Introduction: Hi everyone, I would like to discuss EIP, which proposes a standard for decentralized identity verification on the Ethereum blockchain.
Motivation: Centralized identity verification methods are often cumbersome, prone to data breaches, and do not give users control over their identity data. This proposal aims to provide a secure, privacy-preserving method for identity verification that can be used by decentralized applications (dApps).
Abstract: This proposal introduces a standard for decentralized identity verification (DID) on the Ethereum blockchain. The standard aims to provide a secure, privacy-preserving method for identity verification that can be used by decentralized applications (dApps).
Specification:
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.0;
interface IDecentralizedIdentity {
struct Identity {
address userAddress;
bytes32 identityHash;
bytes32[2] verificationHashes;
bool isVerified;
uint256 timestamp;
}
event IdentityCreated(address indexed userAddress, bytes32 identityHash, uint256 timestamp);
event IdentityVerified(address indexed userAddress, bytes32[2] verificationHashes, uint256 timestamp);
event IdentityRevoked(address indexed userAddress, uint256 timestamp);
function createIdentity(bytes32 identityHash) external;
function verifyIdentity(bytes32[2] calldata verificationHashes) external;
function revokeIdentity() external;
function getIdentity(address userAddress) external view returns (Identity memory);
}
Rationale: The design leverages cryptographic hashes to represent identity information, ensuring that sensitive data is not stored directly on the blockchain. The use of verification hashes allows for flexible identity verification mechanisms, and the inclusion of events ensures transparency and traceability.
Security Considerations: Ensure that identity and verification hashes are generated using a secure hashing algorithm to prevent collisions and ensure the integrity of the identity data. Users have control over their identity data, which reduces the risk of unauthorized access and ensures privacy.
Feedback Request: I would love to hear your thoughts on the proposed standard, especially regarding the hashing methods used for identity verification and any potential improvements to the current design.
Conclusion: Thank you for taking the time to review this proposal. I look forward to your feedback and suggestions.