Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
What is a blockchain ID?
Your blockchain ID is your digital self and a new form of secure, convenient identification.
How is a blockchain ID registered?
First, you go to a blockchain ID provider and sign up. Next, you fill out the information in your blockchain ID (only what you feel comfortable including). After that, you can verify your social media accounts, your website, and who you are in real life.
What are blockchain ID registrars?
Blockchain ID registrars are services that help users register a blockchain ID. Registrars don't have any control over your ID. They simply register it on the blockchain on your behalf and then transfer the ownership to you.
Where is a blockchain ID stored?
Blockchain IDs are securely encrypted and then stored across a secure network of computers (also called the blockchain). When you open your device and login to your account, the key on your device taps into the secure network and loads your blockchain ID instantly.
Can I transfer my blockchain ID from one provider or device to another?
Where can I view my blockchain ID?
You can view your blockchaind ID, or those of anyone else, on any profile gallery. Think of galleries like beautiful phonebooks with profile images and more information.
Where can I view someone else's blockchain ID?
What happens if I lose my blockchain ID?
If you lose the device with access to your blockchain ID, you can always recover it with the backup instructions that your blockchain ID registrar gave to you. There are usually many mechanisms in place to ensure that if the device you use to access your blockchain ID is lost, you can still recover the ID. Of course, if all the mechanisms fail, there is nothing you can do, but this should be a rare occurrence.
Can my blockchain ID be stolen?
Unfortunately, yes. That's why it's important to safeguard the device that your blockchain ID is stored on. That said, blockchain ID registrars should provide strong mechanisms for preventing theft, so that theft is not a large concern.
How do I verify my blockchain ID?
You can verify your blockchain ID with the social media account verification steps. You simply (1) post, tweet, etc. a message saying that you have a given blockchain ID, and then (2) include the usernames of your social media accounts in your blockchain ID profile. This two-way link ensures that the owner of each account is the same person - you!
Why do I have to post or tweet to verify my social media accounts like twitter and facebook?
Verification occurs in a completely publicly audit-able way. If one were to verify an account by logging in to twitter and facebook on their blockchain ID registrar, everyone would have to trust said blockchain ID registrar. There would be no paper-trail of the verification, so users couldn't judge for themselves. When users publicly post a message saying that they own a given blockchain ID, though, everyone can independently verify for themselves the fact that the person owns both the social account and the blockchain ID.
How does the blockchain validate a blockchain ID?
- A public/private keypair is allowed to register a globally unique blockchain ID if it hasn't been registered before.
- The keypair that owns the blockchain ID is uniquely allowed to associate data with it and update that data.
- Whoever has exclusive access to the private key is the owner of the blockchain ID.
Can any blockchain be used?
Yes, any blockchain that supports the embedding of data can be used with this protocol. That said, for users and software to be able to talk to one another and speak the same language, they all need to be on the same blockchain. This is why it's valuable for everyone to agree on a given blockchain and stick with it.
Why build on one blockchain over another?
One should build on the blockchain that everyone else is building on top of. See above.
Why doesn't the protocol require PGP keys for each user?
The cryptographic "owner" (or custodian) of a blockchain ID is an ECDSA keypair.
Because all identities have a keypair, PGP keys are not required for strong cryptographic identity.
Why don't you require profile updates to be signed with a PGP key?
All updates are signed with the cryptographic owner's ECDSA key. Thus, PGP signatures would be redundant.
Why don't you require social account verification messages to be signed with a PGP key?
This is optional, but only may provide a modest increase in security and greatly increases the complexity.
The social account needs to be two-way linked to the blockchain ID, not the PGP key.
Why don't you include the transaction hash/ID of the registration in the social account verification messages?
This is an option that we're considering. This would be helpful for SPV wallets to verify identities. That said, it is not necessary for non-SPV solutions.
Doesn't embedding profile data in the blockchain contribute to blockchain bloat?
Yes it does. That said, with Namecoin the amount of data being embedded per user is very small (on the order of 0.5KB). Even better, with Blockstore the data is not embedded in the blockchain - only the hash is embedded and the full data is stored in a DHT.
Isn't it concerning that profile data is stored in the blockchain for everyone to see?
Only public information (like name and twitter handle) is stored in the blockchain.
Will the protocol support private data containers?
Yes, support for this will be added at some point. Private information is an important component of identity.
Will the protocol support reputation?
Yes, reputation is an important component of identity.
Will the protocol support web of trust verifications?
Yes, this will be added in soon.
Can you verify domain names?
Yes, this will be added soon.
Can you verify bitcoin addresses?
Yes, this will be added soon.
Can you verify PGP keys?
Yes. This will be added soon.
Can you verify email addresses and phone numbers?
Unfortunately, it's not possible to do this in a publicly audit-able way. Yes, companies could verify for themselves.
Isn't it bad for privacy to support static bitcoin addresses for payments?
Yes, although non-static addresses do come with their own challenges. Services are beginning to support non-static addresses, like hierarchical deterministic wallets and stealth addresses, so look out for updates from them.
Isn't blockchain ID squatting going to be a big problem?
While squatting is annoying, we don't see it as a roadblock. There are hundreds of millions of accounts on twitter and twitter functions perfectly fine with such a high number of registered usernames. You'd be surprised by how many possible blockchain IDs there are and how creative people can get. Yes, most users will miss out on their first choice of names, but they should still be able to find a name that they like.
Can I contribute?