Towards an identity management solution on Arweave (2412.13865v3)

Abstract: Traditional identity management systems, often centralized, face challenges around privacy, data security, and user control, leaving users vulnerable to data breaches and misuse. This paper explores the potential of using the Arweave network to develop an identity management solution. By harnessing Arweave's permanent storage, our solution offers the users a Self-Sovereign Identity (SSI) framework, that uses Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to allow individuals and other entities to create, own, and manage their digital identities. Further, the solution integrates privacy-preserving technologies, including zero-knowledge proofs and the BBS(+) signature scheme, enabling selective disclosure. This approach ultimately enhances user privacy and supports compliance with European Union legislation and regulatory standards like the General Data Protection Regulation (GDPR) by design.

• The paper proposes a foundational framework for a decentralized identity management solution on Arweave, leveraging Self-Sovereign Identity (SSI) standards like Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).
• The solution outlines a three-phase technical implementation process on Arweave, involving DID registration, generating VCs with selective disclosure using BBS(+) signatures, and identity verification via zero-knowledge proofs.
• The authors analyze the proposed framework against key requirements including privacy, security, user consent, and GDPR compliance, comparing it favorably to other blockchain IdM solutions while highlighting Arweave's unique permanence.

Towards an Identity Management Solution on Arweave

The paper "Towards an identity management solution on Arweave," authored by Andreea Elena Dragnoiu and Ruxandra F. Olimid, explores the feasibility of creating a decentralized identity management (IdM) solution on the Arweave network. The need for such a system stems from the limitations of traditional centralized identity management systems, which are often plagued with issues related to privacy, data security, and user data control.

Overview of Arweave and Identity Management

The paper begins by introducing the concept of a digital identity as a collection of electronic attributes uniquely identifying an entity in the digital field. The authors critique traditional identity systems for their reliance on centralized authorities and highlight the benefits of blockchain-based digital identities, which favor transparency, security, and immutability.

Arweave, a decentralized platform known for its permanent data storage capabilities, emerges as a suitable candidate for implementing such a blockchain-based IdM. Notably, the paper's proposed solution lays the groundwork for a Self-Sovereign Identity (SSI) framework, which utilizes Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). In this design, users maintain comprehensive control over their digital identities.

Technical Framework and Implementation

The research outlines a three-phase implementation approach on Arweave.

1. Setup and Registration: Entities generate key pairs and create DIDs, which are stored on Arweave. The ArNS names are used for mapping these identifiers, providing a convenient way to reference DIDs.
2. VCs and zk-proofs Generation: The Issuer signs the VCs using the BBS(+) signature scheme, ensuring selective disclosure. Users can generate zero-knowledge proofs to substantiate specific identity claims without disclosing additional information.
3. Identity Verification: This phase involves verifying identity claims using the data and zk-proofs provided by the holder.

Discussion and Analysis

The paper provides a thorough analysis against several requirements essential for an effective IdM, which include correctness, availability, user consent, and privacy. The authors specifically address compliance with the European Union's regulations like the General Data Protection Regulation (GDPR).

Privacy and security are emphasized—DID documents avoid storing sensitive data, using cryptographically strong means like the BBS(+) scheme for selective disclosure and privacy preservation. The authors discuss the limitations in terms of unlinkability and introduce potential solutions for enhancing privacy, such as temporary identifier usage for each verification.

Comparison with Other IdM Solutions

The authors compare their proposed solution with existing blockchain-based IdM solutions like Sovrin, Veramo, and Civic, emphasizing that their solution leverages the permanence and decentralization features unique to Arweave. Unlike other solutions focused on specific blockchain ecosystems, the proposed method integrates well with decentralized identity standards, providing a universal approach.

Implications and Future Directions

The paper predicts significant implications for the development of SSI frameworks on decentralized platforms, aligning with modern privacy standards while offering users comprehensive control. It suggests potential future work in refining the solution’s security, implementing it extensively, and exploring its applicability across other domains.

Overall, this paper represents a technical contribution to the ongoing dialogue about decentralized identity management. It proposes a foundational framework for leveraging Arweave's unique capabilities in building IdM systems, balancing the desirable goals of privacy, user sovereignty, and regulatory compliance. As the digital landscape evolves, solutions such as this may play a critical role in shaping secure and decentralized digital identity ecosystems.