Skip to main content

Self Sovereign Identity

Identity, the balancing act between the need for transparency and privacy while pursuing intents and purposes.

Proof of Personhood through Zero Knowledge cryptography.

Proof of Personhood and Decentralized Identity are both critical for ensuring security and privacy in decentralized systems. While PoP focuses on ensuring that each participant is a unique human, DID emphasizes user control over digital identities. Zero-Knowledge Proofs play a vital role in both systems by enabling secure and private verification processes, thereby enhancing the overall trust and functionality of decentralized networks.

Context

Need

Providing people with the capability to fully control their online identity is an essential pillar to web3's trustless principles.

  1. Privacy
  2. Security
  3. Interoperability

Proof of Personhood

Proof of Personhood (PoP) is a method used to ensure that each participant in a decentralized system is a unique human being. This is particularly important for preventing Sybil attacks, where an attacker creates multiple fake identities to manipulate the system. PoP ensures that each human participant gets an equal vote and share of rewards, promoting fairness and security in decentralized networks.

Key Characteristics:

  • Uniqueness: Ensures that each participant is a unique human.
  • Sybil Resistance: Prevents multiple fake identities from manipulating the system.
  • Equality: Provides equal voting power and rewards to each participant, independent of economic investment.

Methods:

  • Biometric Verification: Uses biometric data like iris scans to confirm identity (e.g., WorldCoin).
  • Physical Verification: In-person events or pseudonym parties to verify identity.
  • Time-Locked Wallets: Users lock funds for a period to demonstrate unique human behavior.
  • Zero-Knowledge Proofs (ZKPs): Allows users to prove specific attributes without revealing personal information

Decentralized Identity (DID)

Decentralized Identity (DID) refers to a system where individuals control their own digital identities without relying on a central authority. This system uses blockchain technology to create a secure and private way to manage and verify identities.

Key Characteristics:

  • Self-Sovereignty: Users have full control over their digital identities.
  • Privacy: Minimizes the amount of personal information shared.
  • Interoperability: Can be used across various platforms and applications.

Methods:

  • Decentralized Identifiers (DIDs): Unique identifiers created and managed on a blockchain.
  • Verifiable Credentials: Digital certificates that can be verified without revealing sensitive information.
  • Zero-Knowledge Proofs (ZKPs): Used to verify identity attributes without disclosing personal data

Zero-Knowledge Proofs

Zero-Knowledge Proofs (ZKPs) are cryptographic methods that allow one party (the prover) to prove to another party (the verifier) that a statement is true without revealing any additional information. ZKPs play a crucial role in both PoP and DID systems by enhancing privacy and security.

In Proof of Personhood:

  • Attribute Verification: ZKPs can be used to verify specific attributes (e.g., age, nationality) without revealing the actual data.
  • Privacy Preservation: Ensures that personal information is not disclosed during the verification process.

In Decentralized Identity:

  • Identity Verification: ZKPs allow users to prove their identity or specific credentials without revealing sensitive information.
  • Data Minimization: Reduces the amount of data shared, enhancing privacy and security.

Applications:

  • Blockchain Transactions: ZKPs can validate transactions without revealing transaction details, ensuring privacy.
  • Access Control: Used to prove that a user has the necessary permissions without disclosing their identity.
  • Compliance: Helps meet regulatory requirements without compromising user privacy

Standardisation

Who are the main parties innovating in this area?

How will a global standard be established?

  • Which protocols should you build upon?
  • How do you judge value proposition?
  • What are the risks?

Protocols

Identity Providers