Self sovereign identity - group 10

[GijsWeterings]

IdentityChain

Students:

• @GijsWeterings
• @LiamClark
• @Schubbcasten
• @Recognition2
• @eanker

Repository: https://github.com/GijsWeterings/IdentityChain

Self-Sovereign Identity

IdentityChain is a Self-Sovereign Identity app based on TrustChain. It aims to facilitate a system where identity can be decentralized, and give control of the use of identity data back to the user. Identity in this case is built up from all attestations made between the user and other parties. Each block on the TrustChain is signed by the user and a second party, and contains a zero knowledge proof.

Zero knowledge proof

In the IdentityChain app zero knowledge range proofs can be generated, proven and verified. The implementation is build upon the paper “An Efficient Range Proof Scheme” by Kun Peng and Feng Bao. This means that we can proof a number is in a certain range, without disclosing the number itself. For example, you can proof that you are older then 18 whilst buying alcohol, without telling your real age.

Network discovery and communication

The IdentityChain app is designed for local, face-to-face interactions. To facilitate the process of connecting between devices, IdentityChain makes use of Network Service Discovery **(NSD).

On startup, the app announces itself to the network. Other devices running the app on the same network can now discover the peer device, and connect directly via local IP.

Once a peer connection is made, a gRPC channel is set up between the devices, which is encrypted to ensure safe communication.

Attestations

A peer can request attestation for a certain claim from another peer. He will send a half-block containing a zero-knowledge proof. This creates an attestation request on the side of the attestee. This request can be accepted or rejected and when accepted the zero knowledge proof gets verified and the block gets then signed and sent back to the requester.

Verifications

The IdentityChain app can also verify blocks created by other people. Verification is an interactive protocol between the attestee and the verifier. This protocol checks all parameters of the zero-knowledge proof.

Screenshots

[qstokkink]

You will create your own blockchain, almost from scratch. Your blockchain will be special! Your blockchain will form a web of trust. This web of trust will be stored in the form of signed trust certificates. It will operate on smartphones exclusively. It will be a more advanced version of identity projects like: www.uport.me This identity blockchain aims to generate trust and complete ownership by the users. Self-sovereign identity is the concept that people and businesses can store their own identity data on their own devices, and provide it efficiently to those who need to validate it, without relying on a central repository of identity data. It’s a digital way of doing what we do today with bits of paper. This has benefits compared with both current manual processes and central repositories such as India’s Aadhaar. Attack-resilience is created by optionally using government issued identity documents to sign trust certificates. Fake or modified Dutch identity documents are rare. This ensures that a friendship link in this web-of-trust is authenticated and means more then a like, retweet or linkedin recommendation. In the past various people have implemented Dutch paspoort NFC readers for Android. We have implemented an open source implementation for you to use as a starting point. This contains an e-passport lib, it can fully talk to Dutch identity documents, both NFC and OCR of the machine readable zone. You will link e-passports with Trustchain. Two students have created a starting point for you to get going, see project A for details and links on Android Trustchain. To same time we recommend a focus on offline features using Bluetooth and NFC. Your blockchain engineering project consists of implementing as much as possible from the list of 10 principles for self-sovereign identities. Students attempting Cum Laude gradation may attempt to use our implementation of the Boneh crypto system.

I will keep track of overall information for your project in this post. Feel free to post your important updates and questions in this issue.

Search terms for further reading:

• Sovrin
• uPort
• IBM idemix
• zkSNARKS

You can also check out issue 3013 in this repository.

Meeting schedule: Tuesdays weekly 14:30

[qstokkink]

Heads up: Your first meeting is 21st November 2017, 14:30

Planned for next meeting:

• Project planning
• List of features in your proof of concept

[qstokkink]

For next meeting 5th December 2017:

• Have a functional Blockchain implementation
• Have a functioning ZKP implementation

[qstokkink]

First and foremost: best wishes for 2018! Your meeting tomorrow will be in this building: https://www.google.nl/maps/dir//51.9990903,4.3785233/@51.999109,4.3785435,18.08z/data=!4m2!4m1!3e2?hl=en In room 3.420 (third floor).

[eanker]

@qstokkink We would like to have our presentation on the 26th of januari is that possible for you?

[qstokkink]

@eanker for me it's fine: please send out an e-mail to the course instructors so we can check if the other instructors are available.

[synctext]

convert -delay 200 -loop 0 iden*jpeg iden*png identitychain_all.gif

[Griezzly]

First release including the report can be found here:

https://github.com/GijsWeterings/IdentityChain/releases/tag/v1.0.0