Blockchain identity management

Having moved to the Department of the Prime Minister and Cabinet, following Prime Minister Malcolm Turnbull, Australia’s Digital Transformation Office is looking for vendors to contribute identity management solutions.

The endeavor was rumored last year, which either inspired or provoked AusPost to search for blockchain identity management solutions.

And there are numerous to choose from. World Citizen Project first popularised the idea in 2014, quite eventfully, through ambassador Janina Lowisz’s lovely smile on Wired magazine.

More recently, Netki.com made a name by leveraging Bitcoin Improvement Protocol (BIP) 75, which allows two parties to exchange payment information in a permissioned and encrypted way. The BIP received vocal support from Bitcoin core developer, Jeff Garzik.

There are no secrets; the solutions are out there, sometimes open source and often clearly explained.

However, it’s very unlikely the identity solution DTO has been looking for is any of them, unmodified, as they face a different set of problems.

Identity used for authorization

Going by their own description, DTO is more likely looking for an Identity and authorization solution combined. Ain’t they the same thing? Not at all.

Janiana Lowisz’s well-known world-citizenship, well proved by the blockchain, does not grant her access to Centrelink.

Authorization, by its name, introduces an authority, which both aforementioned solutions leave out. Netkis’ x.509 certificate authority does not equate to authorization authority, unless certificates are issued short-lived, ticket-style, as with Kerberos.

Bitcoin’s No gods, no masters design has the following implication: it can provide identity solution almost natively, but it cannot provide authorization – there is no way to prevent private key owners from transferring Bitcoins to any other bitcoin addresses.

I often hear conversations citing that "Identity = KYC," implying that it satisfies AML. KYC is easily satisfied by BIP75 – a move that helps high-value on-chain transactions to stay compliant. But KYC isn’t AML. Let’s look at some examples:

Alice wishes to send money to a drug lord Bob. The sender reveals his identity, and Bob does the same, whose identity clearly says that Bob is a drug lord, a fact the sender knows. The trade is finalized with each party knowing who are they trading with, following the KYC protocol. This is identity implemented without authorization.

Traditionally banks authorize each normal transaction. Before Bitcoin, users were helpless without the banks, so the simple requirement to them was KYC.

Another elegant analog of "identity v.s. authorization" is "Passport v.s. VISA."

If Janiana can prove her identity at an international border, immigration can stop her physically. Despite identity being authenticated, she forgot to apply for a Visa (authorization token).

Janiana’s story illustrates an important aspect. It’s possible to build action authorization on top of a blockchain identity, if the validation process can be trusted, and the action requires the help of a validator to carry out – in this example, walking across the border requires an immigration check.

Another example is the shipment of guns. Although a shop owner cannot prevent being paid illegally, he can refuse to ship illegal purchases.

But when it comes to on-chain value transfer, the only way to authorize a user is to remove their access to the private keys, either completely (e.g. coinbase) or through multi-sig. That’s why, despite identity solutions being out there, DTO and the banking system are seeking solutions they can swallow.

Identity used as evidence

Let’s consider the case of a second hand car dealer Alice. She is required to KYC, but she does not have the responsibility to prove her customers not car thieves. Hence, she cannot prevent herself from purchasing a stolen car.

However, she is supposed to record her customers’ identity, which, if correctly proven, can convict a thief. In either case, she doesn’t lose her money if she is a bona fide purchaser, a situation where no authorization is needed. Alice’s business demonstrates when identity is used as evidence.

If Bitcoin transactions leave a fingerprint of the party’s identities, and it was kept as a record for evidence, it won’t prevent money flowing to the drug lord Bob. However, when money changes hands on the public ledger, and the ledger owner does not have corresponding identity exchange record, they may be held responsible. This is what BIP-75 intends to solve.

Identity used for consent

Consent is the opposite of authorization – in this case, the user authorizes, instead of being authorized. Voting is the most quoted use case. For the sake of understanding, let’s also look at a more complicated situation: the process of authorizing a credit check.

Usually, a customer authorizes a broker to check her credit record. Let’s say Alice is the customer and Bob is the broker.

If Bob carries out the credit check without Alice’s authorization, Alice can accuse Bob. If Bob has the burden of proof, he may produce Alice’s consent, which can be a digitally signed message from Alice. If Bob has no such burden, Alice can do nothing.

This consent can be issued on a blockchain. The simplest form of which is a fee paid to the broker carrying the authorization token. It gives additional power to the customer, Alice, who can now dispute an action, without the help of the broker Bob.

Alice can prove that she never authorized Bob, with the lack of authorization evidence. Let’s remember that the blockchain was originally invented to solve double-spending, by proving that the money has not been spent. From there it inherits the power to prove the non-happening, where traditionally having not done something is hard to prove.

Conclusion

This article lists 3 kinds of identities, but there are many more.

For example, an authentication layer built on top of identity – the capacity to authenticate a person as an employee, a customer or a driver license holder, and to be able to revoke as well. This brings a lot more use cases, and problems.

There are those that says these are just the different use-cases of Identity Management, with the subtle suggestion that they can be solved by one single identity management technology. In fact there can be many technologies.

BIP75 intends to address the case of identity being used as transaction evidence, while the World Citizen Project does not. Any new technology to use identity for consent is going to be unlike both of them.

I have often heard people talking about identity on the blockchain, or for the blockchain, without realizing each are talking about different things, and each assumes the other “identity solution” is for his problems. It’s a bit like "information superhighway," an imaginary solution to all information problems in the 90s.