Identity on the Blockchain:

Perils and PromiseConsensus 2016 Identity Workshop

May 4th, 2016

ChristopherA@Blockstream.com

Christopher Allen• The Past: Cryptographic Trust & Internet Privacy Pioneer

– Enabled PGP, Digicash, Red Hat, etc. with cryptographic tools– Co-author Consensus Development’s SSL 3.0 reference

implementation– Co-editor of IETF TLS 1.0, world’s broadest deployed security

standard– CTO Certicom, early smart contracts work– VP Developer Relations, Blackphone / Silent Circle

• The Present: Blockchain & Identity Architect– ID 2020 Board Advisor, United Nations Summit on Digital Identity

(May 20th)– #RebootingWebOfTrust Design Workshop (May 21st & 22nd)– Principal Architect, Blockstream

PGP: FDA6C78E

Blockstream• We believe in trustless and permissionless innovation

– Open source “Elements” sidechain project– “Liquid” sidechain for capital efficiency & liquidity in bitcoin

exchanges• We believe in fairness, openness and accountability

– Interoperable markets and many blockchains– Trustable and secure fiduciary transactions across multiple

blockchains• We’re in this together

– We are committed to collaboration with the broader industry– We are open to learning from you

Identity on the Blockchain• Blockstream has no identity product

– However, we have privacy & confidentiality enabling crypto tools, including:

– Confidential transactions; zero-knowledge transactions; crypto blinding; etc.

• Identity of the Blockchain is a two-edged sword– Best: Hold the powerful accountable for their actions– Worst: We weaponize identity as a tool against the powerless

• We wish to be part of the growing dialogue about Identity on the Blockchain– For if we do not speak, solutions may emerge that don't meet our

high standards– We wish to learn together how to better create appropriate solutions

Why now?• United Nations goal 16.9. targets legal identity for all by 2030

– Estimated 1.5bn people without a legal identity, 230m children under 5 yrs

– 60m stateless people and refugees• Aadhaar Card Registered ~1bn Indian citizens

– Violates some best practices of over a decade of first-world identity work

– Few laws against profiling, discrimination, abuse by law enforcement, etc.

– Biometric abuses — you can’t revoke a fingerprint• In WW II, more Jews died as % of population in Holland than in

Germany• The same tools we use to protect a buyer, seller, trader,

auctioneer, or a make a marketplace fair & transparent can also be use to defend the helpless!

Self-Sovereign Identity

• Every individual human being is the original source of their own

identity

• Identity is not an administrative mechanism for others to control– No one may charge rent or be able revoke another’s identity

• Each individual is the root of their own identity, and central to its

administration

• The role of names, citizenship, licenses & other credentials

should be distinct as “verified claims” offered by their issuers,

not as identifiers of a human being

10 Principles bit.ly/PathSelfSovereign• Existence

– Users have an independent existence — they are never wholly digital• Control

– Users must control their identities, celebrity or privacy as they prefer• Access

– Users must have access to their own data — no gatekeepers, nothing hidden

• Transparency– Systems and algorithms must be open and transparent

• Persistence– Identities must be long-lived — for as long as the user wishes

10 Principles (continued) bit.ly/PathSelfSovereign• Portability

– Information and services about identity must be transportable by the user

• Interoperability – Identities should be as widely usable as possible; e.g. cross borders

• Consent– Users must freely agree to how their identity information will be used

• Minimalization– Disclosure of claims about an identity must be as few as possble

• Protection– The rights of individual users must be protected against the powerful

A Growing Dialog• These 10 principles are only a beginning…

– Share your ideas & thoughts with me @ChristopherA– Post issues & pull requests at:github.com/ChristopherA/self-sovereign-identity

• How can we better understand the problems and advocate solutions?– ID 2020 Summit on Digital Identity at United Nations May 20th– ID2020summit.org

• What architectures support self-sovereign identity?– Second #RebootingWebOfTrust Workshop May 21st & 22nd– www.WebOfTrust.info

@ChristopherA