BLOG10

with No Comments

Consider how you can use the PLN interactions of this course to further your digital identity post-term. What does it mean to have a digital identity in your industry of choice and can your current PLN be used to help professional development post-course? Additionally, as you progress through the steps of your career, can your PLN be relied on to open professional opportunities?

Before the Internet era, we usually used a series of paper materials to prove “I am me”, but after entering the Internet, the way of identification has changed from a paper certificate to an electronic certificate.  In the information age, we use a virtual identity to carry out various social activities on the Internet, but all of this is always inseparable from real personal information. For the sum of these personal information on the Internet, we can call it a “digital identity”  ,

 “Digital identity” represents not only a personal identity, but also all identity certificates related to the person.  The pain points of personal digital identities on the Internet

 As digital identities gradually become people’s identity marks on the Internet, the authenticity, use security, and confirmation of digital identities have gradually become the focus of attention.  On the Internet, more and more companies can easily obtain users’ personal information, and it is more and more common for personal information to be stolen, which brings a lot of trouble to users’ lives.

 In other words, in the era of mobile internet, although there are digital identities, there is no best way to protect user identities until the emergence of blockchain.

 The pain points of personal digital identities on the Internet

 As digital identities gradually become people’s identity marks on the Internet, the authenticity, use security, and confirmation of digital identities have gradually become the focus of attention.  On the Internet, more and more companies can easily obtain users’ personal information, and it is more and more common for personal information to be stolen, which brings a lot of trouble to users’ lives.

 In other words, in the era of mobile internet, although there are digital identities, there is no best way to protect user identities until the emergence of blockchain.

 At present, people’s demand for privacy protection is increasing, and the application of “digital identity” is no longer satisfied with a representative of an identity, but is equivalent to a value application of “digital assets”, which can self-control privacy rights.  With the accelerated development of the information age and the “Internet +” era, the commercial value of personal information has been different from the past.

 We can even think that personal information is an individual’s “information assets”, that is, a user’s “digital identity” not only represents a personal identity, but should be regarded as a personal asset.

 For example, like UfileChain integrity archives public platform, people can build a complete and confidential personal information system, including personal education information, professional behavior, social identity, qualification certificates, personal assets, credit status, etc.  This information is stored on the chain to form personal information records that cannot be tampered with. These personal information records will accompany users for life and form valuable personal digital identity information assets.  When the data demander needs to obtain the user’s “digital identity”, they need to provide usage fees, and they also need to ensure that they cannot sell the user’s personal information at will.

 Therefore, for the value application of “digital identity”, the most important thing is to make an individual’s “digital identity” a “digital asset”.

If you are building an application (or wallet, service, platform, network), you need users.  These users may be mainstream consumers, developers, organizations, and/or DAOs.  No matter what type of users you serve, the goal is the same: let other people interact with your product and realize value from it.  This means you want to:

Eliminate friction in registration, certification and participation

 Provide the richest experience possible, so that users hardly need extra work

 Focus on your core value-added, instead of building new or redundant infrastructure internally

 Build with a simple, elegant user model that can grow over time

 The solution to these goals depends on how you manage users.  How do they authenticate (login)? Can they communicate with each other (chat/comment)? Can you provide a lasting and personalized experience across time, devices, and login? Can you easily integrate with users’ other products and platforms? In traditional web applications, this is usually divided into identity recognition (related to account creation, KYC, etc.), identity authentication (login, fraud prevention), and authorization (permissions, sharing).  This orderly approach will change with more flexible decentralized models.  Identity is related to everything related to management, protection, service, and interaction with user groups.

As the product grows, the need to manage the user base will change rapidly.

 Today, your biggest “identity” pain point may be filling in basic public profile information in your application so that users can identify each other.  Next month, it may store user history and application state data, such as past or in-progress transactions (such as shopping carts).  The next quarter may be basic KYC, and next year may be anti-witch attacks.  Each product requirement has different “identity” problems, and these problems may be solved with different potential solutions.

 Profiles: Should I implement 0auth or an IPFS hash mapped to the key? But what if the user rotates the key or uses multiple keys?

 Data storage: Should I store data in Textile ThreadsDB? But how do I allow users to manage access control without adding more key types and resistance?

 KYC/Proof of human: Should I use a service like Passbase or Democracy Earth’s technology? How to map this proof to existing users?

 Anti-Sybil: Should I use services like BrightID or Idena? So how do I map their graphs to my user library?

 Implementing these solutions independently obviously has its own challenges, but your biggest pain point will come from not using the right identity infrastructure from the beginning to connect them in a way that will stand the test of the future.  A powerful and flexible identity infrastructure can make each new requirement naturally extend to the previous requirement, rather than new and isolated requirements that need to be solved individually, which will eventually kill itself.

Identity is an infrastructure that enables you to effectively link any functions related to the user

 A good identification infrastructure should make it simple and easy to meet your evolving user-related needs.  If you have ever used Okta or Rippling, you will understand that this is what they are trying to do for the business.  Their goal is to provide a single system of record for users and accounts, but they do this in a clear, limited, and controllable corporate environment.  In a more open and undefined environment (such as Web3), a good identity infrastructure needs to work in a permissionless and unlimited environment in a predictable way.

 This means that your identity infrastructure must have enough customization capabilities to meet your own needs, but it must also be flexible enough to work well with many other existing solutions.  It should be extensible and interoperable across many different networks, accounts/keys, and use cases.  It can be used not only for the tools and services you are using, but also for other tools and services that your users are using, and other tools and services that you may need in the future.  This will not only make identity management easier, but will also allow each solution to create composite value on top of the others.  For example, KYC verification can use existing user profile information, while anti-witch attack tools can use existing KYC (and any other) verification methods.

 Perhaps most importantly, the identification system should operate without relying on a single organization, platform or model.  The identity infrastructure should be an open and shared agreement, and the identity itself should be user-managed and self-sovereign.

 Problems without proper identity infrastructure products

 🔑Single key pair identification

 In today’s crypto world, the default user “identity” is often a public blockchain account key.  This is reasonable and why this is the case: Blockchain keys already need to manage assets, so they are widely owned by users, and there are now many great wallets and SDKs to manage them.  In fact, the keys and the KMS solution (wallet) that manages these keys is an excellent way to verify to applications and perform on-chain transactions, but for any product that wants to expand to meaningful and durable use  , A single key pair cannot be the user identity infrastructure.

 The problem of using a single key pair as an identity:

 Infringement of privacy: there is no separate or private activity, because all transactions with the same “identity” must use the same public key.

 Create vulnerability: When the key is used to sign and/or encrypt data, when the key is lost or changed/rotated, all user data and history related to your product will be lost.

 Create a silo: Information can only be accessed through a specific key, and there is no opportunity to achieve interoperability and composability between the wallet and the network.  This runs counter to the vision of Web3.

 Increased complexity: Adding distributed databases and other user technologies to the stack is very difficult because they operate using different encrypted identities and access control systems.

 Give up network effects: You must start your own user network, configuration files, and data from scratch, instead of using existing data to easily log in users and skip the cold start.

 Key pairs and wallets are a core part of the Web3 experience, but they should be perfected (and integrated into) a good identity infrastructure.

Leave a Reply