Developing a DID Aggregator on Blockchain (Part Ⅰ)

In this article, we are introducing a DID Aggregator which provides liquidity, interoperability, and consistency for the multi-layer identity data querying based on the forming standard of Decentralized Identifiers (DIDs) v1.0 from the W3C.

Integrating a wide range of digital identities from multiple networks.

Introduction

With decentralized identifiers and privacy-preserving storage, we have successfully protected data sovereignty in a decentralized system. However, identity data are scarce and scattered, making the corresponding application scenarios too narrow. It’s a huge challenge in a decentralized system where we attempt to introduce broader scenarios, such as credit lending in DeFi, personal reputation in chain governance, and decentralized customized recommendation algorithms in social media. Currently, we don’t have an adequate amount of data to support such broad scenarios. As for collecting data from other networks, reading these data involves complex work of DID verification and code parsing, which is beyond inconvenience especially if there are multiple data sources.

Specifically, as regard reliable DID data, we’re facing problems as below:

  • Lack of data source
  • Lack of relative APIs to interact with data registries
  • Need to resolve every DID methods and validate credentials
  • Need to learn and comply with new data format
  • Need to bear single point of failure from centralized service endpoints

Today, we see plenty of decentralized applications have an independent DID mechanism for collecting user identity data, which often serves the same purpose and is repetitive. For example, to prove the ownership of a Twitter account, typically we make the account owner send a particular message to the platform. It’s commonly seen that this same verification mechanism is developed repeatedly for other applications. I.e. Keybase, Polkadot Registrar social network identity authentication. For many development teams, building their own functional components for identity data takes lots of time, effort, and money, as well as distracting the team from their main goals. It would bring great convenience if we have a validated and trustable source of data.

As people have already generated massive amounts of data in various decentralized systems, a way must be found to connect these data so that they can flow across different systems and platforms, while user privacy and data sovereignty are preserved. This approach can truly reflect the core value of Web3. Meantime, the advent of blockchain provides an effective underlying data registry infrastructure that enables data to be indexed and retrieved, as well as bolstering the growth and adoption of DID.

What is DID data?

All of these data are worth indexing. We firmly believe that a cross-system index of DID data will be an essential component of the Web3 network. It will provide a powerful database for the Web3 network and accelerate the application explosion. Furthermore, the index provides unprecedented value for the Internet — — the Web of Trust. Because all data in a decentralized system is verifiable, tamper-proof, the data is trustable in reflecting the fact of its generation and existence. Conversely, the existing network is composed of centralized systems, where user data is controlled and dominated by the owner of the system. Their data is not verifiable and can be tampered with at any time.

Demand for DID Data

A potential solution is to create a standardized common language. For example, Presentation Exchange is a protocol that provides standardized data formats for different systems to exchange credentials. As they proposed, the protocol helps create a “common language” for different identity systems to exchange identity proofs so that a third-party will be informed how to write requirements for proofs in their application, and the proof-holder will know how to submit the proof. Such a protocol can significantly reduce data friction between systems and enhance consistency. But it takes long for a computer language to become widely adopted.

The DID Aggregator

The DID Aggregator allows anyone to upload their identity-verification algorithms and share them on the network. It also provides a one-stop service for DID data indexing, DID authentication and linking, as well as DID data aggregation. The protocol ensures that people can easily obtain integrated identity data on the Web3 network, and also guarantees reliability, security, and integrity of the data.

Open Protocol

Decentralized

In order to remove centralized authorities or any single point failure in the DID verification system, we’re building a Decentralized Validator Network over a Proof of Stake blockchain, which will restructure the business model between validators and service demanders. The network guarantees the honesty of validators with contracts executed on-chain.

The Validator Network processes DID verification requests from a service demander and return a trustable credential of the DID among other information. The verification process will be implemented by a random set of validators in the network, featuring a BFT consensus algorithm to secure the verification result.

Easily-Verifiable

The network will recognize the trusted DID verification mechanisms that are integrated into its codebase and consider others as agnostic. Agnostic mechanisms cannot be trusted unless the service demander trusts the mechanism. In this case, validators will use the selected DID mechanism to compute a result.

For example, after the DID aggregator compiled verification methods of Ethereum accounts, one can prove their account ownership while others can easily verify it by verifying the signatures of the network validators (validators’ IDs are recorded on a blockchain). Similarly, If the person needs to prove a Polkadot account ownership, a developer can add another verification mechanism to the aggregator, upload, and request network validation. A community referendum is required for the codes to be considered trusted and accepted by the network. Otherwise, a third party will have to gauge the credibility of a code publisher before they trust the result.

Minimum data on-chain

Privacy-Preserving

Interoperability

Democracy

All functions in the aggregator can be changed by a decentralized autonomous organization (DAO). The community can vote on protocol upgrade proposals and implement them to the network. For instance, the community can decide which DID verification method is trusted through DAO voting, then the network will recognize this method as trusted. This approach provides a trustable, efficient environment where the users can unquestionably believe that their credentials are effectively verified.

As a whole, the DID Aggregator is a super DID resolver. It allows developers to add DID verification methods and provide decentralized credential service through the network. It also avails itself as a tool to compute deeper level decentralized identity credentials using a combination of the DID resolving methods uploaded by developers. The aggregator is like a docker of trusted DID methods and allows anyone to use the decentralized network validation service to generate trustable credentials for all kinds of application use.

About Litentry

Stay in touch with us through:

Build a user-centric world with blockchain