The current model of the internet does not empower the individual. Organizations solicit personal data for access to their services and platforms. These barriers to entry can lead to exclusivity and discrimination. A user must create an account that provides at least a name and email, and often age, date of birth, race and ethnicity for every online act. This data is shared with third parties, subjecting the user to a harassment of unsolicited emails, ads, and messages. Once the information is in an entity's hands there is no telling what other uses it is exploited for.
This process is repeated again and again for social media, retail, entertainment, event, financial, and professional accounts. The fracturing of our identity into countless pieces creates new vulnerabilities every time we engage with a service. The burden is on the user to manage access to all of these accounts for the privilege of private companies profiting from their data. This is an inefficient, broken system, without mentioning the challenges that arise if a password is forgotten.
Similarly, for every purchase made online the user has to enter their bank card or account information. This is a cumbersome and insecure process, creating new vulnerabilities when this data is transmitted or saved on a platforms centralized system. Blockchain technology solves the payment problem, requiring a user to simply sign a message to complete a transaction. However, payments are only one use case. Blockchain can also solve the broken identity management system, simply requiring message signing to access a new platform. The protocol that will make this possible is what we are building at Mu Methods.
No longer will a user need to give up personal information, creating a new account every time they want to access a service or join a community. When they access a new system it will only require a message to be signed in their wallet. Platforms will be connecting to their singular digital identity.
To accomplish this we have to fix the existing cryptographic identity system, then integrate it with payments and off-chain platforms. At Mu Methods we are laser-focused on step one: to provide a foundational identity infrastructure. Similar to the IPFS and blockchain solutions for p2p data transfer and asset management, our protocol is an open-source off-chain solution for public/private key management that can be utilized by any cryptographic identity provider. This network will address three primary issues: account linking, seed phrase recoverability, and decentralized application connectivity.
Currently connecting crypto accounts requires a user to import/export their seed phrase making it vulnerable to attack. If the seed phrase is unknown, they have to export it from their wallet. It may be stored incorrectly during this process, making it insecure. In addition, it adds a layer of complexity to the user experience. A user may create a new account every time they use a different wallet because they don't feel comfortable importing/exporting their seed phrase. Instead of importing/exporting our network will generate private linking keys to permission new accounts from a primary account, eliminating the need to access the seed phrase over and over again. Mu will generate permissioning private keys through state of the art signature schemes.
While this minimizes the need to access the seed phrase, it does not eliminate it. The current single failure point of recoverability is unsustainable and unscalable. If a user loses access to their account when they misplace their seed phrase they are unlikely to utilize it as a safe and secure method of identity and asset management. To solve recoverability for those instances in which a user has lost complete access to their account we will use key sharding. Instead of holding the entire seed phrase in one location it will be split and distributed among several nodes in the network. It is social recovery without the need of smart contracts or friends to distribute the shards to. If the user does not have trusted friends they will be provided with alternative locations for shard distribution. They will not be required to store their seed phrase.
In order to transition to the single-tap connectivity necessary to access platforms with our digital ID's, wallet connect standards need an update. Currently a user needs to choose which wallet they are connecting from to communicate with a dapp. Our network will remove this step, no longer requiring the user to choose their wallet. When a dapp proposes to sign a transaction it will go through our network to be signed by any device key. Rather than requesting the local account, the dapp is told what account is going to sign for which transaction. All keys will act from one device/account.
Once these features are functioning the personal identification details required to engage with certain platforms ie. name, age, address, email, social security number, etc. can be securely stored with the network. These proven personal identifiers are referred to as verified credentials. They are private and only accessible if a user permissions them to be. For example, when a bank requires verified identifiers to engage with a client the user can one-tap permission access to the specific and limited information requested.
While crypto payments are functional, they are not scalable. We are closely following legislation in the US and abroad regarding Central Bank Digital Currencies (CBDC) and stable-coins. Once crypto is legally defined traditional platforms' compliance departments will have a clear path to accepting crypto payments. Integrating these into the digital identities built on our network will eliminate the attack vectors created when financial account information is exposed.
We will begin onboarding to the network through pull requests and wallet reviews of the largest wallet providers by Unique Active Wallets. Additionally we will build a proof of concept wallet to demonstrate the networks functionality and security best practices. These strategies will upgrade existing wallet infrastructure as well as set a standard for new wallet providers.
Our vision will take several years to realize and require collaboration with companies across the Web3 ecosystem working on verified credentials, payment systems, and KYC integration. It is going to take many solutions to build this reality. If there are potential synergies between your product and ours, DM’s are open! We are eager to work together and build the future of self-sovereign identity.