Ask two different people in the decentralization ecosystem and they will both bring different definitions of what decentralized identity is. Some will think it’s related to creating some sort of “ID Card” with one’s social profile, while others will think of giving cryptographic key-pairs to every human on earth and beyond. At Nodle, we like to think that a decentralized identity platform allows humans and machines to interact together through a set of secure protocols and shared standards, where they can sign cryptographic facts or issue specific permissions or credentials. We believe so much in that vision that we acquired a leading company in this space.
Benefits of a Decentralized Identity System
A global decentralized identity system that would rely on carefully established, peer-reviewed and adopted standards such as the DID (Decentralized Identifier) standard proposed by the W3C, would guarantee users an Internet with more control of their own data—even in the physical world. Even better, this system would also be able to improve traditional identity solutions such as the ones powering our government-issued ID cards. For instance, the Government of Estonia has been using smart ID cards for many years now, relying on cryptographic keys and signatures, just like DIDs.
We are seeing huge benefits in such an approach in the Blockchain IoT world as a whole, and especially in terms of scaling and expanding Nodle’s capabilities:
- We can generate what we call cryptographic facts, as unique, tamper-proof records of real world interactions. For instance, when a user unlocks a door, accesses a sensor, or even uses a database, such fact (or occurrence) can be recorded, signed and saved as a unique cryptographic trail of the real world events. This has both major implications and advantages when interacting with mission-critical devices such as health, security, or industrial control systems.
- By leveraging the same cryptographic fact system, one can create a verifiable audit log of database accesses. This is a huge leap forward for privacy, as one would now be able to present a cryptographic proof that some data was or was not accessed by certain parties. Coupled with secure enclaves like Intel SGX, this could be a game-changer for the whole industry.
- Finally, by leveraging an open standard, we ease the potential portability of data between two systems. A database, or even a small embedded system relying on DIDs, or any other standard, could easily be integrated with similar compatible systems. In addition, a user’s data could easily be moved between services at-will.
Our Contribution to the Decentralized Identity Ecosystem
Our team is currently developing what we call our Decentralized Public Key Infrastructure (PKI) as an off-chain and decentralized certification solution for IoT devices and decentralized identities. It’s powered by a Token Curated Registry (TCR) to make it even more decentralized.
Why an Off-Chain Solution
An issue we had with existing solutions is that they seem to mostly focus on an on-chain identity. Typically, this means storing one’s social profiles on the chain or creating one transaction (which allocates some storage space too) for every single IoT device. We knew this would not be scalable, as we are targeting and working with customers with millions of devices to be certified, nor private or confidential (some manufacturers do not want to reveal the number or types of devices they produce).
This is why we prioritized an alternative implementation that uses the Blockchain for the initial purpose; decentralizing trust. This way, we remove the reliance on third parties for our customers, instead of trusting large for-profit companies, they can trust math and cryptography. To do so, we developed the root-of-trust pallet which, coupled with a TCR, enables users to manage their own certification authorities. We also developed a CLI (Command Line Interface) Tool Reference, with more to come in the pipeline.
Token Curated Registry (TCR), Defined
The TCR is how we let people enter the system and become their own certificate authority. It’s a way to curate (review and approve applications to join the system) the list of members joining the system. Traditionally, this would involve a heavy KYC (Know Your Customer) process with every potential candidate. In our case, a group of people (Nodle Cash token holders, or a specially selected jury) votes on the decision to include or reject a certain entity from the registry. Because the votes are weighted by the amount of tokens one owns or is able to lock, we say the votes are “token-weighted.”
Put simply, a Token Curated Registry is a list for which people debate the addition of new entries through token-weighted votes.
This post is part of an ongoing series we are making to explain the inner workings of our Arcadia chain and our efforts in this direction. Stay tuned for the next one!
Blockchain Tales: Nodle’s Take on Decentralized Identity was originally published in Nodle on Medium, where people are continuing the conversation by highlighting and responding to this story.
