Identity protocol v1: Difference between revisions
Line 12: | Line 12: | ||
* Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith", gov.us.ssn = "123-45-6789"). | * Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith", gov.us.ssn = "123-45-6789"). | ||
* Third parties may offer digital attestions: Identity Verification, Inc. digitally signs a SIN as passing their Not A Criminal/Level-1 check. | * Third parties may offer digital attestions: Identity Verification, Inc. digitally signs a SIN as passing their Not A Criminal/Level-1 check. | ||
* | * All data updates digitally signed by SIN owner (key holder) | ||
==Creating sacrifice transactions== | ==Creating sacrifice transactions== |
Revision as of 05:57, 28 June 2013
Design goals
Decentralized identity.
A SIN ("System Identification Number") is the unique record identifier by which this identity will be known.
Attributes:
- Has some creation cost, deterring spam.
- Sacrifice may be digitally proven, bootstrapping root of trust from blockchain data
- Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith", gov.us.ssn = "123-45-6789").
- Third parties may offer digital attestions: Identity Verification, Inc. digitally signs a SIN as passing their Not A Criminal/Level-1 check.
- All data updates digitally signed by SIN owner (key holder)
Creating sacrifice transactions
Creation cost is attached to decentralized identity by means of sacrificing a small amount of value.
An implementation of Announce/Commit Sacrifices. That author's feedback on this protocol was very helpful.
- MPK = master public key
- TM = current block height
- Create and sign transaction T2. Broadcast if desired.
- must include Hash160(MPK) OP_TRUE anyone-can-spend output with value >= 0.001BTC
- nlocktime = TM + 144 blocks
- no more than 1000 bytes in size
- Create, sign and broadcast transaction T1
- must include OP_RETURN serialized(T2) output as last txout
Creating a SIN
- Prefix = 0x18
- SIN_Version = 0x01, similar to how a UUID's form is dictated by a UUID's self-identified version
- MD = Hash160(MPK)
- SIN = base58_encode_check( Prefix + SIN_Version + MD )
- Hyphenate or space SIN for easier human reading
Validating the root identity information
- B1 = block w/ T1
- B2 = block w/ T2
- Verify B2 height - 144 >= B1 height.
- Verify announced T2 is valid
- Verify mined T2 spends same inputs as announced T2 (not equal to account for Transaction Malleability)
- Fail and waste sacrifice if not.
Thus a minimal root record is MPK and is provably
- linked to the sacrifices
- MPK starts a new chain of digital signature trust, for further record updates
Future work
After creation, the root identity and key-value pairs must be stored $somewhere.
After that root identity is created, additional key-value pairs may be associated with the root record via updates verified by MPK, stored in an alt-blockchain or DHT somewhere. That is outside the scope of this minimal document, at this time.
Key attributes of this system, like price and transaction size, are hardcoded. It is presumed that version 2+ will improve upon this, once field experience is gained and lessons are learned.