Primer: Web3 denotes a future where decentralization is built into the architecture and control is returned from tech behemoths to the rightful owners, i.e., users. The ability of blockchain to deliver on the promise of a future free of intermediaries stems from decentralization, which essentially describes a distributed network architecture enabling peer-to-peer value transfer in a transparent and coordinated manner. The technology has garnered popularity only in the financial sector so far. However, blockchains’ use case extends beyond finance and can secure the democratic process, improve healthcare services, and revolutionize supply chain management, among other social and political applications. But the realization of this potential is subject to the creation of decentralized protocols for verifying human identity.
Decentralized ID
Unlike typical identifiers (passports, driving licenses, etc.) Decentralized IDs leverage verifiable credentials (VC) and blockchain to create digital identities that users have control over and can use to log into various systems without exposing their personal data to online risks. The design eliminates dependence on intermediaries (centralized registries, identity providers, or certificate authorities) and protects against identity and data theft. In order to understand the rationale behind the creation of Decentralized IDs, it is imperative to understand the issues with centralized identity management systems.
Centralized identity management systems
In centralized identity systems, a single entity is responsible for storing all digital data. Digital data encompasses all user (individual, group, or organization) data available online, from photos and emails to physical identity information. All information is housed in siloed databases creating a single point of failure. These databases can be compromised through security breaches or centralized attacks. Thus, data tampering and loss are common, raising concerns over the integrity of the systems. The cost and complexity associated with their use prove ineffective compared to a well-implemented and verifiable decentralized protocol.
Blockchain for Decentralized Identity
Creating a trustless and transparent environment with a substantial degree of user control has resulted in a great interest in leveraging blockchain technology for decentralized identity solutions. In contrast to centralized systems, blockchains are more fault-tolerant, attack-resistant, and collusion-resistant. Blockchains provide a global, decentralized, and distributed peer-to-peer network architecture that can tolerate localized shutdowns. All information is publicly accessible to the network participants who are entrusted with validating the legitimacy of the data by utilizing cryptography. Furthermore, the arrangement ensures data is distributed among all participants (nodes) who work to achieve consensus over the current state of the ledger. The open-source nature assures maintenance and integrity of the network are shared amongst all participants. The absence of centralized authority makes blockchain maximally resistant to a single point of failure. It is tamper-proof as modifications and alterations aren’t possible unless the majority of the network participants agree, significantly lowering the chances of a coordinated attack or an effective manipulation. Blockchain’s functionality as an immutable digital ledger helps address some of the major shortcomings associated with using centralized identity systems, namely, inaccessibility, insecurity, and fraud.
In today’s data-driven environment, digital identity is essential and must be protected against breaches and leaks. The need of the hour is to gain control over our identities from centralized entities that hold all our information. Decentralized Identity rooted in blockchain can make this a reality.
Decentralized identity systems return the control and management of data to the users. It is the users’ prerogative to decide how to share the data and with whom. Public key cryptography enables the free movement of private data on public networks without exposing encrypted information. Consequently, the setup offers greater privacy and control over data and helps evade the issues that stem from the inherent insecurity of the centralized systems and poor cyber hygiene. Verifiable credentials (VC) and blockchain are essential elements of Decentralized IDs. Verifiable credentials are a digital representation of physical credentials not limited to physical documents but include aspects such as NFT ownership. VCs, as the name alludes to, are verifiable, and respect privacy. The use of digital signatures is the equivalent of the anti-tampering mechanisms on physical credentials, with blockchain enabling instant credential verification.
Decentralized IDs aren’t siloed to a particular blockchain and can operate across all platforms, including different blockchains. In conjunction with VCs, users can create one secure ID that encompasses all their physical credentials like driver’s license, passport, employee ID, educational certifications, and social media accounts.
Listed below is a breakdown of the elements that form part of the setup of decentralized identity.
Issuer – The entity responsible for creating a Verifiable Credential, writing it in the decentralized ledger, and transmitting it to the holder. In addition, the issuer is responsible for verifying the identity information.
Holder – Holders are users and owners of the identity. They possess one or more Verifiable Credentials transmitted from the issuer to their wallet (typically a phone app).
Verifier – Refers to the receiver/destination that is responsible for verifying the authenticity of the VC using the issuer’s DID from the ledger.
Blockchain/Ledger – Refers to the digital, immutable, decentralized, and distributed ledger that acts as a backbone for decentralized identity systems. It provides the mechanism for DID creation and operation. It serves as a verifiable data registry.
DID document – Accessible using a verifiable data registry, a DID document contains public keys used to securely authenticate and interact with DID. Additionally, it may contain information that specifies the services associated with the DID.
Note: The user’s role in the case of decentralized identity systems is upgraded to that of an issuer as opposed to a mere holder as in centralized identity systems.
Some applications of Decentralized IDs
While there is a growing interest in deploying crypto and the accompanying technology across various communities, from academia to socio-economic and philosophical ones, the current governance model is rather plutocratic (one-token-one-vote).
Most blockchain governance models validate membership through Proof of Work (requiring ownership of machinery for mining) or Proof of Stake (requiring ownership of particular tokens). This resource-based governance model contributes to plutocracy as opposed to democracy, concentrating voting power in the hands of a few players. Likewise, dApps tend to favor money over contributions, making them speculative and beneficial only to users with deep pockets.
An ideal and egalitarian scenario would be one where PoW’s one-CPU-one-vote and PoS’s one-dollar-one-vote are replaced with the creation of a system enabling Proof of Personhood or one-human-one-vote. However, creating a system that corroborates unique human identities has been previously tainted with the Sybil attack problem, wherein a digital network is abused through the creation of several illegitimate virtual personas. Integrating Decentralized IDs into protocols can help address the Sybil problem and contribute to identity verification on-chain. In addition, such protocols will be more accessible and rewarding to new and active participants.
DeFi
The architecture of blockchains has several benefits, but it comes with significant vulnerability in the form of Sybil attacks. The creation of multiple identities by individuals to exploit protocols and extract maximum benefits during airdrops is a common problem. Conversely, if the project integrates Decentralized IDs and airdrops only to verified users, it would succeed in the justified distribution of tokens among participants. Thus, Proof of Personhood protocols necessitate authentication and reduce bot interference to enable egalitarian airdrops.
DAO
The use of Decentralized IDs shall demonstrate a shift in the voting power to create a sustainable democratic governance model. The current token-based voting mechanism is skewed towards the wealthy prioritizing stake ownership over honest and active contribution.
Social Media
Decentralized IDs can provide strong Sybil protection to social media networks. Social media is overrun with bots and misinformation. PoP solutions can help curb the spread of fake news and minimize fake impressions on social media accounts.
Universal Basic Income
Deploying PoP protocols can ensure equitable distribution of crypto to all network participants and eliminate fake identities that defraud the system. The idea is to create accessible and verifiable ecosystems where users aren’t discriminated against or sanctioned but empowered and rewarded.
Examples of Decentralized ID protocols
BrightID
BrightID is a social identity network designed for unique identity verification. It is used to prove that someone exists in a system only once. Creating your identity on BrightID is simple and involves downloading the app and attending a verification party where users need to follow the hosts’ instructions.
Idena
Idena is the first proof-of-person blockchain that allows for anonymous proof of humanity and proof of uniqueness for its participants. Based on democratic principles (one person with equal voting power), every node on the Idena network is linked to a crypto identity and can start mining Idena. Verification on the network doesn’t require disclosure of personal information. Instead, users must appear online when the validation ceremony starts and solve a series of flip-tests (human-made CAPTCHAs). Idena seeks to solve the oracle problem by utilizing its independent mining nodes as oracles. Also, Idena accounts are Ethereum compatible.
The Proof of Personhood Passport
The team behind Gitcoin has built The Proof of Personhood Passport (PoPP), a transportable proof of identity for the Web3 space. The PoPP allows you to leverage the same identity individuals use on Gitcoin Grants. Its design aims to increase Sybil resistance and unlock an entire ecosystem with one-human-one-vote use cases such as quadratic algorithms for voting and funding.
Internet Computer
Internet Computer brings greater trust, privacy, and security to the Web 3 space with its decentralized solution of People Parties. With People Parties, IC aims to create a system that lets billions of people prove anonymous personhood with minimum inconvenience. The primary purpose is democratization, better economic inclusion, and the creation of a blockchain governed by one person, one vote. Moreover, PoP is critical to better network decentralization as it shall ensure nodes do not end up being owned and operated by a small group of whales. IC’s People Parties is built on the fact that real humans can only be in one place at a time. Therefore, validated personhood is bound to benefit the IC ecosystem more broadly: Open Internet Systems (dApps that decentralized governance systems control) will be able to leverage the benefits of improved decentralization. Moreover, any dApp will be able to utilize validated personhood to differentiate between bots and actual humans.
How do People Parties work? Each party shall take place at one specific time. Before that, the participants must commit to a location they shall visit at the time of the party. Participants shall be assigned to small, random subgroups before the party commences. At the time of the party, they shall meet in a real-time audio/video call with the preassigned group members. The video call shall reveal only their surroundings proving they are at the location they committed to. The locations selected will require to have a certain minimum distance.
The Future of Decentralized IDs
According to an article published in the Economist, the world’s most valuable resource is no longer oil but data. At present, all our data is owned and controlled by centralized entities, and despite the endless security measures, our data isn’t safe because breaches and hacks are still common. Decentralized IDs can fix this problem by keeping the data private and ensuring it leaves the private blockchain with explicit permission only. This capability was previously unavailable, but cryptography has made decentralized identity a thriving possibility. Under the Decentralized ID setup, applications enable users to create their own identities. Upon creation, cryptographic keys (public and private) are generated, and these keys are an essential requirement for verifiable credentials and assertions. While innovation in the field of Decentralized IDs is still in its infancy, it’s only a matter of time before these solutions grow exponentially. A mature and advanced version of decentralized identity acceptable in physical and digital places and private and public sectors will have substantial significance in the future.
Decentralized identities won’t be restricted to on-chain activities and can be utilized in the interaction of traditional contract agreements. They can have applications in sectors such as healthcare, education, real estate, travel, etc.
Decentralized Identity has a promising future with the ability to completely reconstruct the centralized physical and digital identity ecosystem into a decentralized and democratized architecture with no particular organization or entity governing user data.
Conclusion
Providing users complete control over their identifiable information is not an easy task. Blockchain is undoubtedly accelerating the shift from siloed and centralized identity systems to decentralized digital identity systems, but there are critical technical, legal, and infrastructural considerations. One key challenge is establishing whether the identity claimed is real, unique, and belongs to the rightful owner, aka Synthetic identity. The interoperability between different DID methods would be another challenge. In order to build an interoperable ecosystem of multiple issuers, verifiers, and wallets, standards must exist so that there is seamless portability and users can easily and increasingly adopt the technology.
While blockchains provide massive utility through the convergence of the security of private keys and the convenience and transparency built in the blockchain architecture, they can still not be considered the panacea for digital identity issues.