Identity protocol v1
Design goals
Decentralized identity.
- Has some creation cost
- Sacrifice may be digitally proven, bootstrapping root of trust from blockchain data
- Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith").
Creating sacrifice transactions
Similar to Announce/Commit Sacrifices
- TM = current block time (not block height)
- create transaction T2.
- must include OP_RETURN <digest of master pubkey>
- nlocktime = TM + 24 hours
- no more than 1000 bytes in size
- create transaction T1
- must include >= 0.01 BTC fee
- must include OP_RETURN txid(T2)
- no more than 1000 bytes in size
- broadcast T1, T2 until confirmed
Creating root record
Craft a bytestream that represents the root SIN record.
- B1 = block w/ T1, B2 = block w/ T2
- Verify B2 time >= (24-4) hours B1 time. Fail and waste sacrifice if not.
- MD = ripemd160(B1.hash + T1.txid + B2.hash + T2.txid)
- Prefix = 0x18, SIN_Version = 0x01
- SIN = base58_encode_check( Prefix + SIN_Version + MD )
- PPK = Preferred Public Key, new public key for root of trust
- Build root record,
- root = SIN + PPK
- H_ROOT = hash(root)
- For each (T1, T2), -- prove we control 100% of the inputs for T1, T2
- For each input
- Obtain referenced output
- Obtain public key from output (if necessary, look up in local node db from pubkeyhash)
- signature = sign H_ROOT with key associated with just-retrieved public key
- root += (public key, signature)
- For each input
Thus a minimal root record is
- SIN
- PPK
- list of (public key, signature)
and is provably
- linked to the sacrifices
- PPK starts a new chain of digital signature trust, for further record updates
After that, additional key-value pairs may be associated with the root record via updates verified by PPK, stored in an alt-blockchain or DHT somewhere. That is outside the scope of this minimal document.