,
17 tweets,
9 min read
Read on Twitter
2/ Our focus is still on Self Sovereign Identity for #ethereum, but we've learnt so much since our first experiment back then.
Here is a diagram of our original architecture...
Here is a diagram of our original architecture...
3/ Most importantly the key to safely build #identity on a blockchain is to actually use as the #blockchain as little as possible.
Ideally a good identity solution for blockchain applications provides an off-chain method of linking together on-chain interactions.
Ideally a good identity solution for blockchain applications provides an off-chain method of linking together on-chain interactions.
5/ The 2nd largest problem with privacy in most smart contract based #blockchain applications is gas funding.
Even if with multiple accounts for various #dapps it is easiest to fund each one using one or two accounts holding #ETH. This makes it easy to correlate an identity.
Even if with multiple accounts for various #dapps it is easiest to fund each one using one or two accounts holding #ETH. This makes it easy to correlate an identity.
6/ Our first version in 2016 introduced a gas funding service we called Sensui, but only for a single account.
In 2017 we introduced Meta Transaction funding to solve it more efficiently but still only on test nets. On mainnet it would be too expensive to run with real #ETH.
In 2017 we introduced Meta Transaction funding to solve it more efficiently but still only on test nets. On mainnet it would be too expensive to run with real #ETH.
7/ First problem with #MetaTransactions and gas funding in general is that you have an intermediary (us) who could in theory censor your transactions.
8/ Second problem with #MetaTransactions and gas funding is that to protect ourselves, we would need to run some sort of anti-sybil protection to avoid abuse.
Early users of @uport_me will remember having to verify their phone number, which was for this specific purpose.
Early users of @uport_me will remember having to verify their phone number, which was for this specific purpose.
9/ The 3rd problem with #MetaTransactions is that most implementations (including ours) requires the creation of a proxy contract to support #ethereum's msg.sender abstraction.
This makes it expensive to create masses of non-correlatable accounts needed to ensure privacy.
This makes it expensive to create masses of non-correlatable accounts needed to ensure privacy.
10/ The coolest feature we showed back in Shanghai was Social Identity Recovery. This took a combination of very complex smart contracts (for it's time) and even more crazy UX experimentation.
After multiple iterations we finally removed it...
After multiple iterations we finally removed it...
11/ SmartContract based Social Recovery could work in a world where everyone has just one account. As I already discussed, we believe this is a dangerous world.
Our initial version was also essentially based on a multi-sig contract changing ownership of a proxy...
Our initial version was also essentially based on a multi-sig contract changing ownership of a proxy...
12/ The problem about having your friends listed and viewable in a block explorer in a world with a single address per user, makes it fairly easy for bad actors to find out who to hold hostage to take over my account...
13/ There are much better techniques now both cryptographically and UX wise, but performing recovery using a smart contract ultimately can only recover access to a single account at the moment.
14/ The UX issues around Social recovery are also fairly complex, but we ran a few internal tests at using non smart contract social recovery that leads me to believe we've solved that.
There are a few other social issues to solve though before we believe its practical.
There are a few other social issues to solve though before we believe its practical.
16/ You can try @uport_me yourself at our City Identity demo UportLandia uportlandia.uport.me
We haven't stopped there. Our 2.0 architecture will launch in Q4 this year. Expect even better focus on solving real business problems for #GDPR and #blockchain
We haven't stopped there. Our 2.0 architecture will launch in Q4 this year. Expect even better focus on solving real business problems for #GDPR and #blockchain
17/ Please follow @uport_me and our blog medium.com/uport to learn more.
We will also be at #Devcon5, #Sibos2019 and #Convergence2019 this year.
Separately I write a newsletter about strategic issues surrounding blockchains. Please subscribe at chainstrat.substack.com
We will also be at #Devcon5, #Sibos2019 and #Convergence2019 this year.
Separately I write a newsletter about strategic issues surrounding blockchains. Please subscribe at chainstrat.substack.com
