📄Identity Solutions

Traditional Mainstream Solutions

Currently, there are different identity mechanisms, each trying to achieve better functionality in certain aspects.

The first type is OpenID with decentralized identity authentication, which attempts to establish a standard across the internet. It is used by tech giants like Google and Facebook in their social networks. However, these same tech giants are also the source of significant privacy concerns. OpenID relies on centralized service providers, posing a risk of identity information leakage, and it is still unavailable in many countries.

The second approach involves using government-issued identity documents for verification, creating a copy of the identity upon successful verification. However, this method has a clear issue: it requires sharing personal information data with centralized services. This data-sharing method may raise concerns about privacy and security.

The third solution involves the use of biometric technology, which, in theory, is very secure. However, since it relies on specific sensors and algorithms, identities can be forged or obtained through special means, and it also entails dealing with the consequences of sensor hardware providers' data monopolization. Moreover, this method can only implement Proof of Personhood (PoP) and does not support more application scenarios that require other identity information for verification.

The fourth approach is video recognition, which is simple and quick. However, it can be forged by artificial intelligence algorithms, with AI-generated videos reaching a level of realism that can be deceiving. In addition, video recognition means personal information leakage. Similarly, it only achieves PoP.

The fifth solution is based on social relationship identity mechanisms, established through trust sources within social networks. Its drawbacks are obvious: the prevalence of fake identity information on social platforms, platforms being independent of each other, and fragile trust relationships that are easily betrayed.

These traditional identity solutions only solve partial problems but all have various degrees of drawbacks. The most critical issue is that users cannot own the sovereignty of their identity data.

DID Solution

DID (Decentralized Identifier[1]) is used to implement a decentralized, verifiable digital identity. The subject of a DID can be a person, organization, thing, data model, abstract entity, etc. Its core roles are as follows: VC (Verified Credential), Issuer (the entity that issues the VC to the Holder), Holder (the entity that holds the DID and VC), and Verifier (the entity that conducts 1v1 verification of the VC with the Holder)—the mainstream standards for DID come from the World Wide Web Consortium (W3C).

Its advantages include:

1. Open Architecture

(1) Anyone can create their own DID document and have sovereignty (controlled by personal private keys).

(2) Any person or institution (which can also be set to require permission) can act as an Issuer to issue VCs to users.

2. Separation of Responsibilities

(1) With the user's permission, an Issuer issues VCs to them. Each Issuer is independent, meaning there is no single institution controlling all identity proofs.

(2) Issuers can collect user information offline in certain ways, audit users, and issue VCs. This mechanism transfers the responsibility for user privacy protection to each Issuer. Since different identity proofs require different materials and methods of proof, this approach has greater practicality. In the future, when Issuers collect user information, they can also adopt various privacy protection methods.

3. Privacy Protection

(1) VC is given to users peer-to-peer, directly from the Issuer to the user.

(2) VC is encrypted with the user's public key, meaning only the user's private key can decrypt it.

When presenting VC to a Verifier, the Holder encrypts the original VC with a private key and sends it to the Verifier. The Verifier can use the publicly disclosed Holder's public key for signature verification to prove it was actively presented by the user, and then by using the Issuer's public key for signature verification, it can be proven that the information was issued by the Issuer.

4. Quick Verification

For identity verification, the Verifier only needs to perform signature verification with the Holder's public key and the Issuer's public key.

While the W3C DIDs protocol provides a standard, its implementation is mostly in the form of centralized or semi-centralized services and lacks zero-knowledge proof solutions. Integrating it with blockchain to achieve a secure and decentralized DID system has always been a challenge.

Additionally, in the verification phase of W3C DID, to protect user privacy, each verification requires the user to actively present a Verifiable Credential (VC). This process poses a challenge to user experience. Especially in cases where the proof includes information similar to PoP, which does not involve personal privacy but proves that a certain address has certain rights, it can be publicly recorded on the blockchain. The verifier only needs to perform a one-time personal signature verification, which aligns with the current habit of DApp verification login.

Therefore, to improve user experience and enhance privacy protection, we will introduce a more efficient verification mechanism in the ME ID Protocol, especially for data that does not involve sensitive information. At the same time, by combining blockchain technology, we aim to achieve a more secure and decentralized identity verification system.

---

[1] The World Wide Web Consortium (W3C) . Decentralized Identifiers (DIDs) v1.0