Decentralized Identity Archives

Exploring The World Of Hyperledger Indy By Building A DID Solution

Posted on January 27, 2023January 27, 2023 by Ashwini Singh

Hyperledger Indy is an open-source framework based on distributed ledger technology for providing self-sovereign identity. It is one of the Hyperledger projects hosted by The Linux Foundation.

Indy provides a framework for creating and managing digital identities that are verifiable, private, and portable. Allowing individuals and organizations to create, manage, and store their own digital identities and provide tools for verifying the authenticity of these identities.

It is designed to be a foundation for developing various identity-related applications, such as digital identity verification, secure sharing of personal information, and digital signing. It is also suitable for use cases such as providing secure access to online services, creating digital identities for IoT devices, and enabling secure communication between organizations.

Indy is built using a modular architecture, which allows developers to add new features and functionality and customize the platform to meet their specific needs.

In summary, Hyperledger Indy offers a distributed ledger technology that allows individuals and organizations to create, manage, and store their own digital identities securely and independently. Its flexible and modular architecture allows developers to add new features, customize them to their specific needs, and build various identity-related applications.

Hyperledger Indy’s Key Features

Hyperledger Indy has several key features that make it well-suited for use cases related to digital identity management:

1. Self-Sovereign Identity

Hyperledger Indy provides individuals and organizations with the ability to create, manage and control their own digital identities without the need for a centralized authority.

2. Decentralized & Distributed

Indy uses a decentralized and distributed ledger technology, which ensures that digital identities are tamper-proof and transparently managed.

3. Verifiable & Private

Indy allows for the creation of digital identities that are verifiable, private, and portable. It uses digital signatures to verify the authenticity of identities and encrypts personal information to protect privacy.

4. Interoperable

It is designed to be interoperable with other identity systems and can be integrated with other technologies, such as biometrics and blockchain.

5. Modular Architecture

Indy’s modular architecture allows developers to add new features and functionality to the platform and customize it to meet their specific needs.

6. Scalable

It can handle a high volume of transactions and many digital identities, making it suitable for large-scale use cases such as providing digital identities for IoT devices.

7. Compliance

Hyperledger Indy’s design allows for compliance with various regulations and standards, such as GDPR, HIPAA, and others.

8. Identity Verification

Indy provides a framework for creating and managing digital identities that are verifiable, private, and portable. It allows individuals and organizations to create, manage and store their own digital identities and provides tools for verifying the authenticity of these identities.

9. Secure Access To Online Services

Hyperledger Indy enables secure access to online services with the use of digital identities.

Hyperledger Indy Benefits

Here view a few crucial user-centric features of Hyper Hyperledger Indy:

The Hyperledger Indy Projects

It is composed of several projects that work together to provide a platform for self-sovereign identity management. These projects include:

Indy Node: The core component of Hyperledger Indy, responsible for maintaining the distributed ledger and providing a RESTful API for interacting with the ledger.
Indy SDK: A software development kit that provides libraries and tools for building applications that interact with Hyperledger Indy.
Indy CLI: A command-line interface for interacting with the Hyperledger Indy platform.
Indy Plenum: A Byzantine Fault Tolerant (BFT) consensus algorithm for the Hyperledger Indy platform.
Indy Agent: A software agent that can act on behalf of a digital identity and perform actions such as creating and managing digital credentials.
Indy Wallet: A client-side library for managing digital identities and digital credentials in a secure and user-friendly way.
Indy Credx: A library for creating and managing digital credentials that can be used to prove attributes of a digital identity.
Indy Anoncreds: A library for creating and managing anonymous credentials that can be used to prove attributes of a digital identity without revealing the identity itself.
Indy Ledger: A library for creating and managing a distributed ledger, which is the backbone of the Hyperledger Indy platform.
Indy Config: A library for configuring and customizing the Hyperledger Indy platform for different use cases and deployment scenarios.

Together, these projects provide the necessary tools and functionality for creating, managing, and verifying digital identities on a decentralized and distributed ledger, as well as building various identity-related applications.

8 Simple Steps To Create DID Using Hyperledger Indy CLI

Here is a step-by-step guide to creating a Decentralized Identifier (DID) using the Hyperledger Indy CLI:

Step 1

Instal a version of libindy that’s built, installed, and callable in the system path. For building and installing libindy follow the instruction here.

Step 2

Run the Indy pool on your system. To run an Indy pool, follow the instruction in a given document.

Step 3

Start the CLI by running the command “indy-cli” in the terminal.

Step 4

Create a new wallet by running the command “wallet create” and by providing a name and passphrase for the wallet while entering the command.

wallet create   your_wallet_name  -key

Here are the options available when creating a new wallet with the Hyperledger Indy CLI:

name - Identifier of the wallet 

key - (leave empty for deferred input) Key or passphrase used for wallet key derivation. 

            Look at the key_derivation_method param for information about supported key derivation methods. 

key_derivation_method - (optional) Algorithm to use for wallet key derivation. One of: 

                                    argon2m - derive secured wallet key (used by default) 

                                    argon2i - derive secured wallet key (less secure but faster) 

                                    raw - raw wallet key provided (skip derivation) 

storage_type - (optional) Type of the wallet storage. 

storage_config - (optional) The list of key:value pairs defined by storage type. 

storage_credentials - (optional) The list of key:value pairs defined by storage type.

Examples:

wallet create your_wallet_name  key

wallet create your_wallet_name key storage_type=default

wallet create your_wallet_name  key storage_type=default storage_config={"key1":"value1","key2":"value2"}

Step 5

Open the wallet by running the command “wallet open” and by providing the wallet name and passphrase.

wallet open your_wallet_name key

Step 6

Create a new DID (Decentralized Identifier) by running the command “did new” and providing a seed (a string of random characters) for the DID. The seed is used to generate the private key for the DID.

didnew [did=<did-value>] [seed[=<seed-value>]] [method=<method-value>] [metadata=<metadata-value>]

Here are the options available when creating a new DID with the Hyperledger Indy CLI:

did – (optional) Known DID for new wallet instance
seed – (oponal) (leave empty for deferred input) Seed for creating DID key-pair (UTF-8, base64 or hex)
method – (optional) Method name to create fully qualified DID
metadata – (otiptional) DID metadata

Examples:

did new did=VsKV7grR1BUE29mG2Fm2kX 

did new did=VsKV7grR1BUE29mG2Fm2kX method=indy 

did new did=VsKV7grR1BUE29mG2Fm2kX seed=00000000000000000000000000000My1 

did new seed=00000000000000000000000000000My1 metadata=did_metadata

Step 7

Verify that the DID was created and stored by running the command “did list” which should show the newly created DID in the list of identities stored in the wallet.

Step 8

Use the DID to sign and verify messages or to encrypt and decrypt data by using the corresponding commands.

Hyperledger Indy Use Cases

Wrapping Up

In conclusion, creating a Hyperledger Indy DID use the command-line interface (CLI) is a straightforward process that involves installing the Indy CLI, creating a new wallet, generating a new DID, and storing the DID in the wallet. By following the steps outlined in this blog post, developers can quickly and easily create a new digital identity using Hyperledger Indy. This is just the beginning of what Hyperledger Indy can do.

The possibilities are endless as it can be integrated with other technologies (NodeJS, .NET, and Python) to create robust and secure decentralized applications. Hyperledger Indy is a powerful tool for building decentralized identity systems and is well-suited for a wide range of use cases, from enterprise and government applications to personal identity management; if you are planning to develop such projects, connect with Infrablok. It will help you get experts who can help you design apps from scratch.

Short Guide To Decentralized Identity System

Posted on January 19, 2023January 19, 2023 by Ashwini Singh

Decentralized Identity (DID) systems are a new approach to identity management that seeks to give individuals and organizations more control over their own digital identity. DID systems are based on the concept of self-sovereign identity, which means that the individual or organization is in charge of their own identity rather than relying on a centralized authority (such as a government or large corporation) to issue and manage their identity.

Benefits Of A Decentralized Identity System

There are several key benefits of a Decentralized Identity System, some of which are:

Increased Control & Privacy: In a decentralized identity system, the individual or organization is in control of its own identity and can choose what information is shared and with whom. It can help to protect privacy and prevent identity theft.

Interoperability: DID systems are designed to be interoperable, meaning that they can work with different decentralized platforms and technologies. This makes it easier for individuals and organizations to use their digital identities across various applications and services.

Decentralization: DID systems are decentralized, meaning that any organization or person does not control them. It can help prevent censorship and ensure the system is more resilient and secure.

Introducing decentralized identity systems to individuals and organizations can help offer increased control and privacy, interoperability, and decentralization. Moreover, it provides examples of how DID systems can be used in real-world scenarios, such as logging into websites or accessing medical records.

How Does A Decentralized Identity System Work?

A Decentralized Identity System includes the following main elements:

Blockchain

A Decentralized Database shared among computers in the blockchain network records information in such a way that it makes it very difficult to change, hack, or cheat the system.

Decentralized Identity Wallet

A DID is a digital wallet that manages DIDs and the private keys associated with them. It allows the owner of the DID to sign digital documents or transactions and access services or applications that require DID authentication.

To use a DID wallet, the owner of the DID will typically need to install a DID wallet application on their device. They can then use this application to create a new DID or import an existing one. Once the DID is brought into the wallet, the owner can sign transactions or access services that require DID authentication.

In addition to storing a DID and its associated private key, a DID wallet can store other cryptographic keys or credentials. It can be useful for managing access to multiple services or applications that require DID authentication.

Overall, DID wallets play a central role in the functioning of a DID system. They allow individuals and organizations to manage and use their DIDs to authenticate their identity online and provide a secure way to store and access the private key associated with a DID.

Decentralized Identifiers

Decentralized Identifiers (DIDs) are new identifiers that allow individuals and corporations to take control of their online identities. They are decentralized, meaning that any single entity, such as a government or corporation, does not control them. In contrast, distributed ledgers like Blockchains can be used to verify identity securely and transparently.

One of the key benefits of DIDs is that they allow individuals to have more control over their personal information and how it is used. For example, if you have a DID, you can choose which organizations or individuals can access your personal information and revoke access at any time. It can assist in reducing the risk of identity theft and protect your privacy.

Overall, DIDs are a promising technology that has the prospect of revolutionizing the way we assume about and manage online identity.

Decentralized Identifier (DID) Key Component

There are several key components of a Decentralized Identifier (DID):

DID Document: It contains information about the DID, including the methods that can be used to authenticate the DID and the associated services.
DID Method: This is a set of rules that define how a DID can be used and how it is stored on a distributed ledger.
DID URI: It is a unique identifier that is associated with a DID and is used to look up the DID Document.
DID Controller: This entity controls the DID and has the authority to update the DID Document.
DID Subject: This is the entity with which the DID is associated, such as an individual or organization.
Service Endpoint: This URL can access a service associated with the DID, such as a messaging or a payment service.

Overall, these components work together to create a decentralized system for managing identity that is secure and transparent and gives individuals and organizations more control over their personal information.

Verifiable Credential (VC)

Digital, cryptographically secured versions of the paper and digital credentials that individuals can represent to organizations needing them for verification. These are the main parties in the VC system:

Holder: A user who receives a Verifiable Credential after creating a decentralized identifier with a digital wallet app.
Issuer: The association signs a Verifiable Credential with their private key and issues it to the holder.
Verifier: A party that checks the credentials and can read the issuer’s public DID on the blockchain to verify if the Verifiable Credential the holder shared was signed by the issuer’s DID.

Know How Centralized Identity System Flow Works with DID & Verifiable Credential?

Here is an example of how a centralized Identity system flow Works with DID and Verifiable credentials:

1. Issuance

A subject (e.g., an individual) requests a verifiable credential from an issuer (e.g., a government agency). The issuer verifies the claims made by the subject and issues the verifiable credential, a digital record containing the claims, and a digital signature from the issuer.

2. Storage

The subject stores the verifiable credential in a decentralized identity wallet, a secure digital repository for storing and managing decentralized identifiers and verifiable credentials. The subject’s decentralized identifier, a self-owned identifier that is unique and cryptographically verifiable, is use to identify & authenticate the wallet of the subject.

3. Presentation

The subject presents the verifiable credential to a verifier (e.g., a service provider) as proof of a specific claim (e.g., age, employment status). The verifier can verify the verifiable credential’s authenticity by checking the issuer’s digital signature and the subject’s decentralized identifier.

4. Verification

If the verifier trusts the issuer and the subject’s decentralized identifier, it can accept the verifiable credential as evidence and grant the subject access to a service or other benefit. Additionally, if the verifier does not trust the issuer or the subject’s decentralized identifier, it can request additional evidence or information from the subject.

DID Protocols and Frameworks

Several decentralized identity protocols have been developed to enable the creation and management of DIDs. Some of the most widely used DID protocols include:

World Wide Web Consortium’s (W3C) DID Specification: This is the primary standard for DIDs, and it defines a common syntax and structure for DID records, as well as a set of standard methods that can be used to create, update, and deactivate DIDs.

Hyperledger Indy: This is an open-source framework for building decentralized identity applications. It includes a set of modular components that one can use to create and manage DIDs on various blockchains.

Hyperledger Indy is a permissioned blockchain, meaning only authorized participants can access the network. Moreover, it can provide better privacy protection for identity information than public blockchains, where data is visible to anyone.

Veramo: It is a JavaScript (JS) framework that makes it easy for anyone to employ cryptographically verifiable data in their applications. Developers can use DIDs, verifiable credentials, and data-centric protocols to provide next-generation features to their users.

Overall, DID protocols provide a set of rules and standards that are used to create, manage, and use DIDs in a decentralized manner.

Wrapping Up

With decentralized identity technology, many problems caused by centralized and federated identity management systems can be solved, including certificate fraud, slow and expensive verification processes, and data breaches.

Moreover, you can connect with a reliable Blockchain company like Infrablok to get tools and infrastructure for creating DIDs on the permissioned and permissionless blockchains using Veramo and Hyperledger Indy.