-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Updates to prism-node, bbs and verfiable data concept (#12)
Co-authored-by: Yurii Shynbuiev - IOHK <102033808+yshyn-iohk@users.noreply.github.com>
- Loading branch information
1 parent
e8948e1
commit 87a5fde
Showing
3 changed files
with
40 additions
and
42 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,28 @@ | ||
# PRISM Node | ||
# PRISM node | ||
PRISM Node acts as a second-layer node for the Cardano blockchain. It is designed to function as a verifiable data registry, providing a secure and reliable way to store and manage data. | ||
|
||
The primary purpose of PRISM Node is to provide a secure and trustworthy platform for storing and managing data on the Cardano blockchain. By leveraging the blockchain's security and decentralization, PRISM Node stores and retrieves data in a secure and tamper-proof manner. All operations are independently verified and authenticated using cryptographic signatures and other security measures, so all data is accurate and trustworthy. | ||
|
||
PRISM Node runs alongside a blockchain. The Cardano Node keeps the internal state synchronized with the underlying blockchain and indexed for efficient lookup operations. Furthermore, it implements did:PRISM method in an efficient and scalable way by publishing the transactions to the Cardano blockchain to support the PRISM Node protocol and perform the creation, update, resolution, and deactivation of DIDs. | ||
|
||
PRISM Node generates a PRISM transaction with information about DID operation and proof of work. Then, the transaction publishes to the blockchain network for verification and validation. Once the transaction gets confirmed on the blockchain, the PRISM Node updates its internal state to reflect the changes. | ||
|
||
The second-layer node also plays a critical role in resolving DIDs. PRISM Node keeps the internal state indexed, which allows retrieving information about a particular DID quickly and efficiently without requiring access to the underlying blockchain. | ||
|
||
Overall, second-layer nodes are essential for the PRISM Node protocol, providing the necessary off-chain processing and data storage capabilities to make DIDs scalable and efficient. | ||
|
||
At its core, PRISM depends on protocols defining how to manage Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). | ||
The PRISM node is the main component that implements these protocols. First, we should explain how the protocol works to understand what the node does. | ||
|
||
- Any user can run a PRISM node to self-validate information or rely on a set of actors that run nodes on his behalf. The level of delegation of trust is a decision made by each user. | ||
- Any user willing to create a DID can do so without any need to interact with any PRISM node. Creating a DID can be optionally announced publicly by publishing a creation operation on-chain. The action of posting an operation on-chain does require interaction with a PRISM node. | ||
- Users can update the DID documents associated with their DIDs. To do this, they must publish respective update operations on-chain by interacting with a PRISM node. | ||
- Deactivating a DID can be performed along the same lines as an update but publishing a deactivation operation. | ||
- PRISM nodes read the operations published on-chain (by possibly other nodes) and internally maintain the map of DIDs to the history of changes of their associated DID documents. | ||
- Clients can query any PRISM node and obtain a DID's historical change log information. | ||
- DID resolvers can take the output of PRISM nodes and construct the current DID document associated with a DID. | ||
- An additional consideration is that operations can be posted on-chain in blocks, helping on the scalability side and general reduction of fees. | ||
- | ||
In short, users can create, update and deactivate DIDs by posting respective actions on-chain. The operation of creating a DID can optionally not be published on-chain. Based on the operations posted on-chain, nodes can construct the DID Documents associated with a given DID. | ||
|
||
Additionally, the node provides an interface to track the status of operations submitted to the node. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,31 +1,15 @@ | ||
# Verifiable data | ||
|
||
Digital identity brings several flavors of authentication to the table. Verifiable credentials (VCs) are the most commonly referenced methodology, but there is a concept of verifiable data, which may leverage VCs or DIDs, but it is different. | ||
Verifiable data plays a crucial role in the emerging field of self-sovereign identity and verifiable credentials. In this context, verifiable data refers to data anyone can verify without a centralized authority or intermediary. | ||
|
||
Self-sovereign identity (SSI) is a concept that empowers individuals to take control of their own digital identities, which includes managing their data and controlling with whom it's shared. Verifiable credentials are a crucial component of SSI, as they allow individuals to share specific data about themselves (such as their name, date of birth, or educational qualifications) with others in a secure and trustworthy way. | ||
|
||
## Verifiable Credentials | ||
Creating verifiable credentials uses blockchain technology, cryptography, and standardized data formats. They consist of claims describing a particular aspect of an individual's identity or qualifications, along with cryptographic proofs that allow authentication of the claims. These proofs get created using public key cryptography, which enables anyone to verify that the data in the credential hasn't been tampered with or altered. | ||
|
||
VCs are claims made about a subject. A subject is typically the holder of the credential. Credentials can be anything. A few examples are below: | ||
Verifiable data in SSI and verifiable credentials have several significant benefits. | ||
|
||
First, it gives individuals greater control over their data and how it's shared. It can help reduce the risk of identity theft and fraud and make it easier for individuals to manage their identities across multiple contexts and services. | ||
|
||
| Issues and makes a claim | That the subject | | ||
| ------------------------------ | ------------------------------------------- | | ||
| Government | is a citizen | | ||
| Insurance company | is insured | | ||
| Streaming service | has an account | | ||
| Programming reputation website | subject has an account | | ||
| | and is proficient in a programming language | | ||
| Medical board | can practice medicine | | ||
| University | graduated with a specific degree | | ||
Second, verifiable data provides higher trust and security in online interactions. By allowing anyone to verify the authenticity of data, it's possible to establish trust and confidence in online transactions without needing a centralized authority or intermediary. As a result, it has important implications for various industries, from healthcare and finance to education and e-commerce. | ||
|
||
These claims are all verifiable by having the holder present the credentials to a verifier. Depending on the level of certainty required will determine how the credential is verified. Generally, if the issuing DID is trusted (via a governance framework and trust registry), there is assurance that the claims made by that issuer are valid. | ||
|
||
|
||
|
||
## Verifiable Data | ||
|
||
Authenticating a credential is a crucial function of an ecosystem, like validating the source material for a shirt. But what about where that material went from the source? What ports did it stop at, for how long, who handled it, etc.? This functionality is possible if an ecosystem is utilizing digital identity. Third-party auditors, insurers, etc., would also be able to verify the authenticity of the data. In supply-chain ecosystems, this data would be invaluable. | ||
|
||
|
||
|
||
> Figure 1.1 Image showing shirt being sourced and moving through ecosystem | ||
Verifiable data is critical to the emerging field of digital identity. Verifiable data will change how we manage and share our identities online by enabling individuals to take control of their data and providing a higher level of trust and security in online interactions. |