Current location - Quotes Website - Signature design - Application Analysis of Decentralized DID Identity Authentication
Application Analysis of Decentralized DID Identity Authentication

The purpose of decentralized DID is to support the sharing of IDs in multiple networks and achieve interoperability on the premise of protecting user privacy, thereby building a better web ecosystem. The previous chapter, Technical Analysis of Decentralized DID Identity Authentication, introduced the basic technical principles of DID. In this chapter, we briefly describe several DID usage scenarios.

Nowadays, people are used to scanning the WeChat code to log in, or using Alipay to authorize login, etc., so that they can directly log in to third-party websites using their WeChat account or Alipay account. Therefore, our personal information is kept by WeChat and Alipay. We believe that these large websites will not crash or leak our data. However, the phenomenon of "big data killing familiarity" is a counterexample. Websites use our data to control our payments. This is a drawback of centralized management of user information.

Take the registration of primary school students as an example. When registering, parents need to show their household registration book (to prove that the child’s household registration is in the local area and is indeed the parent’s child), and the real estate certificate (to prove that the house belongs to the parent and the house belongs to the parent). It also belongs to the school to which it belongs) plus other marriage certificates, vaccination certificates, etc. These certificates are all in paper form and have been stamped and confirmed by the relevant departments. It's just that it's very troublesome to use. Parents need to bring all the documents. If they are lost, it is very cumbersome to replace them.

The "Guangdong Health Code" and "Macau Health Code" interoperability project implemented by WeBank is based on blockchain + DID technology to achieve cross-border identity authentication, so that mainland tourists going to Macau, in addition to In addition to providing nucleic acid certificates, you only need to apply for the "Guangdong Health Code" to easily pass the customs. There is no need to fill in the Macao local health code again.

Take buying a house again as an example. In the early stage of buying a house, the sales office will ask the buyer to show a proof of funds (such as a deposit > 5 million). In this case, the buyer will need to transfer funds from several banks. Go to a bank, collect 5 million, and then issue a certificate to the sales office. For home buyers, moving funds back and forth between several banks is a loss, and the amount is also revealed.

It will be much more convenient if DID is used (the premise is that multiple banks, home buyers, and sales offices have already registered DID on the blockchain). The process is as shown in the figure below.

The home buyer has bank deposit certificates VC given by multiple banks. He can combine the amounts in these VCs, and then add the zero-knowledge proof ZKP proof to hide the specific amount, and then transfer it after signing. The VP will be sent to the sales office. After the sales office verified the correctness of this VP and the proof of zero-knowledge proof ZKP, it was confirmed that the home buyer had more than 5 million in funds, but did not know the specific amount.

With the expansion of the types of IoT devices, the data of the Internet of Things has gradually become richer. However, the security of the Internet of Things devices and the credibility of the Internet of Things data have gradually attracted people's attention.

If IoT devices can be identified with DID, the security of IoT devices can be controlled and the credibility of the data can be confirmed from the source.

Take the machines in a factory as an example. Each machine is assigned a DID by its manufacturer. When the machine is running, a large amount of production data will be generated. These production data (non-sensitive) can be signed, and the data, signature results and DID are saved on the blockchain.

The machine manufacturer can know the operating status of the machine based on the data on the chain, which facilitates better after-sales maintenance services.

When an enterprise needs a loan, the bank can judge the production and operation status of the enterprise and assess the loan risk based on the production data on the blockchain and the endorsement of the machine manufacturer. (This is also a scenario where blockchain is used across multiple organizations)

Take cloud disk data sharing as an example. If I want to send some photos on the network disk to publishers, Just apply for a link on the cloud disk, add an access password, and give it to the publisher for access. The publisher can retrieve the photos with this number, but the password may be reused by others, causing my photos to be leaked.

Using the DID method, data can be shared to users relatively safely, as shown in the figure below (premise: the data custodian, data party, and user have all registered DID on the blockchain) .

This chapter briefly introduces several usage scenarios of DID, which I have collected so far. But what you learn on paper is ultimately shallow. In the future, you can try a variety of DIDs and discover more real applications.