Hey all! Just recently, we released a new major version of the jolocom-lib library - we refactored the API structure to make it more suitable for common identity use cases and added some new functionalities. We also documented the configuration of the library as well as the implementation of the basic flows.
You can read the release notes on our GitHub page: https://github.com/jolocom/jolocom-lib
As always, we would love to hear your thoughts if you’re using it!
For any devs interested in taking a look at the newly released #SSIpaper "Self-sovereign Identity: A position paper on blockchain enabled identity and the road ahead," let us know what you think – http://bit.ly/ssi_paper 🎉
As part of Bundesblock, Jolocom worked together with 20+ leading groups in the identity field to provide a clear description of SSI, the problems that motivate it, its potential use cases and questions evolving around its implementation.
@canadaduane Hi Duane, thanks for your question!
Here's a broad overview of our approach and solution to decentralized identity management (tried to keep it as concise as possible).
The Jolocom team develops a protocol that enables all types of entities (individuals, organizations, smart agents) to create and interact with self-sovereign digital identities. The Jolocom protocol is open source + implements the DID/DID document specifications from the W3C, as well as open standards for verifiable credentials (see below).
Jolocom is blockchain agnostic, allowing for integration with different distributed ledger technologies and different storage configurations. Currently we use the Rinkeby test network as a trust layer to resolve a DID to a DID document (only a DID and a reference to a DID doc is stored on Ethereum). The DID document is stored on IPFS, where public credentials could be stored in the future.
The jolocom-lib library includes functionalities around identity creation and registration as well as verifiable credentials creation and verification. Key generation is carried out client-side (entropy created by user swiping across device screen). The BIP 32/39/44 standards are used for the hierarchical derivation of Jolocom identity key pairs. Multiple personas can be modeled using HD key derivation, providing anonymous identities. If any child key is compromised, other keys derived from the same master key are unaffected. While we currently rely on entropy generated by a user’s device, but entropy can be proffered by other sources, such as hardware wallets or crypto chips, which provide an even higher quality of entropy. Regarding client-side storage, Jolocom encrypts user data, master key pairs, and derived child key pairs with the user’s passphrase.
All identity attributes, including private keys, are accordingly stored on a client’s device by default, and can only be controlled by the device owner. Users can attach a public profile to a DID document containing human-readable information about the user. Jolocom does not collect any user data; all public user data is stored on the Ethereum network and IPFS. Claims are also subject to expiration dates, so claims can be set up to become inaccessible after a predetermined time.
The system architecture gives individual identities control over their private keys and data, a prerequisite for self-sovereign identity. Furthermore, the system architecture follows existing and emerging standards in the digital identity space, including portability and interoperability as core design factors. Identities created using Jolocom’s solution should be easy to use across multiple devices and work in an unrestricted scope of application environments. Jolocom observes compliance to existing industry standards and best practices concerning decentralized digital identities, specifically the W3C DID/DID doc specification and the BIP 32/39/44 standards for the hierarchical derivation of Jolocom identity key pairs.
Hope that helps, Duane — let us know if you have any follow-up questions.
Also, for some further reading:
-- You can always delve into our documentation (updated regularly as the protocol and code matures)
-- And be sure to check out this recently published paper on self-sovereign identity that aligns especially well with Jolocom’s own approach to decentralized digital identity management and vision for a self-sovereign future of identity; the position paper comes from the German Blockchain Association (Bundesblock), and my colleague Kai Wagner (Jolocom) contributed a great deal to the writing and organization as an active member of the Identity working group