Jolocom-Stacks intergration

[Joachim16]

Background What problems do you aim to solve? How does it serve the mission of a user owned internet?

As we move into the future, digital identity will fundamentally define how every person on earth participates in society.

Thus, there are essential decisions to be made about who controls whose identities, and how trust, agency and freedom are maintained in digital environments, whether operated by government services, private platforms or across personal relationships.

At Jolocom, we are passionately committed to our vision that everyone and everything capable of having a self-sovereign identity (SSI) should be able to freely communicate and share information with each other.

This can only be achieved by establishing SSI as a radical (radix=from the root up) open network rather than a federated or network specific implementation that merely uses SSI technology components . Doing that would only create another closed network and keep power in the hands of the platforms, not the users.

And so, Jolocom’s game plan is to enable and secure SSI as an open network with fully open-source code. Compared to established digital identities, (e.g. those issued by a company to employees or provided by a social media network such as Facebook to its users), a decentralized identity (DID) is under the sole control of the ID subject, more secure and more efficient. We intend to build on this, to create a SSI wallet suitable for use by builders – and by public and private sector organizations in general at a later stage – which manage credential issuance, revocation and related services. Only a few systems (rigorously) implement the W3C specifications for DIDs and VCs that we consider essential to establishing a truly open SSI infrastructure. Further, Jolocom is piloting an identity wallet that is fully eIDAS compliant (the EU regulation for eID) and connects to SSI standards at the same time, thus allowing for a range of use cases that weren't possible under real-world conditions up until now.

Building according to these particular specifications provides a robust security layer that can help mitigate a multitude of risks, which projects similar to ours have encountered in previous phases. For example, risks arising from reliance on centralized certificate mechanisms, which are fragile and tend to offer slow credential revocation.

Moreover, the W3C specifications have reached a level of maturity that makes them safer to use as a viable foundation for implementation in high-stakes contexts. This has widened the scope of applications for SSI solutions and component technologies to include public and private sector organizations. These, by default, require highly secure solutions to manage access to their high-value digital assets.

By working together with the Stacks community, the Jolocom-Stacks SSI integration can be a foundational building block for any use case and Stacks community project. Unlike federated identity solutions built on one blockchain, Jolocom is building a platform-agnostic SSI solution that is truly open and open-source. While some of the world’s biggest corporations are also poised to implement SSI, their goal is to lock-up decentralized identity within their own ecosystem and control. (Think of Facebook log-in, but using decentralized technology.) By leaping to the forefront of SSI with Jolocom, Stacks community members can integrate cutting-edge identity technology and standards. Together we can ensure there will be many winners in the decentralized identity world.

Project Overview What solution are you providing? Who will it serve?

A Jolocom SSI integration for Stacks would address the issue of properly verifiable and secure information from different parties and, potentially, networks by relying on the W3C specifications for Verifiable Credentials (“VCs”), Decentralized Identifiers (“DIDs”), and Credential Handling.

In practical terms, this would enable real-world activities such as SSO, payment or providing any verifiable information required to rent a bike or a hotel room to happen in more seamless, secure and privacy preserving ways. While the benefits of this technology will be globally available and relevant, we are applying to the Stacks Foundation with a time-sensitive opportunity to reach the European market with pilot projects that can really scale.

The Opportunity: The German government recently held a technology innovation competition offering grants worth €48m ($ 57.8 million) over the next three years. Germany selected three winning projects. All three feature SSI and Jolocom is the SSI solution in two of them. These projects are set to launch in April of this year. Between them, these projects are exploring 40 separate use cases. The hope is that at least a couple of these use cases will really scale. But, perhaps most importantly, these grants show the German government's acknowledgement that SSI is the future of identity. Equally important: over the last five years, Jolocom and the decentralized web sector have negotiated with the German government to create carve-outs from current regulations; we’ve been able to build a sand-box for innovation that won't be bogged down by GDPR and other regulations, allowing innovation to flourish.

Known collectively as the SDI Projects, these three projects have a unified goal in the creation, implementation and testing of new digital identity approaches that offer security, interoperability and ease of use. What’s more, projects will be required to run “lighthouse pilots” for all their use cases, so that interoperability across projects will be fully transparent.

The three winning consortia are: ONCE – This aims to harmonize state-issued identity (eID) with self-sovereign identity in user-controlled wallets. ID-Ideal – This has a goal of harmonizing trust providers and consumers from multiple networks and legal setups under one coherent trust framework. IDunion – This seeks to harmonize a multiplicity of use cases under the governance and infrastructure of one hyperledger INDY-based network. IDunion is the one consortium that Jolocom is not a part of.

At present, inter-network secured communication tends to unfold in an ad hoc fashion. Or, it relies on systems specially integrated into each party’s specific infrastructure, making cross-boundary flows of verifiable or encrypted information difficult to establish and maintain.

In comparison, a well-designed SSI infrastructure puts users in control, allowing them to manage these keys themselves. Successfully implementing and deploying inter-network communication (between blockchains and other backend modules or services) decreases the burden for network specific integration for use cases. It would also increase trust in the veracity of standardized credentials, whether used for SSO, payment or providing any verifiable information required in context of a specific use case. Deployment of such an integration by a large blockchain network would also increase visibility and general acceptance for the network itself, as well as of digital identities and Verifiable Credentials, thus encouraging wider implementation and greater interoperability across identity services and blockchain networks. Jolocom’s technology is built to put power into the hands of the individual user. It will advance digital identity from the current balkanized identities and non-interoperable platforms such as Facebook and Google. The next era will be one of a truly open and autonomous infrastructure for identity. This will not only greatly improve the privacy and agency of individuals but it will be liberating (and cost-saving) for institutions and society as a whole.

Scope What are the components or technical specs of the project? What will the final deliverable look like? How will you measure success?

Over the next three years, Jolocom & our 40+ consortium partners will build an easy-to-use, SSI-driven hardware wallet that holds identity credentials verified by the European Union (fully eIDAS compliant.) We seek to harmonize customers under one coherent trust network. Our partners include some of Europe’s largest telecommunications, hospitality, electronics, government and academic leaders, from Bosch to T-Mobile, Dresden University to the City of Leipzig.

In a nutshell, a Jolocom-Stacks integration will give Stacks developers access to millions of EU citizens, while allowing users in the EU to hold onto their own identities while logging on to Stacks applications. It also will give millions of European citizens access to the benefits and content in Stacks projects. Right now, there are hundreds of different DID implementations. So building decentralized identity protocols into your stack requires servicing, updating, and adjusting to hundreds of disparate implementations. Jolocom & the SDI Projects, in close collaboration with DIF, seek to narrow the DID methods to just a handful, making it much more feasible for start-ups to integrate 1-2 decentralized identity technologies.

Some Examples: Government Authorized Identities: in your SSI, eIDAS compliant wallet installed on your smartphone, you will be able to carry your drivers’ license, car registration, possibly even your passport credentials. The next time a police officer pulls you over for a traffic violation, instead of fumbling through your glove compartment, you can hand over your smart phone for police to verify who you are, the car you own, and your record. Checking into airline flights, moving from one municipality to another, anything that requires government-authorized ID can be made more efficient and easy.

Renting a car or bicycle: how much time do you spend standing in line at car rental agencies, or typing in your driver's license information at a rent-a-bike kiosk? In the future, you’ll only need to swipe your SSI wallet and drive/pedal away.

Checking in to a hotel: currently, you must show the hotel your ID and verify your identity and home address with a signature and credit card. The hotel must hold that information for at least one year. In Europe, you can also register with your eID and PIN. Using a SSI smart wallet, you carry your verified information with you. The hotel chain does not have access to or requirement to hold your data, saving time and money, while increasing user privacy and security. Next time a big hotel chain is hacked, they won’t be holding your personal identity information--you will.

Bringing regulated eID into an SSI-focused Identity Wallet allows us to establish trust in an identity that formerly had to go through separate identification processes. As part of the SDI Projects, identity credentials like your ID, driver’s license and other data will be stored with the user in a secure and trusted format. Each credential in a wallet is attested by its issuer (in this case, the government or other trusted sources). Utilizing these credentials in a KYC/AML system will enable a Single-Sign-On user experience where no additional identity verification needs to take place.

Say you are building the next breakthrough dApp like Airbnb or Uber. Registering at check in, verifying you are the correct Uber driver will be streamlined, with identity technology that puts the data back in the hands of users. Literally, any Stacks dApp that requires verifiable user log-in will have the potential to leapfrog over huge hurdles, especially barriers to entering the more restrictive European market.

Gameplan: The core pieces of Stacks’ integration with Jolocom are (a) Research how Stacks can be used to secure a DID method (analogous to did:jolo or did:keri), develop the required smart contract + DID Resolver and DID Registrar modules, and (b) add support for this DID method to the Jolocom-SDK / SmartWallet, enabling secure interactions with Stacks based identities.

We will measure success by ease of implementation by builders and feedback from the community. That can be verified by Stacks pilot projects utilizing each of the functionalities of the technology.

Right now, the DID world is like the Wild Wild West. Hundreds of competing implementations and methods gunning it out for supremacy. While other Stacks community projects such as Ryder and Pravica Suite are undoubtedly leveraging WC3 DID standards, they may not be working with European entities to abide by European identity requirements and regulations. By working together, we can help projects like Ryder leapfrog over the competition; and also help guide them to the two or three DID methods that will eventually emerge as the ones that all projects will eventually coalesce around.

At the core of the Jolocom-Stacks integration is a technology-agnostic protocol for communicating data related to user identities. This protocol enables the following functionalities related to digital identity management: creating decentralized identities that can be controlled by an individual person, organization or IoT device linking verifiable information to identities requesting, receiving and consuming data bundles containing verifiable information associated with identities For ease of use and rapid implementation through the community, this functionality will be accessible for testing initially, and later for full implementation through the Jolocom SDK. Following that, Stacks community projects would increasingly benefit from a network agnostic SSI solution. The Jolocom-Stacks integration will be an open gateway for the 40-plus partners and use cases within the German SDI projects. Jolocom will provide these German government-backed projects with the foundational architecture to become SSI-ready and implement their pilots on top of a network-agnostic SSI stack that is standard compliant and fully open source. Further, they are building and piloting an identity wallet that is fully eIDAS compliant (EU regulation for eID) and connects to SSI standards at the same time, thus allowing for a range of use cases that weren't possible under real-world conditions up until now. We believe that identity needs to be anchored on networks that serve their needs in security and trust, so we design our SSI modules in a way that allows integration with any DLT network (including Ethereum, Bitcoin, Polkadot and Hyperledger).

Budget and Milestones What grant amount are you seeking? How long will the project take in hours? If more than 20, please break down the project into milestones, with a clear output (e.g., low-fi mockup, MVP with two features) and include the estimated work hours for each milestone.

(a) Research how Stacks can be used to secure a DID method (analogous to did:jolo or did:keri), develop the required smart contract + DID Resolver and DID Registrar modules, (b) in depth analysis of Stacks projects requirements like Ryder and Pravica Suite, (c) add support for this DID method to the Jolocom-SDK / SmartWallet, enabling secure interactions with Stacks based identities

Total Grant Request:

€80k + letter of guarantee/patronage

Team Who is building this? What relevant experience do you bring to this project? Are there skills sets you are missing that you are seeking from the community? Please share links to previous work.

Jolocom has been developing open source technology for decentralized identity management for almost seven years.

Our work is open source, with our code publicly available on GitHub (e.g. our SSI Library, SDK and SSI Wallet). We contribute to DIF and W3C (e.g. DID WG, Interoperability Project, Decentralization Rubric, etc.).

We also contributed to events such as RWOT and IIW in past years and are actively advancing the regulatory dialogue on SSI at INATBA and Bundesblock.

What’s more, we have been deeply and passionately involved in the Decentralized Web (DWeb) community from its inception. Joachim Lohkamp, founder of Jolocom, hosted the first unconference about decentralization in 2014. He’s been a leader and organizer of the Decentralized Web Summits of 2016, 2018 and DWeb Camp in 2019. Most recently, we helped build and design the DWeb community’s new web site.

For many reasons, DWeb principles are values that we strongly agree with and live by every day while building for the Web3. Jolocom and it’s leadership were among the first refiners of these principles.

Additionally, Jolocom is self-owned, meaning we cannot give away equity and we also cannot be acquired. The main reason for this is because we believe that all we build belongs to humanity and should remain fully open source.

Since Jolocom’s goal is not to earn huge profits or make a quick exit, we are not driven by the same economic models as our competition. We seek to bring our leadership position and knowledge about the current technological, governance and regulatory environment of SSI to your community--to serve as a bridge to the best solutions in a still-chaotic decentralized identity world. You, in turn, can help us by guaranteeing we have the resources to fulfill the SDI Projects and their mission. The German government funding requires a 40% match. We’ve secured more than half of that already, and ask the Stacks Foundation to help us reach our goal, unlocking enormous potential for both parties.

Risks What dependencies or obstacles do you anticipate? What contingency plans do you have in place?

While the SSI approach is gaining in technological maturity, and a first generation of globally accepted standards is nearing completion, the concept and all technical specifications connected to it are still new and in development. As such, while the technical feasibility of inter-network communication has already been proven, arriving at a production-ready, interoperable prototype is dependent on external factors that might adversely influence estimated project planning and time schedules.

Community and Supporting Materials Do you have previous projects, code commits, or experiences that are relevant to this application? What community feedback or input have you received? How do you plan to share your plan to the community over time and as the final deliverable?

We continuously build out the stack for SSI, always focusing on helping the community to further converge.

Recent examples include our contributions to DIF (Decentralized Identity Foundation). When we achieved the initial implementation of KERI, this blog post provided a summary of why we chose this path. (Rust implementation by Jolocom donated to DIF).

Similarly we presented the very first implementation on DIDComm v2 to the community through a demo. First within the inner circle of the DIDComm working group at DIF, and then to the larger community during the DIF biannual (virtual) F2F community meeting in January.

Also we made an announcement on our blog and twitter.

Additionally, we are a very active member of the SSI/DID community, particularly in the setting of standards and driving interoperability. As well as DIF we run DWeb and are active in Bundesblock and INATBA.

In case of the Jolocom-Stacks integration we would in a similar way describe the work in a blog post with a pointer to documentation make all code available on Github as open source and present a demo of a simple use case to the community

Opportunities in the future: workshop/hackathon

[friedger]

Great to see this proposal.

How do you see did:stack fitting? What is the role of the BNS contract in your proposal?

[friedger]

Could you please clarify the time line? I read three years for the hardware wallet. However, the SDK integration only is listed for the last milestone.

Jolocom is about personal identity, while stack is using profiles in Stacks app explicitly not identifying a person. How would that fit into the integration? Would you see an extended Stacks auth protocol with a "ssi" permission?

[Joachim16]

Hi Friedger, thank you for your questions. there is two timelines actually: one aiming for end of Q2 2021 for an initial did:stack: integration to the Jolocom SDK, and the second stream of the timeline which plays out in the context of the SDI projects. In the next couple of weeks we will start with more research and maybe a Stacks community call. Would you be interested to partake in such call?

[louiseivan]

@Joachim16 nice proposal, the Maker Community at Ryder would love to be involved in this process. cc: @MarvinJanssen

[Joachim16]

thank you @louiseivan!! looking forward to connect @MarvinJanssen and learn more about Ryder as well

[friedger]

@Joachim16 I am happy to be part of a community call.

[MarvinJanssen]

This is great @Joachim16. Excited to connect and learn more.

[RaffiSapire]

@Joachim16 we're excited to support this. @jennymith is going to work with you to scope out milestones, which is how we disburse payment based on development milestones. Once that work is done, please share it back here. This is our first large grant, and we would like to see no less than 4 milestones here with clear technical deliverables on each that can be tested / assessed before disbursing the following Milestone.

[Joachim16]

thank you @RaffiSapire. Looking very much forward to work with @jennymith on the milestones.

[friedger]

Would the DID be Sidetree compliant? Is the sidetree protocol the way we want to go?

There is a sidetree implementation on bitcoin, on ethereum, on p2p gossip network: https://techcommunity.microsoft.com/t5/identity-standards-blog/ion-we-have-liftoff/ba-p/1441555

[Joachim16]

yes, both stacks and sidetree implementations follow W3C and DIF standard specs and support interoperability

[friedger]

@Joachim16 Is there an update here? Did any community session happen already?

[Joachim16]

hi @friedger, @jennymith & @jcnelson set up the community for this friday... would be great to meet you there https://community.stacks.org/events#event=41703939

[stx-grant-bot[bot]]

Congratulations. Your grant is now approved. Please complete the on-boarding link here: https://stacks-grant.netlify.app/onboard?q=e878752f6488e77472eb384e23526fa9

[Joachim16]

Congratulations. Your grant is now approved. Please complete the on-boarding link here: https://stacks-grant.netlify.app/onboard?q=e878752f6488e77472eb384e23526fa9

many thx to Stacks Foundation for this grant and the trust in the Jolocom team, and also a special thank you for all the interest, support and vital exchange from and with the Stacks community. We hope that many builders and projects find this work useful to apply Self-Sovereign-Identity (SSI) within their initiatives. We at Jolocom believe in the cross pollination in between decentralized projects in the spirit of the DWeb community, of which Stacks and Jolocom are both part of. Thank you, and we are looking forward to continue this journey with you!!

[jennymith]

Hi @Joachim16, it was so wonderful working with you and the Jolocom team! The work that you all have done on SSI for Stacks will undoubtedly advance our mission of delivering a user-owned internet. We're looking forward to a long and fruitul partnership :).

When you or @Exulansis get a chance, could you please post a quick summary (bullet points are fine) here of what has been completed/what community members can now use thanks to your work? (We'll of course be following up with more comprehensive blog posts and virtual meetups on this soon.) Thanks again!

[Exulansis]

Hello everyone, firstly I'd like to apologize for the delayed answer from my end, I was on a brief holiday (during which I ended up spending a lot less time in front of the laptop than I expected).

A brief summary of the work that has happened so far is:

• We've updated the design of the did:stacks:v0 DID method (documented here) to make use of the new, smart contract based, implementation of the BNS. The updated design is outlined in a new DID method specification document which can be found here. Many thanks to @jcnelson, who was closely involved with this process and provided guidance / feedback on how to best implement certain features along the way. Also many thanks to @friedger, who provided feedback and suggested corrections to the DID method specification document, both as part of this Github PR, as well on the Jolocom Discord channel directly.
• We have developed a DID resolver module which enables developers to easily resolve did:stacks:v2 DIDs to the corresponding DID Documents (according to the resolution process outlined in the aforementioned DID method specification). The resolver module currently resides here. The README document included in the repository provides instructions on how to use the module, as well as how to run the included unit / integration tests, e.g. for local development.
• The resolver module also includes an integration with the DIF Universal Resolver service, which will allow developers to easily resolve did:stacks:v2 DIDs using the HTTP interface exposed by the universal resolver.
• Furthermore, an integration with the Jolocom-SDK (the corresponding plugin can be found here) was also developed, enabling the Jolocom SmartWallet to resolve did:stacks:v2 DIDs.
• We have initiated the process of integrating the developed modules with the corresponding Stacks repositories (as outlined in the definition of the second milestone), starting with contributing the DID resolver module to the stacks.js repository. As part of the review process it was pointed out that it might be better to contribute the resolver module as a standalone repository. I've tried to summarize the outcomes of the conversation in this comment. Many thanks to everyone involved with the aforementioned PR, especially @agraebe, @diwakergupta, and @friedger for providing guidance / suggestions on how to best proceed with the integration, and how to split the contributions across the relevant repositories. Acting on this feedback and moving the integration process further is our main priority right now.

And of course thank you @jennymith for coordinating this process and making this cooperation so frictionless!

Sorry one more time for taking so long with the answer, I will be providing further updates related to the final integration steps in this issue throughout the next days.

[jennymith]

@RaffiSapire this grant was completed in late July and paid on August 3rd. Can we update Airtable and any other relevant app to reflect this?