Identity protocol v1

From Bitcoin Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Design goals

Decentralized identity.

  • Has some creation cost
  • Sacrifice may be digitally proven, bootstrapping root of trust from blockchain data
  • Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith").


Creating sacrifice transactions

Similar to Announce/Commit Sacrifices

  1. MPK = master public key
  2. TM = current block height
  3. create transaction T2.
    1. must include OP_RETURN ripemd160(MPK) output
    2. nlocktime = TM + 144 blocks
    3. no more than 1000 bytes in size
  4. create transaction T1
    1. must include >= 0.001 BTC fee
    2. must include OP_RETURN serialized(T2) output
    3. no more than 1000 bytes in size
  5. broadcast T1, T2 until confirmed

Creating a SIN

A SIN is the unique record identifier by which this identity will be known.

  1. Prefix = 0x18
  2. SIN_Version = 0x01
  3. MD = ripemd160(MPK)
  4. SIN = base58_encode_check( Prefix + SIN_Version + MD )


Validating the root identity information

  1. B1 = block w/ T1, B2 = block w/ T2
  2. Verify B2 height - 144 >= B1 height. Fail and waste sacrifice if not.
  3. Verify mined T2 == announced T2

Thus a minimal root record is MPK and is provably

  • linked to the sacrifices
  • MPK starts a new chain of digital signature trust, for further record updates

After that, additional key-value pairs may be associated with the root record via updates verified by PPK, stored in an alt-blockchain or DHT somewhere. That is outside the scope of this minimal document.

Retrieved from "https://en.bitcoin.it/w/index.php?title=Identity_protocol_v1&oldid=38967"