Introduction
The Internet lacks a native identity layer. The Internet network is responsible for only sharing bits and bytes between computers connected to it(exchanging data via the TCP/IP protocol). From the early days of the Internet, building a human-centric digital identity has been a critical challenge. In the this section, we explain the evolution of the digital identity on the internet over time.
Based on the evolution of our digital world, which is based on blockchain technology, digital identity services will be provided via protocols on the Internet. The identity provider(IDP) will be a protocol, not a centralized trusted third-party platform.
Bitcoin digital identity
Bitcoin is a decentralized system made of multiple components. Some critical components are decentralized, and if they weren’t, we could not say that the Bitcoin Blockchain is decentralized. The digital identity is one of them, and it is a form of decentralization. So, we lose the decentralization nature of a Blockchain system if we have a centralized digital identity. Even if the Blockchain network is decentralized, and the Blockchain protocol rules ensure decentralization, we broke the decentralization nature of the system with a centralized digital identity(trusted third party). We broke the self-custodial and ownership of our asset to a trusted third party. It is an intermediary that decides whenever we spend our assets.
The modular blockchain architecture solves the blockchain's scalability problem, where the block production can be centralized, but validation and verification of the block are decentralized. The blockchain protocol must also ensure that the transactions included in a block must be chosen via decentralized rules. We can apply the same approach to the blockchain digital identity by determining which components must be decentralized to conserve the decentralization nature of the blockchain and which ones can be centralized to facilitate the onboarding of humans to use the Blockchain.
Evolution of digital identity in the Blockchain ecosystem
Bitcoin introduced a decentralized digital identity system in which humans are identified via an address and authenticate their transactions via a digital signature. An address is derived from a private key(which must be kept secret). Bitcoin Blockchain authenticates humans to spend their BTC coins by verifying that a digital signature issued by the private key belongs to their address. The human controls its digital identity via the ownership of the private key.
You can choose any software wallet to create and manage your private keys and switch between wallets. There is no trusted third party that has some control over human digital identity. Humans have sovereignty over their digital identity. Ethereum and other blockchains use the same approach introduced by Bitcoin. It is challenging to scale blockchain digital identity and onboard billions of humans to use the blockchain while conserving such decentralization and sovereignty properties, making it more user-friendly, and developing features that ensure users' safety and security.
Bitcoin's and Ethereum's digital identity systems (based on PKI) are limited in terms of functionalities. It is difficult to program and build more advanced features on top of it. In the Ethereum ecosystem, human digital identity is based on an externally owned account (EOA), which is a static and limited approach, and it is difficult to program on top of it.
Safe introduces a multi-signature wallet concept by programming advanced authorization rules on top of EOAs. Multisignature wallets require more than one private key to issue a transaction and add a layer of security to manage assets. Many private keys control access, enabling co-ownership and stronger security for individuals. The multi-signature idea is coded via a smart contract. Safe did a lot of fantastic stuff to improve digital identity on EVM chains.
The Ethereum protocol introduces a new approach called account abstraction, where digital identity is provided via a programmable smart contract(smart contract account). Now, we can program digital identity protocols that make the best trade-offs for a human-tokenization-centric digital identity. Ethereum protocol adopts the account abstraction through the ERC-4337 standard without any changes in the protocol's core.
Microchain protocol: a digital identity protocol approach
Introducing account abstraction (AA) and smart contract accounts (SCAs) in the Ethereum ecosystem allows the flexibility of building and programming digital identity protocols that provide authentication and authorization services, which is very difficult to do with externally owned accounts (EOAs).
The future of digital identity on the Internet is a set of protocols governed by the community—the composability of multiple standardized protocols to construct the Internet's identity layer.
Digital identity services will be provided via protocols programmed using smart contracts and zero-knowledge computer programs. These programs are executed and verified via a decentralized public good infrastructure secured by economic security and cryptography(math).
Digital identity protocols provide services such as identification, authentication, authorization, account recovery, attestation, reputation, etc. Wallets will interact with standardized digital identity protocols. The digital identity is moving on-chain.
There are many technical standards that a digital identity protocol must follow, such as:
- ERC-4337
- ERC-6900 or EIP-7579
- EIP-3074
- RIP-7560
- etc
Digital identity services will be programmed via smart contracts and zero knowledge based computer programs that will be deployed on the Blockchain. We distinguish two main open, decentralized protocol types(must be interoperable with each other):
- Protocols that manage, control, and govern human digital presence(identification, authentification, authorization, account recovery, etc). As a human, you own a protocol that governs and manages your digital identity, and you can share it with any digital services you use.
- Protocols that provide identity services such as reputation, attestation, naming service, profiling, etc.
We’re experimenting with designing a human-tokenization-centric digital identity protocol. We're trying to determine the best trade-off between multiple digital identity aspects and technologies.
In our protocol, we’re programming multiple rules, such as decoupling the digital account identifier from the authentication and authorization methods, loosely coupled where a human can switch between different authentication and authorization techniques. We encode new rules that allow onboarding humans securely and safely to use the blockchain.