Björn Wagner edited this page Nov 4, 2016 · 3 revisions

SMS Verification

This is the proof-of-concept demonstration infrastructure for Parity's identity certification component. It provides user certifications, variously known as badges, flair and certificates. Through an on-chain registrar contract, certifiers may each be inspected by the Parity Wallet or the Parity Identity Information Service.

This particular demonstration provides a proof-of-unique-phone-number service using an SMS gateway, allowing a user to pay a small fee to receive an SMS which provides the correct response to get their identity certified. A hash of the standard form phone-number is kept in the contract to ensure that the user cannot use the same number twice.

Certifier contract

The Certifier contract provide the basic API that all certifier contracts must implement.

contract Certifier {
    /// Called when a new account `who` is confirmed as certified with this contract.
    event Confirmed(address indexed who);

    /// Called when a new account `who` has a previous certification with this 
    /// contract annulled.
    event Revoked(address indexed who);

    /// Inspection function to check whether a particular account `_who` is certified.
    /// Returns `true` iff it is.
    function certified(address _who) constant returns (bool);

    /// Inspection function to return the metadata of key `_field` on the certification
    /// of account `_who`.
    /// There are several variants of this function. This variant returns metadata in
    /// `bytes32` format.
    function get(address _who, string _field) constant returns (bytes32);

    /// Inspection function to return the metadata of key `_field` on the certification
    /// of account `_who`.
    /// There are several variants of this function. This variant returns metadata in
    /// `address` format.
    function getAddress(address _who, string _field) constant returns (address);

    /// Inspection function to return the metadata of key `_field` on the certification
    /// of account `_who`.
    /// There are several variants of this function. This variant returns metadata in
    /// `uint` format.
    function getUint(address _who, string _field) constant returns (uint);
}

We provide an example of a Certifier contract called SimpleCertifier. This contract has an owner (provided through the Owned derivation) and implements the Certifier interface. The owner may nominate a delegate who in turn has the power to certify accounts at will. It is assumed a secure service will control the delegate account and certify accounts according to some predetermined process such as proof that a particular event happened.

contract SimpleCertifier is Owned, Certifier {
    /// The modified function may only be called by delegate designated by the contract
    /// owner.
    modifier only_delegate { if (msg.sender != delegate) return; _; }

    /// The modified function may only be called if `_who` is currently certified.
    modifier only_certified(address _who) { if (!certs[_who].active) return; _; }

    /// A certification; we maintain a boolean `active` which is true iff this represents
    /// a valid and active certification. We also track metadata under `meta` which relates
    /// arbitrary `bytes32` data with particular `string` keys.
    struct Certification {
        bool active;
        mapping (string => bytes32) meta;
    }

    /// Certify the account `_who`.
    function certify(address _who) only_delegate {
        certs[_who].active = true;
    }

    /// Revoke the certification of `_who`.
    function revoke(address _who) only_delegate {
        certs[_who].active = true;
    }

    /// See Certifier.
    function certified(address _who) constant returns (bool) { return certs[_who].active; }
    /// See Certifier.
    function get(address _who, string _field) constant returns (bytes32) { return certs[_who].meta[_field]; }
    /// See Certifier.
    function getAddress(address _who, string _field) constant returns (address) { return address(certs[_who].meta[_field]); }
    /// See Certifier.
    function getUint(address _who, string _field) constant returns (uint) { return uint(certs[_who].meta[_field]); }

    /// Nominate a new delegate; this may only be called by the contract owner.
    function setDelegate(address _new) only_owner { delegate = _new; }

    /// The root mapping between addresses and certificates.
    mapping (address => Certification) certs;

    /// The nominated delegate begins as the de facto owner.
    address public delegate = msg.sender;
}

This repository contains the ProofOfSMS contract which demonstrates how one might integrate a challenge-response mechanism into this service.

Clone this wiki locally
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.