Self-sovereign identity (SSI) is an ever increasingly important concept to enable users control over their own data and let them share it with whom they want. Today, data rests in centralized databases that belong to big enterprises with little transparency into how the data is actually being used and for what purpose.
SSI turns this around and data starts with the users, actually resting at users own device at first. Then it is up to the users to choose with whom and what data they share. Additionally, privacy-preserving features, such as selective disclosure and predicates enhance the user to share data without sharing it all or just prove simple facts about the data.
There are many great tools and infrastructures that can handle SSI, and Partisia Blockchain’s MPC technology adds a new component to the stack that enables new business models, enhances privacy for the data-driven economy, and will take your project ahead of the competition. So read on if you are a builder of the US$27 billion global digital identity market that is expected to expand at a CAGR of 17.2% from 2023 to 2030.
First things first, digital identity usually revolves around three actors: issuer, holder, and verifier.
The issuer issues verifiable credentials to the holder, and the holder can then present the credentials to a verifier who can verify the content by digital signatures and Decentralized Identifiers (DIDs) that may be on a blockchain. For most digital identity use cases, DIDs and associated DID documents are the only elements that get on the blockchain. We do not take a deep dive on this in this article.
DIDs and verifiable credentials are some of the essential components that make up digital identity, especially digital identity that works with decentralized networks. DIDs are a type of address that is generated to manage digital signatures, and verifiable credentials are credentials created and issued by any issuer based on their DIDs.
To enable real SSI, the users will have to store all data themselves at first, often in digital identity wallets, and only then will the user be in full control. The data itself can be data inputs from users such as personal Identifiable Information (PII) or digital verifiable credentials issued by a third-party, e.g. KYC provider issues KYC claim as digital verifiable credential. Credentials are often issued and exchanged by an agency that establishes secure peer wise connections.
Multiparty computation (MPC) is a groundbreaking technology that allows multiple data inputs to remain private while still being computed on and only sharing the outputs. The computing itself is carried out by specially selected MPC validator nodes who each compute on secret shares of the data and privacy is guaranteed by cryptography.
Compared to ZK proofs, such as zk-SNARKs, MPC is a game changer that allows computing on any function. This takes digital identity to the next level because it is now not only possible to share data with privacy features, but also carry out decentralized computation on private data and write business logic into private and public smart contracts to orchestrate the process and rules.
As we learned before, ZK proofs are good for simple presentations about specific data, e.g. a verifiable credential issued by an employer can be used to prove to the bank that you earn more than US$80,000 a year to qualify for a loan without revealing the exact amount you earn.
Now imagine that we need to compute statistics on multiple inputs from multiple users and compare a single person’s salary to the average, all while preserving privacy. ZK proofs cannot handle general computations on multiple inputs and comparison is limited to two users presenting against each other, so another system would have to support it. This is where Partisia Blockchain’s MPC comes to save the day! MPC on Partisia Blockchain can handle multiple inputs and preserve the privacy while carrying out efficient general computation.
Even though all smart contracts and data can be private, it is often worth considering only to push the most sensitive data and operations into private computation because it is generally more expensive than public computation. This goes for all ZK technology. For instance, if you want to calculate the average salary of employees, you might consider just the salary as private inputs plus pseudonymized identity, and then do statistical calculations in the public space.
When we look at DID/SSI solutions, the business requirements of the implementation usually go past simple verification of ID. DID/SSI proof is just the first step. The real challenge is what other data do you need after the verification. Perhaps it is to verify that this person has proper credentials for accessing a system. Or another popular use case for DID is to verify a user has enough assets to pay for something without revealing their total asset holding. Another app that is looking to build on our system is trying to create a persona on-chain, which advertisers can target, without revealing personal information about the user themselves.
In all these use cases, a simple proof system becomes too expensive and slow due to the fact that each individual parameter must require a proof. When you have 10 users, maybe this is possible. But what happens when you need to scale to 1000 or 10,000 users? And proofs are not computations. It is unable to compute the various different private data for analysis.
This is where MPC can extend the functionality of DID/SSI to create multi-functional applications. Through MPC you can both prove and compute multiple parameters in a single computation and include all the additional business requirements while keeping the data private.
During the pandemic, many attempts were made to create a Covid-19 passport so citizens could prove they were either vaccinated or tested negative while preserving privacy. Zk proofs are good for this, but limited to only presenting yes/no results to a verifier without extensive physical verification such as ID cards, which would compromise SSI principles.
In collaboration with HES-SO Valais-Wallis, Partisia Blockchain developed a solution where identification is reduced to matching an individual’s face with an image of the person’s face powered by MPC in order to increase security and privacy. The Partisia Blockchain ensures trustworthy information is broadcasted to the verifier and MPC ensures that the private information about the citizen is used only for matching and kept hidden for the verifier.
Most may not know, but generating random numbers is hard. It is quite surprising because many people will think, “well, I can just come up with a random number off the top of my head!” However, randomly coming up with a number in your head, as well as other solutions to generate random numbers has fundamental flaws. And this is a big problem. Generating a fair unbiased random number is critical. In fact, random number generators are used everywhere.
The first place many would think of random numbers being useful is in games of chance. But would you be surprised if you knew that reading this article required the use of a random number generator? The website hosting this article is protected by a cryptographic key, which relies on generating a random set of values to be used for the encryption key.
Generating numbers at random is difficult. At a high level, there are two main issues with generating random numbers: predictability and bias/corruption issues.
The predictability issue for RNG can be seen in both human- and machine-generated random numbers. For example, there is a famous problem called Benford’s Law that states any random number that someone thinks about has a 30% chance of starting with the number 1. When you want to have a chance of a number being generated to be equal in percentage, then this becomes a problem. If you use a computer program to generate random numbers, you are using a structured code. This means, after multiple iterations, someone can reverse engineer the numbers to find the pattern and predict what the next number could be, especially if the code being used is weak.
From a bias and corruption perspective, the current systems can also be gamed to give favor to someone. For instance, if a set group of people decide they will choose random numbers and run through some function to compute a random number, one person may withhold showing their number until they see what the other people have chosen. Then, once he knows the numbers of the other participants, he can choose a number that would compute the random number to his favor. From a machine generated random numbers, since most systems have a central system that is generating the numbers, anyone who has control of that system could also manipulate the numbers being generated to their favor.
So how can we create a system where it is both unpredictable and bias free? Through MPC and Partisia Blockchain, we can solve both problems. Through smart contracts, players in the system generate a random number. This random number is then privatized and sent into the PBC blockchain. A zero-knowledge computation is done, in a similar way as done through secret sharing and through a computation, a random number is revealed.
Through combining multiple players and secret sharing, developers can create a system to come up with a random number that is free from bias, incorruptible and impossible to predict. And Partisia Blockchain’s smart contract language will afford developers to customize this solution to their specific requirements.
By creating a programming language that allows for developers to use MPC in a generic way, Partisia Blockchain Foundation has made the creation of applications that can harness the power of MPC for different use cases a possibility. Partisia has been at the forefront of providing private MPC solutions since 2008. And by layering this technology on top of an interoperable and scalable blockchain, Partisia Blockchain is now paving the way for anyone to create solutions that can balance privacy and transparency to build trust.
To learn more about different use cases or partner with us for solutions, please visit partisiablockchain.com, check out our Medium articles, development documentations or email us at firstname.lastname@example.org.