search

adlnet / xAPI-Spec

The xAPI Specification describes communication about learner activity and experiences between technologies.
https://adlnet.gov/projects/xapi/
899 stars 405 forks source link

Introduction of decentralized wallets into 2.4.2.3 Inverse Functional Identifier property #1106

Open ashleycribb opened 1 year ago

ashleycribb commented 1 year ago

Addition of web3 wallets as actor authentication

In 2.4.2.3 Inverse Functional Identifier, I would like to introduce a new Property: Wallet Address

With projects like https://privateparty.dev/docs/#/?id=what-can-you-build There is now a means to hide the actor's identification and reference the actor's wallet address as a means to reference the actor's learning data. If this system introduced this or something similar, I would propose that it would solve the privacy issue with learning data because it would reference the actor's wallet and not their private information. The field would be String. And the Description would be A user's educational wallet address with no ties back to the user.

Note: A multi-signature decentralized educational wallet will be used if it is a group and not a single user. (See Gnosis Safe (Now just known as Safe))

thomasturrell commented 1 year ago

I would say that inclusion of an inverse functional identifier in the xAPI specification was a mistake. However, I have the benefit of hindsight.

Personally I believe that an actor should be identified by one property (the semantics of it would be left to the learning record provider).

I think that it is worth noting that git only uses email address as identifier, the specification leaves it up to implementations to anonymise and or verify that email address.

History hasn't been kind to the inverse functional identifier. Given where we currently are, I would advocate that learning record providers only use the account property in the inverse functional identifier. I believe that all of the other properties should be considered deprecated (and removed in a future version of the spec).

Experience has shown that it is very difficult to have an identifier that can not be tracked back to an individual. I know nothing about a web3 wallet however I suspect that if one is used to order real world goods then the vendor would have your wallet address and a name and real world address which is connected to you in someway (probably you or someone close to you).

The name property in the account object can take any form you like. It might be that you can use it to represent a Wallet Address.

ashleycribb commented 1 year ago

Interesting comments @thomasturrell .. Good points and that would be great if the "name" variable could be utilized as a wallet address.