Today we are launching an MIT Human Dynamics Lab computational law research project to provide individuals a digital "Core Identity" of their own. This project aims to rapidly prototype a blockchain enabled individual identity and digital signature open source application. This prototype will be used for testing the capabilities and suitability of decentralized blockchain public infrastructure to provide individual identity services for any person on the web. We will explore sufficiency of the Bitcoin public blockchain by use of Blockstack and an API developed by Microsoft. I would like to thank Dan Buchner, of Microsoft, for spelling out the exciting idea that individual people could leverage a Bitcoin blockchain address as the basis of usable, web-based individual digital identity and for providing access to an API under early development to test creative approaches and research hypotheses arising from this innovative idea. In collaboration with Massachusetts Legal Hackers, will also explore sufficiency of the Ethereum public blockchain by use of the Stone Paper project, graciously made available by Matthew Rappard of Toronto Legal Hackers under the MIT open source code license in their GitHub repository. As part of the Ethereum development, we may also explore the potential fit of uPort, by ConsenSys. I would like to thank Amy ter Haar, of Toronto Legal Hackers, for her tireless collaboration and inspirational connecting of people, projects and possibilities.
This application will test a method for providing individuals with the capability to have and use a "core identity" of their own. This approach is akin to common law rules and common sense expectations that every person maintains power and controls of their own identity and their identity can not be owned and controlled by a third party such as an employer, government agency or a bank, etc.
Today, third parties own all digital identities of all people but there is no way for people to have and use even one digital identity of their very own. For instance, the username, unique ID, authorizations, profile, reputation, activity log, preference settings and other such properties and attributes can be thought of as "digital identity". Today, people have several digital identities. Each digital identity has a cluster of things like usernames, profiles, authorizations, etc. Each digital identity was created, issued and exists in specific roles and contexts. For example, in role of an employee you have a digital identity that is subject to ultimate decision making control of your employer, in your role as a retail consumer your digital identity is subject to the ultimate control of the merchant, market or other commercial service provider, in your role as a a student your identity is subject to the final say of the educational institution, as a tax payer your digital identity is subject to a government tax collection agency or perhaps an accounting software provider, as a licensed driver your identity is subject to the state department of motor vehicles, as a bank account holder your digital identity is subject to the bank where you deposit your money, as a parishioner your digital identity may be subject to a pastor that runs an app or to a church or other organ of a religion, as a social network user, your identity is subject to your social network provider, as a military officer your identity is subject to the chain of command of the armed forces that commissioned you and so on. The party or parties that own, control and maintain ultimate power and authority over any digital identity you use can quickly be revealed by naming the roles, relationships and other context within which that digital identity was created and is used. Typically, for any digital identity of a person that they can name and use, I can find the legal name and official address of the party that owns the digital identity within 3-5 clicks at a browser or on the application that person uses to login or authenticate that identity.
It is perfectly normal and acceptable for people to have and use a number of digital identities and for some or most of those identities to be owed by third parties. A serious problem emerges however when people have no digital identity of their own. Today, there is no way for people to create or use a digital identity of their own. Prior to networked technologies and applications, the source of individual identity was situated almost exclusively with the physical human beings involved in the transactions. The time and place of individual, personal presence was the time and place where key identity based transactions were expected or required to be conducted. Today, nearly every kind of business, social, governmental and other activity can be conducted partly or exclusively online. However, identity has not caught up with the mass-scale digital transition to online transactions and activities. Our roles, relationships and interactions exist online but in a real sense, we ourselves do not. Individual "core identity" is a necessary but missing capability of the digital age.
It is assumed that a suitable, valid and legitimate system for generating and managing identifiers and other key attributes for a "core identity" would itself need to be owned and controlled directly be the individuals who use the system for their "core identity" or perhaps otherwise subject to the final decision making and authorization of those individuals. This is because the best interests of end-users of identity systems can and do become inconsistent or in conflict with the interest, duties and priorities of other types of system providers such as governments, banks, technology venders, etc. By definition, every individual person retains final decision making power and ultimate control over their own "core identity". As a technical matter, a "core identity" could be built upon the individual "address" on a public blockchain created for individuals that use a digital wallet to conduct Bitcoin or Ethereum transactions.
One goal of this rapid prototype is to create a working reference implementation that can be used to test the hypothesis that the Bitcoin and/or Ethereum public blockchains could satisfy this systemic design goal because they are decentralized and globally distributed system that is based on consensus protocols and , capable of basic online activities. accessing and interacting on standard social and news media services, conducting common e-commerce transactions and engaging in basic civic activities such as providing comments at a local governance meeting or signing a petition.
The initial design goals for application is to enable parties to digitally sign and store enforceable legal contracts and send or receive digitally signed legal notices. If feasible, we will also test the ability to login to a standard web based app or service through an integration with Open ID Connect token and other services. In collaboration with civic hacking groups such as Code for America and Legal Hackers, we will further refine and test a series of individual usability and systemic legal use cases. We are developing a diagram depicting the key roles, interactions and workflow involved to guide development and evaluation of the project. The development will focus on modeling, building, testing and demonstrating the front-end UI and UX for an end-user application. The expected result of the initial prototype is an application that demonstrates 1. digital signatures used to sign legal contracts and notices are publicly verifiable by use of the public key associated with a Bitcoin and/or Ethereum public blockchains address associated with the signer and 2. digitally signed contracts and legal notices accessible at a standard URL on the web in the form of human readable pure text files.
The capability of individually signing and verifying signatures of others on contracts is regarded as a fundamental design pattern and axiomatic for this prototype. It is assumed that the technical process of encrypting the message hash of a file using the private key associated with the public blockchain address of the signer can be leverages to enable adjacent transactions, such as using the public verifiability of the signature as a higher level factor of authentication available as part of login for access to an application, service or other protected online resource. Likewise, it is assumed the digital signature core use case can be built upon to verifiably connect a constellation of other relevant digital identities an individual may wish to cluster "under" their "core identity" such as a personal email address, social profile, contributions to news or public comment sites, authorship of books or other creative works, and so on. Services such as Keybase and OneName are good examples of this basic concept, but neither currently provides a way for individuals to easily use a blockchain-backed individual identity to conduct a series of fundamental business and legal transactions that attain would be considered valid business transactions and be valid and enforceable under the law.
While it is not central to this prototype test suite, one item that will be evaluated is whether this design pattern can provide comparable or superior value in comparison to use of so-called "Public Key Infrastructure" digital certificates. X.509.V3 public key certificates, digitally signed by so-called "trusted third parties" were intended to enable a global "Public Key Infrastructure" and today, this technology implementation of public key cryptography is used to provide the server certificates and creating "secure sessions" on the web. By contrast, using public blockchains as a general public key global open registry service is a way to associate public keys not only with organizations and servers but more importantly is designed to be used by and for individual people. This core identity prototype approach takes advantage of two key factors that did not yet exist when PKI was developed and deployed, namely: the high capacity computation available to individuals through their browsers and secondly the existence of public blockchains and widely available individual consumer blockchain wallets. This prototype can enable an initial, cursory exploration of potential ways the core identity and blockchain approach could meet and exceed the practical value actually gained by use of X.509 digital certificates. The original concept of PKI was that certification authorities would be relevant, important providers of "trust" enabling transactions between parties that would otherwise be strangers and have no basis for managing transaction and other risks over the open web. This model has not caught on and in reality, virtually nobody is aware of the identity of the provider of the digital certificate of their own servers or the servers they connect to, nobody looks at the certificates to understand the attestations they are supposed to stand for and nobody is aware of the carefully crafted "Certificate Policy" and "Certificate Practice Statement" legal documents intended to be the ultimate logical basis for rational parties to calculate risk, predict legal outcomes and decide whether or not to proceed with a transaction on reliance of the promises and processes of the certification authority. Sure, there is an IETF standard format for these policy and practices statements, and several books on the topic of writing them properly, but in reality virtually no business, legal or technical decision is in any way premised on or happens with any awareness about the existence of any of these documents or the asserted role of a certification authority as the "trusted third party" that makes trustworthy online transactions possible. There are, unfortunately, any number of practical and security failings of this server certificate based PKI model and most importantly there is a real cost, usually in the hundreds of dollars, for any business or other entity to purchase these server certificates. The comparison and evaluation of potential competitive benefits for using the public blockchain as a key registry in combination with a Core Identity (or corresponding "Business Identity") design pattern will factor in the direct and indirect costs of PKI for server certificates as a means to associate the identity of an organization with the server certificate used for that organization and to enable basic key exchange for encrypted sessions over the web.
Today, various proprietary products and open source projects provide solutions for addressing cryptographic security and lifecycle key management. While this capability is essential, it is not the focus of this rapid prototype. Instead, this research project is intended to coherently explore whether a credible, integrated business, legal and technical formula can be formulated with a simple client digital signature application in combination with a public blockchain address. Existing solutions for this critical security functionality are generally considered too costly, too complex and/or too risky to fill the need for population-scale individual public/private life-cycle key management for individuals. However, there are sufficient existing solutions to build needed security capabilities into future work if further development and testing are deemed desirable. Moreover, exciting high quality, low cost, easy to use and downright fashionable solutions are imminently coming to market for individual key management and authentication at point of sale, via the web or for blockchain based transactions via secure digital wallets and other software.
Although the PKI approach of attempting to put fill the role of a trust "third" party through a technology service that sells X.509 certificates for servers is not being followed, this project does assume there is a practical and beneficial role for a so-called "trust provider". Rather than seeking to manufacture trust through the application of cryptography and other technology, this project will explore the potential for parties that have earned and currently hold a trusted role in the lives of people using the "core identity" application. The prototype will assume the existence of a fiducary agent that operates on behalf or at the behest of the person using a "core identity". Specifically, we will assume a Federally Chartered Credit Union will be responsible for the service that provides client applications for key management and digital signatures as a tool for "Members" of the Credit Union to create and use their own blockchain enabled "core identity" for contracts, legal notices and other web-based transactions. Federally Chartered Credit Unions, under US law, are non-profit financial institutions that are collectively owned by the individuals with active checking and savings accounts. In addition to being owned by the individuals with accounts at the Credit Union, the Credit Union is also legally required to act as a "fiduciary" of the Members. That means the Credit Union does and must put the best interests of the Members first. In addition, Credit Unions are federally insured, heavily regulated, regularly audited and examined and are generally as secure as private banks with respect to web-based banking sites, mobile banking apps and digital wallets, among other basic financial technology. The existing role, duties and experience to create and manage the life cycle of user accounts, authentication, authorizations, reporting, preferences, etc for individual users is comparable to providing other digital identity services. The basic responsibility for ensuring adequate security practices and for providing a realistic, relevant and reliable basis for trust would be situated with the Credit Union, for purposes of testing assumptions and the businessm legal and usability use cases for this prototype. We may also test the role of lawyers as a possible fiduciary agent providing identity services to, for, on behalf of and in the best interests of individuals.
The key technical hypothesis driving this prototype testing is that low cost secure web and mobile apps can leverage a public blockchain address to provide a previously unattainable service needed to connect individual people with public key-pairs in a trustworthy manner. The project will test and evaluate if any person can associate a public key pair with any web-based digital identity using the Bitcoin and/or Ethereum public blockchains to provide a public key registry as a global identity infrastructure service. Specifically, we will explore and test whether any individual can use the software to generate or use an existing public key pair of their own, to create a valid individual address on the blockchain with that key pair, and to enable any party on the web to publicly verify a digital signature on any digital file or other data executed with reference to the blockchain address. Specifically, the project will explore potential of public blockchains to provide decentralized, globally distributed, secure, auditable, reliable, accessible, transparent, well documented, stable and scalable individual public key registry as a "Core Identity" infrastructure service.
Blockchain-Enabled Digital Signature Mock Trial
This collaboration with Massachusetts Legal Hackers with the help of Toronto Legal Hackers is focused on creating a prototype blockchain-enabled digital signature app to test the admissibility and enforceability of legal signatures, contracts and transactions resulting from use of the app. The mock trial "fact pattern" assumes an otherwise ordinary sale of goods transaction operating under Massachusetts law and the resultung dispute adjudicated in Boston Superior Court. For more information, see:
July 24, 2017 MIT Media Lab Digital Identity Unconference & Prototype Jams
- For more information, see: https://law.mit.edu/blog/exploring-digital-sovereign-identity
Attributions and Acknowledgements:
I would like to thank Dan Buchner, of Microsoft, for spelling out the exciting idea that individual people could leverage a Bitcoin blockchain address as the basis of usable, web-based individual digital identity and for providing access to an API under early development to test creative approaches and research hypotheses arising from this innovative idea. I would also like to thank Matthew Rappard of Toronto Legal Hackers for generously making Stone Paper available under the MIT open source code license in a Legal Hackers GitHub repository. I would like to thank Jason Walsh, co-chair of Massachusetts Legal Hackers, for sharing his brilliant technical engineering skills, for acting as a corner stone foundation enabling community-based volunteer civic hacking to emerge and recognize that without Jason, I do not believe this project (or many others) would ever exist. Finally, I would like to thank, Amy ter Haar, lead of Toronto Legal Hackers, for her tireless collaboration, friendship and continual connection of people, projects and possibilities to realize the highest potential of those fortunate to be around her.
For More Information or to Contribute to the Open Source Project: