NFT Labs:Application Scenarios of NFT(Authentication)

NFT Labs:Application Scenarios of NFT(Authentication)

NFT can be applied to identity authentication to achieve a complete user information record while enhancing network privacy. Each NFT will contain its identity information in the smart contract. Smart contracts are contracts written in computer code on MainNets like Ethereum. When certain conditions are met, the contract automatically performs a series of tasks required in the contract. NFTs can also interact with other smart contracts without human intervention. From this, driver's licenses, passports, birth certificates, etc., can all have a provable NFT. NFTs allow us to ultimately own digital and physical goods, giving users more control over their identities and artists' creations while reducing companies' management and intervention over users.

Practical cases: Decentraland, CryptoKitties, Blockchain App Factory

Since CryptoKitties in 2017, non-fungible tokens (NFTs) have grown in popularity. While the gaming industry currently has the most active use cases for NFTs, other areas, such as identification, are gradually using non-fungible token technology.

The metadata possessed by NFT tokens is unique and is only associated with a specific unique asset. Hence, NFTs cannot be replaced by any other token, as every other token — even one that adheres to the same token standard (ERC-721) — cannot substitute its recorded metadata.

The ability to store and share data has brought many benefits, and the digitization of information has become a growing trend. Still, it has also raised many questions about the security of personal data. There have been many hacking and personal information leaks in recent years. The growing realization is that consistently relying on third-party external servers to store personal data is not a long-term solution.

New opportunities

Blockchain attempts to provide a solution for this, balancing accessibility, privacy, and security. This move is mainly due to the development of non-fungible tokens (NFTs), which can be used exclusively to store and manage data identities and data.

NFTs contain unique information about a specific commodity or asset, which makes NFTs a great use case for identification and authentication on the blockchain. Everyone has unique attributes and identity information - NFTs can digitize information such as medical records, personal files, educational information, addresses, etc., allowing the data to be easily manipulated by users themselves. With more and more applications of blockchain, more and more people will use NFTs to store personal data. This technology has a bright future.

Blockchain will enable public and private organizations to operate more efficiently and improve service quality regarding digital identity management. Blockchain identity management provides a private, secure, and robust software ecosystem. But while blockchain technology has significantly enhanced digital identity management, there are still some problems: availability, how (lost) private keys are handled, the number of users, etc. Additionally, most Blockchains for digital identity management store data in third-party systems (such as wallets that store information in a computer's or server's memory).

In this article, we will introduce a new concept, IdToken. The use of IdToken makes identification more secure, fast, and reusable.

Traditional Identity Management Model

There are some problems with the traditional identity management model. For example, it is often necessary to entrust a central agency and cannot guarantee transparency. Developing new identity management models for these use cases has become a significant trend. In the blockchain ecosystem, there has traditionally been no centralized organization that collects identity information. The blockchain ledger is immutable and can verify and ensure the legitimacy of users, transactions, and messages. Blockchain authentication is done through smart contracts and does not require a third party to verify transactions. This reduces costs while increasing security and privacy.

The most popular blockchain software in traditional identity management is undoubtedly Hyperledger Indy. There are many examples of using Hyperledger Indy for data management, such as Sovrin (decentralized global sovereign identity utility), MyData (a joint initiative with Sovrin to build an autonomous identity and authentication mechanism), etc. Indy is a distributed ledger designed explicitly for decentralized identity authentication, with completely open-source specifications, terminology, and design patterns to help facilitate the proposal of decentralized identity solutions. Hyperledger Indy is a good solution for managing digital identity issues, but Indy doesn't entirely solve the problem.

Problems with Indy

1. User information is stored in the wallet or resume folder and is not stored on the blockchain, so it is easy to lose.

2. If the user changes companies, the user must apply for all identity information from the original company, which is time-consuming.

3. Each application needs to have Decentralized Identifiers (DID). Each application requires a new DID username and password, which occupies a large amount of memory in the blockchain.

4. If the DID length is too short, it may cause security data leakage and cause security problems.

In response to these questions, we take IdToken as an example to answer the above questions, which we will discuss in detail below. (Hyperledger Indy with IdToken is called IdChain)

IdToken Identity Management Mode

For example, to better understand the development of IdToken and IdChain, at least three elements need to be considered: users, companies, and institutions (providing users with identity attribute guarantees). In IdChain, each user's registration method and mode are the same. Users wanting to register in IdChain must provide personal data (first name, last name) and biometric data (fingerprint or facial recognition). The biometric data is converted into a private key after cryptographic hash conversion, the private key is stored in the encryption engine of the personal device, and the public key is generated after the private key is generated.

After the registration in IdChain is completed, a new block needs to be created in the ledger, and the token smart contract generator will execute and automatically generate it. Users can insert, store, and encrypt all personal data in the new block with the public key. Users can read and insert further information in the IdToken using the private key (a hash of the biometric data); to grant someone read-only access to the data, the user must share the public key.

The advantage of this mode is that the user can insert all the information in the IdToken. In Hyperledger Indy, a lot of wallet data is stored on local devices (smartphones, computers), which may lead to information loss. But in IdChain, even if the user's personal device is lost, it can still be accessed using biometric data without the intervention of a central authority.

If users want their company to obtain his/her identity information from an institution, the following steps are required:

1. Users and companies have accounts on IdChain. Users use their IdTokens to identify themselves to the company, which is authenticated by their institution.

2. The user applies to the company to provide IdToken access rights and provides the user's personal public key. After the company receives the request, it verifies the verifiable credentials in the IdToken and accepts the proposal.

3. The identity of the user and company is verified (digital signature).

4. After authentication, the company sends the user a request that the business needs to decide whether to hire the user.

5. The user accepts and sends the IdToken (which only contains the information required by the company and verified by the institution).

6. The company can read the user data and decrypt the user IdToken with the public user's key.

7. Each operation will have a timestamp in this series of steps. This way, both parties know the identity of the other and can operate safely and securely.

Advantages of IdTokens

· No proprietary software or infrastructure is required. IdChain uses a public blockchain, and users do not need to invest much money to build the technical infrastructure for identity management.

· Data can be revoked. Identity data can be revoked by the data owner. If the user changes the credit card number, the data owner can cancel the blockchain's previous/invalid credit card number data.

· Global compatibility. Users can store and share identity information anywhere in the world. User data can be accessed and used regardless of the country. If the user changes to a new company, just open the access rights of idToken to the new company.

· All information is native to the blockchain and does not require local storage.

· Security and verifiable credentials. Personal information will be hashed and securely stored in IdToken without worrying about security issues. In addition, IdToken is unique and cannot be copied.

This new approach to digital identity management and certificate distribution is beneficial and improves privacy, security, and efficiency. In addition, idToken can replace paper information exchange, speed up the identification of users and companies, and eliminate openness issues that cannot be solved in traditional digital identity management. Another essential feature of this model is the increased usability of the blockchain. IdChain uses a cryptographic engine embedded in portable devices (such as smart cards, etc.) to separate identity information from specific devices (such as computers, etc.). The biometric key acts as a second authentication factor, addressing the lack of a certification authority in the Indy authentication system.

Future development

There are still privacy concerns in the future and further development of biometric data (in addition to fingerprint schemes) in the blockchain. In addition, it is also necessary to develop tools to partition the data volume in IdToken, so that the data accessed is only the data required to access to improve the usability and practicability of the blockchain.

Soon, we can foresee a highly secure identity management model that not only unlocks and shares NFT tokens with more possibilities but provides item ownership and identity authenticity to ensure that assets/tokens ownership is shared securely and trusted.