back to article Internet Society: Cryptocurrency probably not an identity system

Too many cryptocurrency people are trying to force-fit blockchain technology into identity solutions, when ID needs its own solutions. That's the opinion of Steve Wilson of Lockstep Consulting, who this month co-authored a paper on identity for the Internet Society: Do Blockchains Have Anything to Offer Identity? with Steve …

  1. Charlie Clark Silver badge

    Leaving aside the question of energy, Wilson said, it was a brilliant conception turned into a dystopia by the mining consortia

    Sort of disqualifies him from the rest of the discussion: the dystopia was brought about by the mining concept's idea of synthetic scarcity. The blockchain is a good idea but nearly everything that has been built on top of it has turned out to be the typical solutionist shit.

  2. Rich 27

    hmm

    I'd disagree, how is identity handled at the moment? a record stashed in a database. Blockchain is essentially the same thing so why wouldn't it work in the same way?

    [quote]

    It's never that simple for real humans, Wilson told El Reg: “Identity is not transactional. It's a means to an end, anyway, not the end – it's quite rare for someone to go around identifying themselves all day.”

    [/quote]

    We kinda do, all the time. When in person it's via our face, when on a computer system it's on almost every action we take.

    1. Brangdon

      Re: hmm

      Bitcoin doesn't have any particular infrastructure to support this. Another blockchain such as the Ardor platform would be much more suitable. That has persistent accounts rather than ephemeral addresses, and you can tag accounts with certificates eg to show they have been validated to some level.

  3. JimC

    Identity is horrendously complicated though,

    Its not a simple concept like pseudo cash. For the naive, it seems just as simple as currency : 1 person, 1 pseudo dollar each needs to be identified, what's the difference.

    Well, once you have had real time experience of the horrendous complexities that you run into with some of the strange things that folk do who are, shall we say, not totally assimilated into the mainstream of society, well... As ever its the boundary conditions and exceptions that get you... And the trouble with something like identity is it really does need to cover 100% of cases.

    I''m sure plenty of commentards will pile in saying, no of course its not complicated, don't be ridiculous. But, as ever, they'll be the ones without the real world experience.

    1. Yes Me Silver badge
      Headmaster

      Re: Identity is horrendously complicated though,

      Yes. A secure dollar asserts "I am me and I'm worth a dollar, just as good as any other dollar." An identity assertion says "The person known uniquely as 'Yes Me' originated this data item or session." Those are very different assertions. The dollar is self-describing and self-contained. The identity assertion depends on some trusted third-party source of the ultimate truth about 'Yes Me'.

  4. futureidentity

    Oh, the irony...

    Nice article, Richard, thank you... though my name is Wilton with a "t" (not to be confused with Steve, who is Wilson with an "s". Unless it's the other Steve, in which case he's Olshansky. Simples. ;^)

    Very interesting comments from readers, too. I think the core point is this: when you use blockchain/DLT as the basis for a cryptocurrency (as per Charlie Clark's comment), you don't need any external source of trust. It's analogous to paying cash for something: you don't need to trust the person handing you the $5, you just need to trust the $5. The integrity of the DLT and the mining process are all you need.

    If you want to use DLT as the basis for trustworthy assertions of something else (such as Identity), then the roots of trust in those assertions have to be something other than the distributed ledger itself. As Brangdon says, "you can tag accounts with certificates to show they have been validated to some level"... but the validation process, and the validating entity, have to be trustworthy on the basis of something that isn't the DLT.

    (RIch 27 makes an interesting point, too, about passive linkability vs explicit authentication, but that's the subject of a whole other essay ... ;^) )

  5. handleoclast

    Impedance Mismatch?

    If I'm not misunderstanding something, most cryptocurrencies aim to be "digital cash." I.e., fungible and anonymous. One bitcoin is like any other bitcoin, apart from an identifying number. Much like a banknote. They can be tracked, but only with difficulty. You can say that a particular one passed from A to B but not know any of the intermediate steps. Some are more anonymous and some are less anonymous.

    It doesn't seem to me that cryptocurrencies are a natural fit to identity. Or that blockchain technology in general is, either. It hardly seems worth the effort of bodgeing stuff onto a blockchain to allow it to deal with identities. But maybe I'm missing something.

  6. Black Road Dude

    Different strokes...

    I agree bitcoin may not be the correct place for identity as it only allows a small amount of extra data stored in the blockchain.

    But as the article states there are different types of identity.

    The backbone of Bitcoin is the public private key pair.

    Something can be signed by your private key and anyone can check that you really did sign it with your public key.

    There are uses cases this could help with in identity such as providing data provided is genuine and yours. Such as a utility bill, passport driving licence etc.

    Now if we used something like the storj network (or ideally the maidsafe network although that is not ready) which allows files to be added, and shared on the decentralised network.

    For instance if the issuer of a utility bill made its corporate public key known. And signed a transaction containing a file containing your utility bill (perhaps a pdf) and sent it on the blockchain to your known public key.

    When you are trying to prove your address or bill amount etc to a different third party they can verify that you are the owner of your public key by sending a code encrypted with your public key that only you could decide and prove. And they could verify that the source of the file was I'm fact the utility company so the data is genuine it's then proven. This could be applied in a very similar way to driving licence, passport, house deeds, pay slips.

    Things to consider would be making the files private and sharable if necessary to the entity you are trying to identify yourself to. But this is achievable on the maidsafe network and potentially with some work.on the storj network.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020