Difference between revisions of "Identity protocol v1"

From Bitcoin Wiki
Jump to: navigation, search
(Creating root record)
(split and simplify)
Line 12: Line 12:
 
Similar to [https://en.bitcoin.it/wiki/Fidelity_bonds#Announce.2FCommit_Sacrifices Announce/Commit Sacrifices]
 
Similar to [https://en.bitcoin.it/wiki/Fidelity_bonds#Announce.2FCommit_Sacrifices Announce/Commit Sacrifices]
  
 +
# MPK = master public key
 
# TM = current block height
 
# TM = current block height
 
# create transaction T2.
 
# create transaction T2.
## must include OP_RETURN <digest of master pubkey> output
+
## must include OP_RETURN <digest of MPK> output
 
## nlocktime = TM + 144 blocks
 
## nlocktime = TM + 144 blocks
 
## no more than 1000 bytes in size
 
## no more than 1000 bytes in size
Line 23: Line 24:
 
# broadcast T1, T2 until confirmed
 
# broadcast T1, T2 until confirmed
  
==Creating root record==
+
==Creating a SIN==
  
Craft a bytestream that represents the root SIN record.
+
A SIN is the unique record identifier by which this identity will be known.
  
# MPK = master public key
+
# Prefix = 0x18
# B1 = block w/ T1, B2 = block w/ T2
+
# SIN_Version = 0x01
# Verify B2 height - 144 >= B1 height.  Fail and waste sacrifice if not.
 
 
# MD = ripemd160(MPK)
 
# MD = ripemd160(MPK)
# Prefix = 0x18, SIN_Version = 0x01
 
 
# SIN = base58_encode_check( Prefix + SIN_Version + MD )
 
# SIN = base58_encode_check( Prefix + SIN_Version + MD )
  
Thus a minimal root record is
+
==Validating the root identity information==
* SIN
+
 
* MPK
+
# B1 = block w/ T1, B2 = block w/ T2
 +
# Verify B2 height - 144 >= B1 height.  Fail and waste sacrifice if not.
  
and is provably
+
Thus a minimal root record is MPK and is provably
 
* linked to the sacrifices
 
* linked to the sacrifices
 
* MPK starts a new chain of digital signature trust, for further record updates
 
* MPK starts a new chain of digital signature trust, for further record updates
  
 
After that, additional key-value pairs may be associated with the root record via updates verified by PPK, stored in an alt-blockchain or DHT somewhere.  That is outside the scope of this minimal document.
 
After that, additional key-value pairs may be associated with the root record via updates verified by PPK, stored in an alt-blockchain or DHT somewhere.  That is outside the scope of this minimal document.

Revision as of 04:33, 28 June 2013

Design goals

Decentralized identity.

  • Has some creation cost
  • Sacrifice may be digitally proven, bootstrapping root of trust from blockchain data
  • Start as anonymous; opt out of anonymity by attaching identifying key-value pairs (real.name = "John Smith").


Creating sacrifice transactions

Similar to Announce/Commit Sacrifices

  1. MPK = master public key
  2. TM = current block height
  3. create transaction T2.
    1. must include OP_RETURN <digest of MPK> output
    2. nlocktime = TM + 144 blocks
    3. no more than 1000 bytes in size
  4. create transaction T1
    1. must include >= 0.01 BTC fee
    2. must include OP_RETURN txid(T2) output
    3. no more than 1000 bytes in size
  5. broadcast T1, T2 until confirmed

Creating a SIN

A SIN is the unique record identifier by which this identity will be known.

  1. Prefix = 0x18
  2. SIN_Version = 0x01
  3. MD = ripemd160(MPK)
  4. SIN = base58_encode_check( Prefix + SIN_Version + MD )

Validating the root identity information

  1. B1 = block w/ T1, B2 = block w/ T2
  2. Verify B2 height - 144 >= B1 height. Fail and waste sacrifice if not.

Thus a minimal root record is MPK and is provably

  • linked to the sacrifices
  • MPK starts a new chain of digital signature trust, for further record updates

After that, additional key-value pairs may be associated with the root record via updates verified by PPK, stored in an alt-blockchain or DHT somewhere. That is outside the scope of this minimal document.

Retrieved from "https://en.bitcoin.it/w/index.php?title=Identity_protocol_v1&oldid=38961"