16 KiB
date | title | description | layout | excerpt | header | categories | tags | redirect_from | permalink | canonical_url | last_modified_at | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
2019-03-28 | uPort | A self-sovereign identity and user-centric data platform | single | In your application, you must first configure your uPort object with an identifier and a private key (or signer function). There are several ways to instantiate a credentials object. The most common approach is to save a DID and private key on a server for your application and create a credentials instance from your application's unique private key. Signed JWTs for requests and verifications can then be passed to a client-side application, and presented to a user using a QR code or via another transport. |
|
|
|
|
/blockchain/ethereum/uPort/ | https://decentralized-id.com/blockchain/ethereum/uPort/ | 2020-11-30 |
uPort • GitHub • Twitter • Developers • iPhone • Android
- Ethereum studio ConsenSys launches digital IDs and assets secured on Ubuntu phones
- Different Approaches to Ethereum Identity Standards
- uPort donates code to the Decentralized Identity Foundation
- decentralized-identity/did-jwt-vc - Create and verify W3C Verifiable Credentials and Presentations in JWT format
- Trusted P2P Messaging with DIDs, DIDComm and VCs (h/t @by_caballero)
By resolving a DID a validator can typically discover the authoritative keys for different purposes or more generally, a set of verification methods for that DID. An Ethereum account could be a verification method as well. Service endpoints are extensible by design, so you could define your own ones if needed. However, the DID community has agreed on a set of well known service endpoints. Amongst them, the DIDComm service endpoint solves the how-to-reach-me problem and can be used to establish a secure communication channel with the other party. Despite there are only a few limitations of what properties can be associated with a DID, privacy regulations such as GDPR need to be considered very carefully.
- GLEIF and uPort Test Verified Data Exchange in Financial Transactions
Switzerland & Paris — The Global Legal Entity Identifier Foundation (GLEIF) and uPort, ConsenSys’ digital identity platform anchored on the Ethereum blockchain, have partnered to support the process of exchanging verified data used in financial, commercial, and regulatory transactions. GLEIF is the G20-backed non-profit foundation tasked with promoting the use of legal entity identifiers (LEIs) as the global standard to unambiguously identify parties doing business. Together with uPort, GLEIF is testing how businesses can leverage the Ethereum-backed identity system to increase the efficiency of verifying business identities and persons acting on its behalf within the LEI ecosystem.
- PWC and Onfido Join uPort's Portable Identity Effort in UK Finserv
uPort and Onfido have a shared vision of enabling consumers with access and control over their own data. Earlier this year, both companies applied to and were accepted to the UK’s Financial Conduct Authority Regulatory Sandbox (Cohort 5) to test how decentralised identity can enable fintech ecosystems in the UK. PWC’s UK team, believing that such technology can be a key factor to promote more open financial ecosystems, is partnering with them in this pilot. In joining forces, the teams are committed to building a world where users have control over managing their personal data, and where decentralised identity reintroduces trust and privacy into transactions between parties.
- Welcome to uPortlandia, the Future of Data and Identity Management
uPortlandia is uPort’s vision of the future of data and identity management. A future of password-free online experiences. A future where you can prove who you are or verify facts about your life while sharing far less personal information. A future where we, the people, we as individuals, control our digital identities. Without being beholden to the Facebooks, Experians, or Googles of the world.
Zug ID
- A position paper on blockchain enabled identity and the road ahead—Identity Working Group of the German Blockchain Association [ϟ]
City of Zug (UPort and ti&m)
As a first pilot project in Switzerland, the city of Zug is currently piloting a SSI solution. The local administration is cooperating with the IT consulting company ti&m, as well as UPort to provide a basic infrastructure for their citizens to attest their identity. With the SSI implemented in Zug, users can now pay their parking fees, register for elections or perform online sign on for e-government services33. The benefits range for the city of Zug are low infrastructure requirements, decreased security risks, cost effectiveness, GDPR compliance and scalability.
- Zug ID: Exploring the First Publicly Verified Blockchain Identity
We recently announced our cooperation with the Swiss City of Zug and local development partner ti&m to introduce the world’s first live implementation of a self-sovereign government issued identity on Ethereum. Thus far, more than 50 citizens in Zug have successfully verified their uPort identity in person with the City, enabling them to access a new suite of e-government services in a trusted and self-reliant manner. With all the excitement around this launch, we wanted to outline for all of you the underlying mechanics of the Zug identity verification system, the benefits this provides for various stakeholders, as well as future use cases and its evolution.
Literature
- A First Look at Identity Management Schemes on the Blockchain IEEE 2018
A uPort identity is underpinned by the interactions between Ethereum smart contracts: bespoke code that can regulate the movement of data and ether (the native cryptocur- rency) on Ethereum. Smart contracts are uniquely addressed by 160-bit hexadecimal identifiers, and, when invoked are executed by the Ethereum Virtual Machine (EVM) installed on every Ethereum node. Two smart contract templates designed by uPort comprise each uPort identity: controller and proxy. To create a new identity, a user’s uPort mobile application creates a new asymmetric key pair and sends a transaction to Ethereum that creates an instantiation of a controller that contains a reference to the newly created public key. Then, a new proxy is created that contains a reference to the address of the just-created controller contract; only the controller contract can invoke functions of the proxy; a constraint that is specified in the controller and enforced by the EVM. The address of the proxy comprises the unique uPort identifier (uPortID) of a user. A user is free to create multiple uPortIDs that are unlinkable. Figure 1 provides an overview of an interaction between a uPortID and the smart contract of a decentralised application on Ethereum.
The private key that controls a uPortID is stored only on the user’s mobile device. Therefore, an important aspect of uPort relates to its social recovery protocol for the event of loss or theft of the user’s mobile device. For that, users must nominate the uPortIDs of trustees who can vote to replace the public key referenced in the controller with one proposed by the user in need; once a quorum is reached between those trustees on the new public key, the controller replaces the lost public key with the newly pro- posed public key. This process enables the user to maintain a persistent uPortID even after the loss of cryptographic keys.
A final aspect of the uPort scheme is its support for securely mapping identity attrib- utes to a particular uPortID. The uPort registry is a smart contract that stores the global mapping of uPortIDs to identity attributes. Any entity can query the registry, however, only the owner of a specific uPortID can modify its respective attributes. Due to the inefficiency of storing large volumes of data in a smart contract, only the hash of the JSON attribute structure is stored in the registry. The data itself is stored on IPFS: a distributed file system where a file can be retrieved by its cryptographic hash.
developer.uport.me
Build User-Centric Ethereum Apps
- overview/index#u-port-protocols-and-libraries
- uPort transports
- uPort Signed Messages
- JWT RFC 7519 did-jwt
- Decentralized Identifiers (DIDs) did-resolver
- Public Key Lookup ERC-1056 Lightweight Ethereum Identity ethr-did-resolver
- Creation/Management Ethereum DID Registry Contract ethr-did
- Ethereum JSON-RPC Web3 or EthJS
- Ethereum.org
- Connect Users to Your web3 dApp
Add full support for uPort by adding a single line of code to your web3 dApp.
- Onboard new users within minutes
- Instantly create a privacy-preserving Ethereum account
- Build for both desktop and mobile browsers
- Issue & Request Verified Credentials
Help your users build their digital identity by issuing Verified Credentials about them or the things they do in your app.
- Request Ethereum transaction signing with web3
- Issue and Request Verified Credentials about your users
- uport-credentials/docs/guides - Getting Started with uPort Credentials
- Transactions
It is possible with uport-credentials to create an ethereum transaction request and have a mobile client approve and sign that transaction.
- uport-connect/guides/usage
The uPort Connect library is a client-side library that allows you to interact with a user's uPort identity through a uPort client, primarily the uPort mobile app. The Connect library bundles functionality from our other libraries into a singular, easy to use interface.
This guide describes the parts which make-up Connect and provides further details on how to configure it for your specific use case. While Connect is likely the best solution for most use cases, you may decide you need greater optionality and control over certain use cases, in that situation, you may be interested in using uport-tranports and uport-credentials as an alternative.
- RequestVerification
Much like logging in, using uport-connect to request verified data about uPort mobile clients is simple. So simple we will follow the same steps of logging in, but this time pass an array of verification titles that we want to request for disclosure. Our connect library manages the flow for you with minimal configuration.
- SendVerification
Much like logging in, using uport-connect to create and send verifications to uPort mobile clients is simple. Our connect library will manage much of the flow for you with minimal configuration.
- Goodbye uPort DIDs, Hello Ethr-DIDs
Using the Ethr-DID library, you can:\
- Create and manage keys for DID identities
- Sign JSON Web Tokens
- Authorize third parties to sign on a DID's behalf
- Enable discovery of service endpoints (e.g. decentralized identity management services)
The Ethr-DID library conforms to ERC-1056 and supports the proposed Decentralized Identifiers spec from the W3C Credentials Community Group. These allow for Ethereum addresses to be used as fully self-managed Decentralized Identifiers (DIDs), as a result, you can easily create and manage keys for these identities. This library also allows you to sign standard compliant JSON Web Tokens (JWTs) that can be consumed using the DID-JWT library.
- uPort Credentials library allows you to:
- Create and verify authentication requests
- Request verified claims
- Verify claims for your users
- Ask users to sign Ethereum transactions
- Create Ethereum smartcontract function call requests without web 3.0
- Ethereum DID Registry
This contract allows on-chain and off-chain resolving and management for DIDs (Decentralized Identifiers).
A DID is an Identifier that allows you to lookup a DID document that can be used to authenticate you and messages created by you.
It's designed for resolving public keys for off-chain authentication—where the public key resolution is handled by using decentralized technology.
This contract allows Ethereum addresses to present signing information about themselves with no prior registration. It allows them to perform key rotation and specify different keys and services that are used on its behalf for both on and off-chain usage.
- uPort Transports allows you to:
- Send messages to users using a QR code
- Send requests and receive responses through URLs
- Send encrypted push notifications
- Create Transports specific to your use case and environment