Decentralizing Identity

If you ask someone who they are on the Internet, they will likely give you an email address or point to their profile on Twitter, Facebook, Google, or LinkedIn. Some people might instead reference a profile on a more industry specific network such as Behance for creatives or Doximity for doctors. Others use a personal home page provider like about.me and an even smaller fraction have their own domain. This is a pretty unsatisfactory state of the world from both an individual and a service creator perspective.

As an individual, you are never really in control of your identity. In every case other than your own domain a centralized service provider decides what can and cannot be on your profile and can also revoke your profile at any time (most terms of service give the provider nearly complete control). Even with your own domain there is a risk that it could be seized and your identity wiped out.

As a service creator, you can either let users authenticate with one of the big centralized providers or revert to signing in with username/email and a password (where email for most people is right back at large service provider). How much information you then receive about the person and the format for that information is controlled by the authentication provider.

Starting a new centralized identity provider not only doesn’t solve these problems but also faces a classic chicken and egg problem between user and service adoption. Therefore people have been looking for a decentralized solution for quite some time that would put individuals truly in control and allow for permissionless innovation. At first this ran into a problem known as Zooko’s triangle, which was the conjecture that you couldn’t have system was secure, decentralized and allowed for memorable all at once. As it turns out though this is exactly the kind of problem that can be solved using the Bitcoin protocol.

Namecoin is a decentralized key/value store for registering, updating and transfering information based on Bitcoin. Namecoin allows the creation of globally unified namespaces that can be used for all sorts of applications, including a decentralized domain system and personal identity. Namecoin itself only provides the consistency mechanism. It does not define a format for what should be contained in an identity entry. 

There are at least a couple of proposals for doing that. One is Namecoin ID and the other is a new project called OneName, which provides both a JSON specification and an initial implementation of a profile viewer. You can use the viewer to see my profile (here are FredNick and Brad). Both for Namecoin ID and OneName the underlying identity information is contained in the Namecoin blockchain.

What about squatting and impersonation? It is true that someone could register your name and even add links to your various accounts. But only you can also broadcast on those channels and confirm your data by linking back to it, eg by Tweeting out a link or adding one to your github account. None of this will add up to certainty and systems going forward will always have to deal with a probabilistic notion of identity.

The squatting issue is potentially more serious but also intriguing. Centralized systems have resolution mechanisms for squatting with various levels of transparency and inconsistent national legal frameworks. Given the fully decentralized nature of Namecoin there is no authority to appeal to. That really only leaves a voluntary market based mechanism for resolution. By building on top of a distributed currency the payments and transfer mechanism are all built in from the beginning.

For now OneName is as an alternative to something like about.me with the big distinction that you control your data. You can access your OneName profile directly by using any Namecoin client if you so want. Much like Bitcoin though if you don’t want to operate anything directly there can be third party registrants that handle everything for you. Anyone can set one of these up, there are no licensing requirements of any kind and no barriers to entry. This means that a competitive market can emerge where registrants can compete on price, on convenience, on trust and safety, or some combination of these and other forms of differentiation.

How does all of this solve the identity problem? Because Namecoin is completely decentralized it is ideal for permissionless innovation as the OneName example shows (the spec and implementation were developed independently of the Namecoin project). OneName aims to provide single user value by offering a pretty representation from day one that one can link to. Others can then use this information for purposes such as secure messaging and payment. Since this was just launched it is too soon to tell whether that is enough to get a critical mass of users to adopt. 

Whether it is OneName or Namecoin ID or something yet to come, once enough users add information to a block chain mechanism in a standardized format it will make sense for services to let users sign in using such a decentralized identity. Here too we will see permissionless innovation at work. The exact mechanism for authentication does not need to be specified in advance and can emerge over time leveraging existing auth systems, including of Facebook, Google, Twitter, OpenID, etc and adding new ones.

It is still early days for all of this, but the potential for these emerging decentralized identity systems is to further push power to the people and away from central authorities.

Loading...
highlight
Collect this post to permanently own it.
Continuations logo
Subscribe to Continuations and never miss a post.
#identity#decentralization