November 19, 2024

ETHHERO News

Start Your Crypto Journey With ETHHERO

Bringing Ecosystems Collectively: How W3C DIDs and VCs might help with Ethereum’s Three Transitions – Enterprise Ethereum Alliance

ETHHERO September 13, 2024 15 min read


12 September 2024

Ethereum Open Community Projects L2 Standards Working Group

Vitalik Buterin recognized three essential transitions for Ethereum: scaling by L2 rollups to scale back prices, enhancing pockets safety by way of sensible contract wallets for higher safety and person expertise, and advancing privateness by privacy-preserving mechanisms. This text explores how integrating W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) can deal with a few of these challenges by bettering the administration of identities, keys, and addresses, leveraging current decentralized identification options to assist Ethereum’s transitions effectively to maneuver to a extra L2-based world.

As Vitalik Buterin identified in a sequence of 2023 articles, notably his Three Transitions article,  Ethereum is transitioning from a younger experimental expertise right into a mature tech stack that might convey an open, international, and permissionless expertise to common customers. Nonetheless, he believes that there are three main technical transitions that the stack must bear, roughly concurrently:

  • L2 Scaling Transition: This includes shifting the ecosystem to rollups to deal with the excessive transaction prices on Ethereum, which have reached $3.75 and even $82.48 throughout a bull run
  • Pockets Safety Transition: The shift to sensible contract wallets (account abstraction) is important for enhanced person consolation and safety in storing funds and non-financial property, shifting away from centralized exchanges and single non-custodial wallets.
  • Privateness Transition: Making certain privacy-preserving funds transfers and growing different privacy-preserving mechanisms equivalent to social restoration and identification methods is crucial to forestall customers from resorting to centralized options that supply just some or nearly no privateness.

Vitalik emphasizes that these transitions are essential and difficult as a result of intense coordination required to implement them. Specifically, he mentioned the implications of those transitions on the connection between customers and addresses, fee methods, and key administration processes. The connection between customers and their addresses, and key rotation/restoration are a serious concern each technically and from a usability standpoint – UX determines success or failure irrespective of how good the underlying expertise is.

On this article, we are going to delve into these latter points and focus on how options from one other ecosystem, specifically the one centered on decentralized identification, additionally sometimes called self-sovereign identification, can considerably support with the transitions with out having to reinvent too many wheels.

The issue assertion within the context of Ethereum’s technical transitions might be summarized as follows in line with Vitalik:

  • Complicated Funds: The transitions make easy actions like paying somebody extra advanced, requiring extra info than simply an deal with as a result of the person wants to find out which funds to make use of, the place to ship it to, and particular fee directions usually involving identification info.
  • Sensible Contract Wallets: Sensible Contract wallets add technical points that have to be addressed, equivalent to guaranteeing wallets monitor ETH despatched by sensible contract code together with monitoring throughout networks.
  • Privateness Challenges: Privateness-preserving transactions, if carried out, introduce new challenges, equivalent to needing a “spending public key” and encrypted info for the recipient to seek out the fee and how you can decide it up.
  • Id Adjustments: The idea of an “deal with” will change, probably requiring a mixture of a number of addresses, encryption keys, and different information to work together with a person.

These factors, subsequently, increase the query of how we handle identification, addresses, and their keys collectively, and in a manner that doesn’t confuse the person, and compromise the safety of their property.

Given the above downside assertion, the idea of an “deal with” within the Ethereum ecosystem, is evolving, with the standard concept of an deal with as a single cryptographic identifier turning into out of date. As an alternative, “directions for how you can work together with me” will contain a mixture of addresses on a number of Layer 2 (L2) platforms, stealth meta-addresses, encryption keys, and different information. In his article, Vitalik factors out that one potential method could be utilizing the Ethereum Identify Service (ENS) data to include all identification info. Sending somebody an ENS identify like “alice.eth” would enable them to entry all the mandatory particulars for interplay, together with fee and privacy-preserving strategies. Nonetheless, this technique has drawbacks, equivalent to tying an excessive amount of to 1’s identify and the lack to have trustless counterfactual names, that are important for sending tokens to new customers and not using a prior blockchain interplay. As well as, the ENS system is a rent-seeking system. Due to this fact, extra broadly, it’s not equitable and doesn’t assure continued possession of 1’s identification; that’s not a tenable scenario. An alternate resolution includes keystore contracts that maintain all identification info. These contracts might be counterfactual-friendly and will not be tied to a selected identify, permitting for extra flexibility and privateness.

This brings us to the subject of keys controlling “addresses”. Particularly, key rotation and key restoration in a multi-address Ethereum Ecosystem. Key rotation is simply turning into an vital function with sensible contract wallets and account abstraction the place the controlling deal with of a wise contract pockets may change as a result of a key’s rotated or recovered which necessitates a brand new controlling deal with. Regardless of key rotation or key restoration, the standard technique could be to run onchain-procedures on every deal with individually. That is impractical attributable to fuel prices, counterfactual addresses, and privateness issues. As talked about earlier than, Vitalik proposes the utilization of keystore contracts that exist in a single location and level to verification logic at completely different addresses. This might enable the creation of a proof of the present spending key for transactions. This requires a restoration structure that separates verification logic and asset holdings, simplifying the restoration course of by requiring solely a cross-network proof for restoration.

On this context, Decentralized Identifiers can leverage keystore contracts to empower a modular verification logic for contract accounts that verifies zk proofs by a selected validation module and embeds a system to standardize onchain executions.

Including privateness measures, equivalent to encrypted pointers and zk proofs, will increase complexity. Nonetheless, it presents potential synergies with keystore contracts for persistent addresses for the reason that persistent deal with may very well be “cloaked” in a zk proof.

What does this all imply for sensible contract wallets? Historically, wallets have been designed to safe property by defending the personal key related to on-chain property. If the important thing was to be modified, the outdated one may very well be safely disclosed with none danger. Nonetheless, in a zero-knowledge world wallets want to guard information moreover property. The instance of Zupass, a ZK-SNARK-based identity system, illustrates that customers can maintain information domestically and solely reveal it when vital. Nonetheless, dropping the info’s encryption key means dropping entry to all encrypted information. Due to this fact, the administration of encryption keys can be turning into more and more vital. Vitalik means that a number of units or secret sharing amongst (key) “guardians” may very well be used to mitigate the chance of dropping encryption keys. Nonetheless, this method just isn’t appropriate for asset restoration as a result of potential danger of collusion amongst “guardians”. Lastly, the idea of an deal with as a person’s on-chain identifier must change, and, subsequently, wallets should handle each asset restoration and encryption key restoration to keep away from overwhelming customers with advanced restoration processes aka poor UX. For instance, Sign In With Ethereum depends on the onchain deal with and the person’s personal key controlling that key to generate the authentication message. Nonetheless, there is no such thing as a notion of a one-to-many relationship on this method, and no notion of a wise contract pockets as the first delegate of the person. The verifying celebration, additionally referred to as the relying celebration, subsequently, can not assess the scope of the authorization(s) required for the person when logging through which is essential relying on the performance the verifying celebration makes obtainable to the person deal with.

The Three Transitions are extra than simply technical enhancements; they symbolize radical shifts in how customers have interaction with Ethereum-based stacks, particularly within the areas of identification, key administration, and addresses, thereby, evolving the Ethereum ecosystem from its present state right into a extra user-friendly and accessible platform that prioritizes scalability, safety, and value. Due to this fact, one would naturally ask the next query: Are there instruments and frameworks already obtainable that may very well be utilized by the group, particularly concerning identification, key administration, and privateness to ease the transitions? The reply to that could be a particular sure. Specifically, the ecosystem that has advanced across the idea of decentralized identification and its requirements, frameworks, and quite a few reference implementations has produced tooling that’s readily usable throughout the Ethereum stack.

What’s the Decentralized Id Ecosystem?

The decentralized identification ecosystem is targeted on giving people management over their digital identities with out counting on centralized authorities. It leverages blockchain expertise and cryptographic ideas to make sure privateness, safety, and user-centric identification administration. On the core of this ecosystem are two key ideas: Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).

Decentralized Identifiers (DIDs):

DIDs are a brand new kind of identifier that allows verifiable, self-sovereign digital identities. They’re distinctive, globally resolvable identifiers related to a topic, equivalent to a person, group, or system. DIDs are decentralized by design, which means they don’t depend on a central registry or authority for his or her creation or administration. As an alternative, they’re created and managed by the customers or entities performing on their behalf. DIDs usually make the most of public-key cryptography to make sure safe interactions and permit the topic to show possession and management of their identification and carry out particular approved actions equivalent to assertions, authentication, authorization, and encryption.

Verifiable Credentials (VCs):

Verifiable Credentials are digital credentials that include claims a few topic’s identification, attributes, or {qualifications}, issued by trusted entities generally known as issuers. VCs are tamper-evident and cryptographically signed to make sure their integrity and authenticity. Importantly, VCs are moveable and might be offered by the topic to verifiers, equivalent to service suppliers or relying events, with out the necessity for these verifiers to contact the issuer immediately. This allows seamless and privacy-preserving identification verification throughout completely different domains and contexts.

A number of key gamers and organizations are contributing to the event and adoption of decentralized identification applied sciences:

  • Decentralized Identity Foundation (DIF): DIF is a consortium of organizations collaborating to develop requirements and protocols for decentralized identification methods. It promotes interoperability and innovation within the house.
  • World Wide Web Consortium (W3C): W3C hosts the Credentials Group Group, which incubates work on verifiable credentials and associated applied sciences, and the Decentralized Identifier and Verifiable Credentials Working Teams, that are growing updates to the respective specs
  • Hyperledger Indy: Hyperledger Indy is an open-source mission below the Linux Basis. It’s centered on offering instruments and libraries for constructing decentralized identification methods.
  • Sovrin Foundation: Sovrin Basis operates the Sovrin Community, a public permissioned blockchain designed for decentralized identification administration.
  • Microsoft, IBM, and different tech corporations: A number of main tech corporations are actively concerned in growing decentralized identification options, contributing to requirements growth, and constructing reference implementations.

Requirements play a vital function in guaranteeing interoperability and compatibility throughout the decentralized identification ecosystem. Some key requirements and reference implementations embody:

  • Decentralized Identifier (DID) Specification: Defines the syntax and semantics of DIDs, together with strategies for his or her creation, decision, and administration.
  • Verifiable Credentials Data Model: Specifies the construction and format of verifiable credentials, together with JSON-LD contexts for representing claims.
  • DIDComm Messaging Protocol: Permits safe, personal communication between DIDs utilizing end-to-end encryption and cryptographic authentication.
  • SSI (Self-Sovereign Id) Protocols: Numerous protocols and frameworks, equivalent to DID Auth, Presentation Exchange, and VC API, facilitate safe interactions and transactions throughout the self-sovereign identification paradigm.
  • Hyperledger Aries: A framework that gives a set of interoperable parts for constructing decentralized identification options, together with brokers, wallets, and protocols.
  • Privado ID former Polygon ID: A set of instruments constructed for builders to create safe and trusted relationships between customers and functions within the Web3.  It focuses on decentralized identification, giving customers management over their information. The toolkit is predicated on the open-sourced iden3 protocol.
  • QuarkID: An open-source DID resolution presently deployed on ZKsync Period with digital credentials being issued by the Metropolis of Buenos Aires.

Under, we element how a decentralized identification framework might be efficiently utilized to the cross-network challenges for identification, deal with, and key administration beforehand mentioned.

Utilizing Decentralized Identifiers (DIDs)

Drawback: Managing identification for a person throughout varied Ethereum networks is advanced.

DID Resolution for Identities:

  • DIDs present globally distinctive identifiers which might be resolvable (to their DID Doc) and cryptographically verifiable throughout any blockchain community.
  • Every DID is related to a DID Doc which incorporates details about the connection of a DID with a set of cryptographic keys, the features these keys can carry out equivalent to verification, authentication, authorization, assertion, and encryption, in addition to service endpoints equivalent to API endpoints to addresses managed by the keys listed within the DID Doc.
  • The connection of DID to their DID Paperwork or respective cryptographic representations might be saved on any blockchain community, guaranteeing tamper-proof and chronic identification data.

DID Paperwork for Handle Administration:

Drawback: Customers have completely different addresses on the Ethereum mainnet, testnets, and Layer 2 options, together with counterfactual addresses.

DID Doc resolution:

  • A DID doc has a verificationMethod information property permitting a DID proprietor or controller to specify symmetric and uneven cryptographic keys for any desired curve equivalent to secp256k1 utilized by Ethereum stacks.
  • The verificationMethod for a key additionally permits the person to specify an ID for the verification technique. That is usually the DID plus a fraction as per the DID specification. This fragment permits two crucial issues. First, it permits you to specify a community identifier, for instance, “1” if the bottom line is an Ethereum key, and different numbers if that key just isn’t on an Ethereum community. As well as, the fragment might be prolonged to point if the important thing belongs to a counterfactual deal with or a wise contract pockets. For instance, “did:ion:1234xxxxddd4444-#1-counter” would point out that the general public key recognized belongs to a counterfactual Ethereum deal with. As well as, if required for sure causes to individually establish an deal with on Polygon PoS vs Arbitrum One the “1” may very well be changed by the chainId of the goal community, e.g. 137 for Polygon PoS.
  • Lastly, a wise contract pockets might be given its personal DID and managed by the DIDs of the sensible contract pockets house owners the place every proprietor identifies a number of controlling keys for the pockets as specified of their DID doc. This final level permits for 2 main enhancements for sensible contract wallets – key rotation aka key restoration, and an arbitrary variety of controlling keys with out revealing these controlling keys

DID Paperwork for Key Administration together with Social Restoration:

DID Resolution for Identities:

Drawback: Key restoration and key rotation for Ethereum addresses, notably sensible contract wallets, are advanced and will not be user-friendly.

DID Doc resolution:

  • When a public key related to a DID have to be rotated for safety or restoration functions, a person can merely replace a DID Doc and exchange the outdated public key with a brand new public key within the verificationMethod utilizing one other controlling key. This is usually a key the person immediately controls, or if management has been delegated, by one other person controlling a DID listed as controller.
  • Due to this fact, this will also be achieved for a Sensible Contract pockets. Every controller can independently replace the important thing within the verificationMethod related to their DID. That is sufficient as a result of the person can produce a cryptographic dedication that the replace was carried out accurately that may be submitted to and verified by the sensible contract pockets.    

Privateness (Zero-Data) Side of DIDs and DID Paperwork

  • DID Paperwork might be represented as zero-knowledge proofs by first merkelizing their JSON-LD doc, after which verifying Merkle Proofs of relationships of DID-to-key and DID-to-functional-capability (as represented by a number of cryptographic keys).
  • Utilizing zk-SNARKs, particularly, allows environment friendly verification of cryptographic key claims on Ethereum networks.
  • For instance, the zero-knowledge circuit for a sound key rotation replace of a DID doc would do two issues: a) confirm that the updating key’s within the DID doc and is a controlling key by verifying a Merkle proof of inclusion within the DID doc and b) confirm the digital signature of the controlling key over the basis hash of the outdated DID doc. The general public inputs to the proof could be the Merkle Root of the brand new merkelized DID Doc and the basis hash of the outdated DID doc, and the personal inputs could be the Merkle proof and the digital signature. The sensible contract would solely need to confirm the proof, verify that the outdated root hash was registered, after which replace the outdated with the brand new root hash.
  • This has the benefit that no info is leaked about which addresses management the sensible contract pockets. Each sensible contract pockets transaction may very well be totally nameless if all transactions submitted to the sensible contract have a recursive zero-knowledge proof that verifies {that a}) the general public key belonging to the deal with submitting the transaction is a controlling key of the DID that could be a sensible contract proprietor and b) {that a} zero-knowledge proof that the transaction was signed by the proper quorum of signatures of the sensible contract pockets house owners was correctly verified by a verifier within the circuit itself. 

Utilizing Verifiable Credentials (VCs)

Drawback: The entity performing a key operation equivalent to a key rotation or a digital signature for a monetary transaction should show that it’s a authorized entity that meets all relevant compliance guidelines for a jurisdiction that has compliance oversight.

VC Resolution for Compliant Key Operations:

  • W3C VCs enable assertions to be made in regards to the topic of the credential equivalent to “Alice is a authorized enterprise in Brazil”, or, “This enterprise is a authorized entity within the US and a registered Dealer-Vendor”, or, “The authorized US entity A is a legally registered Dealer-Vendor and is legally approved to behave on behalf of the authorized US entity B”. 
  • Given the standardized construction and public context reference recordsdata that specify the VC commonplace and particular VC varieties, every VC might be readily became a zk proof given a standardized, and publicly obtainable zk circuit. Revealing solely the authorized identification of the VC issuer as the basis of belief, equivalent to a KYC supplier.
  • Such zk proofs, particularly, ZK-SNARKs might be submitted with any transaction and verified in a wise contract equivalent to a wise contract pockets or a DeFi protocol.
  • This permits for compliant transactions on Ethereum stacks with out revealing any delicate identification or different related compliance information.

Helpful Implementations for Ethereum Networks

There are dozens of various implementations of the W3C DID specification. Whereas many DID strategies will not be as scalable as vital, or not simply anchored on a blockchain, a number of DID strategies match the invoice for the Ethereum ecosystem – permissionless, blockchain-anchored, scalable, and low-cost. All of those DID strategies are primarily based on the Sidetree Protocol.  The Sidetree Protocol is a “Layer 2” DID protocol that may be carried out on high of any occasion anchoring system, together with Ethereum, and is compliant with W3C tips. The Sidetree protocol doesn’t require centralized authorities, distinctive protocol tokens, reliable intermediaries, or secondary consensus mechanisms. Particularly, the Sidetree protocol defines a core set of DID PKI state change operations, structured as delta-based Battle-Free Replicated Knowledge Sorts (i.e. Create, Replace, Get well, or Deactivate), that mutate a Decentralized Identifier’s DID Doc state.

Due to this fact, by leveraging an Ethereum-based implementation of Sidetree, the Ethereum ecosystem can be sure that every person has a self-sovereign identification, that’s each personal and interoperable throughout completely different L2s and functions.

We imagine that the combination of W3C DIDs and VCs into Ethereum’s infrastructure is essential for navigating the upcoming transitions. They supply the mandatory instruments for managing identities, keys, and deal with safety, and privateness, and are aligned with the decentralized nature of blockchain expertise.

Sadly, the Ethereum ecosystem and the decentralized identification (DID) ecosystem haven’t intersected a lot, although each share a concentrate on decentralization. The Ethereum ecosystem has primarily targeting advancing and scaling its blockchain expertise, whereas the DID ecosystem has prioritized growing requirements and protocols for governing digital identities. In consequence, alternatives for collaboration between these two ecosystems have been restricted.

We see the Three Transitions as a possibility to vary this and begin a better collaboration between the Decentralized Id and Ethereum ecosystems.

Acknowledgments

Particular thanks go to Eugenio Reggianini ([email protected]) for proofreading the manuscript and including vital content material.



Source link –

Tags:

More NFT News

EEALogo360x140
1 min read

The State of L2 Bridges – 2024 replace – Enterprise Ethereum Alliance

November 7, 2024 ETHHERO
EEALogo360x140
2 min read

Thanks Anaïs Ofranc and QualitaX – Enterprise Ethereum Alliance

October 31, 2024 ETHHERO
EEA Design Logo 1
2 min read

One other implementation of EEA’s DLT Interoperability Specification – Enterprise Ethereum Alliance

October 1, 2024 ETHHERO

You may have missed

DEGEN Price Chart
6 min read

6 Finest Low cost Crypto to Purchase Now Below 1 Greenback November 18 – Degen, Holo, Casper, Bonk

November 19, 2024 ETHHERO
Flag of Poland 0401 1024x683
3 min read

Polish Presidential Candidate Mentzen Pledges Bitcoin Reserve

November 19, 2024 ETHHERO
parallel tcg aftermath expansion social.webp
2 min read

Parallel TCG Reveals 90 New Playing cards with Aftermath Enlargement

November 19, 2024 ETHHERO
Bitcoin
2 min read

Bitcoin Memecoins Emerge as Market Anticipates $100Ok Milestone

November 18, 2024 ETHHERO