously, the centralized identity management ecosystem is highly siloed, thereby precluding a unified use of identity information, unless there’s a partnership between the facilitating organizations.
In the case of SSIDs, the information is essentially represented in the form of digital assets owned by the individual. As a result, the individual can seamlessly provide their SSID across platforms and services, despite always retaining control. Moreover, the scenario also enables individuals to monetize their data. Considering today’s incentivized processes and platforms, this is a major breakthrough for individuals and a major step towards their autonomy.
RSK’s Approach to SSID: RIF Identity & RIF Name Service
To this point, we have been discussing the broad landscape of blockchain technology and SSIDs. Now, let’s shift the focus onto the RSK ecosystem, highlighting our approach to verifiable credentials. To gain a holistic understanding in this regard, we must begin by briefly outlining the history of RSK.
In 2015, when RSK—commonly referred to as Rootstock at the time—was first introduced, the crypto community was facing serious scalability concerns. Developers were increasingly being troubled by the platform’s inability to support custom applications. At best, only the most experienced developers could leverage the highly secure Bitcoin blockchain for their innovations. Understandably, this excluded most people.
Simultaneously, Ethereum’s release introduced unprecedented avenues for developing blockchain-based applications. Above all, it shed light on the immense potential of smart contracts and their use in building decentralized systems. The revelations were truly world-changing, although the Bitcoin community was missing out on a lot.
As a Bitcoin sidechain, RSK provides both Bitcoin’s security with smart contract development capabilities. The broader intent though, is to lay the foundations for a truly decentralized Web3.0, and it is in this regard that facilitating SSIDs became crucial for RSK. In other words, to have autonomous crypto natives, it’s necessary for them to have control over their digital identities. Moreover, privacy had to be a cornerstone for this space.
Understandably, the steep learning curves associated with the process of building and deploying SSIDs have been a major hindrance to their mainstream adoption. In turn, this hampers the formation of the decentralized internet, compelling users to stick to centralized identity management systems. At one level, RSK+RIF has developed fully-fledged solutions that leverage SSIDs. Simultaneously, it fosters innovations in SSIDs through easy-to-use and multi-dimensional RIF libraries, which developers can use to build custom solutions.
The implications of robust SSID solutions extend substantially into the domain of financial inclusion and autonomy. Eliminating the need for individuals to depend upon exclusive institutions, SSIDs can enable the global unbanked population to avail of financial services. In turn, this could be a major catalyst for positive social change and progress at a global level. Further, it’ll strengthen the adoption of crypto-assets for mainstream and institutional purposes.
Against this backdrop, let’s look at two RSK-based offerings for self-sovereign, human-centric identity creation, storage and management.
RIF Identity
As an identity and reputation layer of the unified RIFOS ecosystem, RIF Identity provides robust APIs and libraries for developers to build SSID-compatible solutions. In essence, it is a decentralized alternative for the traditional Domain Naming Systems (DNSs). Presently, this service has a strong competitive edge over its peers, primarily due to its interoperability within the holistic RSK+RIF ecosystem.
Backed by the aforementioned APIs, external and non-RSK-based protocols can also interact with the system, which lays the foundation for unified identity management. In the longer run, this revolutionary framework could play a crucial role in the holistic development of decentralized, open-source and privacy-prioritized financial processes and infrastructures. These will neither be governed by central authorities nor will there be the existing risks of censorship.
Enhancing the adaptability of blockchain technology and crypto-assets is among RSK’s primary goals. In this regard, RIF Identity is a significant step forward as it makes the addresses of cryptocurrencies and dApps more accessible with blockchain domains. Rather than being represented by long strings of characters, digital assets can be identified with human-readable names, such as bob.rsk, and so on.
RSK’s smart contracts play a pivotal role in the development and functioning of RIF Identity, which supports their heightened interoperability. The platform’s multi-domain expanse enables self-sovereign individuals to have complete control over their identity, seamlessly mapping it to every digital asset in their possession. Furthermore, the multiple identities of an individual—depending on context and need—can freely interact with each other, without making any privacy or security compromises.
Underlying the RIF Identity ecosystem is the RIF Directory Protocol (RDP), which is the facilitating framework for the distributed functioning of the user’s identity information and the associated, sensitive data.
RIF Name Service (RNS)
The RIF Name Service or RNS is one of the first stable implementations on top of RDP and is presently the most significant offering under RIF Identity. In effect, it is the service that facilitates the assignment of human-readable names to blockchain addresses. Individuals can leverage RNS for a wide range of verifiable credentials, including payment addresses, educational records, etc.
As such, RNS’s primary function within the RIF Identity ecosystem is to make blockchain-based assets and services more accessible for the common masses. For instance, instead of sending funds to Alice’s 60-character-long wallet address, Bob can now use her custom domain name, say, alice.rif. This makes the interaction much easier for both parties while eliminating the risks of permanent loss of funds sent to mistyped addresses.
Similarly, decentralized applications can also adopt human-readable addresses, making them more discoverable and thus driving usage.
Prominent Features of RIF Identity & RNS
Based on our understanding of the structure and function of the RIF Identity ecosystem, let us consider some of its most prominent features.
First, and above all, remains the solution’s blockchain and asset agnostic nature, which makes it highly interoperable by design. Rather than maintaining and using multiple wallet addresses and identity markers, RIF Identity users can enjoy the seamlessness of having a single domain address for everything. That too, in a secured and encrypted manner wherein third-parties cannot link various aspects of these SSIDs. This is crucial for the holistic, decentralized world of Web3.0 that RSK envisions.
Second, RNS domains are highly cost-efficient, offering cheap, one-time purchase of domain names. Domains are assigned through specialized blind auctions, wherein users can place sealed bids for a particular name. While the highest bidder gets the said domain, they pay the amount called by the second-highest bidder. Such physiological incentives promote fairness in the system, apart from minimizing hoarding. In all, this upholds the affordability of RNS domains and ensures low barriers of entry into the decentralized world.
Third, the services under RIF Identity are extremely easy to use, both from the perspective of developers and common users. RIF Libraries provide the elements of robust SSID protocols, while RNS domains can be easily activated and used by users. Moreover, while top-level domains are distributed through blind auctions, sub-domains can be readily delegated by the domain owner. This enables the formation of liquid secondary markets, which domain owners can leverage to monetize their assets and identities.
RIF Identity Use-Cases
Versatility is among the main distinguishing markers of the RIF Identity ecosystem. Empowered by its design and aforementioned features, the services can be implemented across sectors, ranging from finance to education. Among other implementations and several more to come, the following are two of the most prominent RIF Identity use-cases.
DIDI
Based in Buenos Aires, Argentina, the DIDI project addresses one of the pertinent local problems—lack of exposure to and trust in traditional financial systems. Built on the RIF Directory Protocol, DIDI brings financial inclusion for the unbanked population alongside extending loan services.
In the longer run, DIDI’s impact on Argentine society could play a significant role in poverty alleviation. Secured storage and management of SSIDs is a primary functionality of DIDI, which the users can access on their mobile devices for optimum portability. As a whole, the platform is a collaborative enterprise of multiple influential organizations, working in cohort to impart self-sustainability and autonomy to Argentina’s backward population.
Taringa!
Taringa is a decentralized, Latin American social media platform, built specifically for the region’s Spanish-language speakers. With over 27 million users, the platform fosters social responsibility and solidarity, generating awareness about donating, volunteering and social services.
Taringa’s mission is to build a social media network backed by actual value, and in doing so, it leverages the RSK blockchain and RIF Identity services. Apart from developing RSK-based tools for the formation of self-sustaining, peer-to-peer communities, the platform uses RIF to facilitate incentives for participation and integrated payments. While users can log into the system using their RIF-based identities, they can also use the same to receive BTC and/or RBTC payments for their activities on the platform. Indeed, instances such as Taringa represent the potentials of the much-desired Internet of Value.
The Road Ahead
By now, it’s not difficult to understand that the future holds promising prospects for RDP. The ecosystem is built on the principle of incentivization, inspiring crypto natives to trade, transact and interact autonomously with SSIDs. Simultaneously, it disincentivizes unfavorable behavior, thereby minimizing the risks of frauds, forgery, scams and hacks.
The anonymity of personal information will be the most significant outcome of implementing reliable SSIDs, although this won’t affect the integrity of systems. Privacy and autonomy, which are essentially human rights, will not only be restored but also upheld in the longer run. In the coming days, RSK+RIF will work further on these aspects of identity solutions, strengthening the parameters and innovating newer ways of ensuring optimum security of users’ information.
Presently, the RNS service allows migrations from traditional DNS addresses, predominantly by creating matching top-level domains (TLDs) under the RDP. In the case of a dispute, the concerned parties may be required to arbitrate the ownership claims among themselves. In the future, RIF services may be leveraged to set up arbitrage boards, embedded with distributed and fair dispute settlement mechanisms.
Closing Thoughts
The world as we know it is getting rapidly digitized, rendering traditional forms of identities irrelevant under several circumstances. As it is, physical, paper-based identity documents had major shortcomings. Now, their digital counterparts bring forth new categories of problems. The centralized architecture for identity creation, storage and presentation is highly problematic from the end-user perspective. Privacy and autonomy are two of the major concerns facing today’s digital natives.
Blockchain-based, decentralized identity systems—falling under the general ambit of Self-Sovereign Identity (SSID)—have emerged as a viable alternative to the above problems. In this domain, the user has complete control and ownership of their identity credentials. These digitally verifiable identities are cryptographically encrypted and stored on distributed servers, thus minimizing the risks of breaches and censorship. In other words, third parties can access an individual’s identity information only after receiving explicit permission from the latter.
Realizing the significance of privacy and autonomy in the context of digital interactions, RSK and RIF have developed robust solutions for SSIDs. Backed by the RIF Directory Protocol, the RIF Identity ecosystem enables individuals to hold seamless, blockchain-based and fully self-sovereign identities. In the absence of centralized authority, holders of RSK-based SSIDs are truly autonomous, thus able to store and transfer their identity information at will.
Further, the possibility of developing secondary marketplaces for digital identities introduces unprecedented avenues for individuals to monetize their data. Combined with other aspects of the RSK and RIF solutions, SSIDs lay the foundation for a truly decentralized Web3.0, which posits the user at the center of affairs. Enhancing the accessibility of blockchain-based solutions, RSK is leading the way on its journey towards creating the Internet of Value.