Papers
Topics
Authors
Recent
Search
2000 character limit reached

The Mediterraneus Protocol: building an SSI native decentralised ecosystem of digital services

Published 20 Mar 2024 in cs.CR | (2403.13510v1)

Abstract: This paper presents, for the first time, the Mediterraneous protocol. It is designed to support the development of an Internet of digital services, owned by their creators, and consumed by users by presenting their decentralised digital identity and a proof of service purchase. Mediterraneous is Self-Sovereign Identity (SSI) native, integrating the SSI model at the core of its working principles to overcome the limitations resulting from using pseudonyms and centralised access control of existing Web3 solutions.

Authors (2)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (21)
  1. Ethereum Foundation, “Introduction to Web3.” https://ethereum.org/en/web3/, 2023.
  2. W. Entriken, D. Shirley, J. Evans, and N. Sachs, “ERC-721: Non-Fungible Token Standard, Ethereum Improvement Proposals, no. 721.” https://eips.ethereum.org/EIPS/eip-721, 2018.
  3. F. Vogelsteller and V. Buterin, “ERC-20: Token Standard, Ethereum Improvement Proposals, no. 20.” https://eips.ethereum.org/EIPS/eip-20, 2015.
  4. W3C, “Decentralized Identifiers (DIDs) v1.0. W3C Recommendation..” https://www.w3.org/TR/did-core/, 2022.
  5. W3C, “Verifiable Credentials Data Model v2.0. W3C Working Draft..” https://www.w3.org/TR/vc-data-model-2.0/, 2023.
  6. Ocean Protocol Foundation, “Ocean Protocol: Tools for the Web3 Data Economy.” https://oceanprotocol.com/tech-whitepaper.pdf, 2022.
  7. Ethereum Foundation, “Ethereum Accounts.” https://ethereum.org/developers/docs/accounts, 2023.
  8. Ocean Protocol Foundation, “Fine-Grained Permissions.” https://docs.oceanprotocol.com/developers/fg-permissions, 2023.
  9. Ethereum Foundation, “Ethereum.” https://ethereum.org/en/.
  10. Fondazione LINKS, “Mediterraneus protocol.” https://cybersecurity-links.github.io/mediterraneus.
  11. S. Popov, “The Tangle.” https://assets.ctfassets.net/r1dr6vzfxhev/2t4uxvsIqk0EUau6g2sw0g/45eae33637ca92f85dd9f4a3a218e1ec/iota1_4_3.pdf, 2018.
  12. J. Benet, “IPFS - Content Addressed, Versioned, P2P File System. White Paper..” https://github.com/ipfs/papers/raw/master/ipfs-cap2pfs/ipfs-p2p-file-system.pdf.
  13. Ethereum Foundation, “Ethereum Virtual Machine (EVM).” https://ethereum.org/en/developers/docs/evm/, 2023.
  14. Evaldas Drasutis, “IOTA Smart Contracts.” https://files.iota.org/papers/ISC_WP_Nov_10_2021.pdf, 2021.
  15. IOTA Foundation, “Digital Identity Framework.” https://github.com/iotaledger/identity.rs.
  16. W3C, “Verifiable Credentials Status List v2021: Privacy-preserving status information for Verifiable Credentials. W3C Working Draft..” https://www.w3.org/TR/vc-status-list/, 2023.
  17. G. W. Andreas M. Antonopoulos, “Mastering Ethereum.” https://github.com/ethereumbook/ethereumbook/tree/develop.
  18. N. J. Martin Holst Swende, “ERC-191: Signed Data Standard, Ethereum Improvement Proposals, no. 191.” https://eips.ethereum.org/EIPS/eip-191, 2016.
  19. T. Looker, V. Kalos, A. Whitehead, and M. Lodder, “The BBS Signature Scheme,” Internet-Draft draft-irtf-cfrg-bbs-signatures-05, Internet Engineering Task Force, Dec. 2023. Work in Progress.
  20. A. Preukschat and D. Reed, “Self-Sovereign Identity: Decentralized digital identity and verifiable credentials.” https://www.manning.com/books/self-sovereign-identity, 2021.
  21. N. Kannengießer, S. Lins, T. Dehling, and A. Sunyaev, “Trade-offs between distributed ledger technology characteristics,” ACM Computing Surveys, vol. 53, no. 2, pp. 1–37, 2020.

Summary

  • The paper introduces a novel decentralized digital services framework that embeds Self-Sovereign Identity principles to empower both creators and consumers.
  • It utilizes a trustless architecture with Ethereum-compatible IOTA Smart Contracts to enable secure and cost-effective service publication and access.
  • The research demonstrates enhanced privacy and censorship resistance through Zero-Knowledge Proofs and verifiable credentials, paving the way for future innovations.

Overview of the Mediterraneous Protocol for Decentralized Digital Services

The paper in question introduces the Mediterraneous protocol, an innovative framework designed to facilitate a decentralized ecosystem of digital services. At its core, the protocol is built upon the principles of Self-Sovereign Identity (SSI) to empower both creators and consumers within a decentralized Internet of Services. The protocol seeks to address the limitations of pseudonyms and centralized access control mechanisms characterizing contemporary Web3 solutions by embedding SSI principles directly into its operational framework.

Foundational Principles and Architecture

Mediterraneous operates without the need for a centralized orchestrator, allowing users full autonomy over their services. Service providers can dictate access and pricing, defining terms such as one-time or time-bound access within a decentralized architecture. This is achieved through smart contracts which underpin service publication and transactions execution. These architectural decisions ensure that the protocol adheres to a trustless and censorship-resistant model, thereby eliminating reliance on a central authority for transaction execution and service access.

The infrastructure underpinning Mediterraneous includes a Verifiable Data Registry, Distributed Data Storage, and a Smart Contract Platform. These components collectively ensure the minimal use of distributed ledgers for storing large volumes of data, thus reducing storage costs and latency while leveraging the Ethereum Virtual Machine (EVM) compatible IOTA Smart Contracts for computation.

Self-Sovereign Identity Integration

SSI integration is at the core of the Mediterraneous protocol’s architecture, allowing for decentralized access control. Users maintain control over their identity through a non-custodial approach, with all transactions being mediated in accordance with SSI standards. This includes interactions for service publication via tokenization, utilizing ERC-721 (NFTs) for service discoverability and ERC-20 tokens for access transactions. The Identity Smart Contract is integral, providing on-chain verification for both service providers and consumers, ensuring only those with valid and non-expired identity credentials can participate in the ecosystem.

Comparative Analysis and Implications

When compared to existing frameworks such as the Ocean Protocol, Mediterraneous offers enhanced decentralization by eliminating the need for a marketplace-level access control server, thus ensuring stronger privacy and censorship-resistant properties. The protocol's reliance on Verifiable Credentials (VCs) enables flexible access control, free from the necessitation of a verifiable data registry for managing access lists. This provides inherent advantages in decentralized identity management, ensuring that the trust and privacy of participants are safeguarded.

The adoption of Zero-Knowledge Proof (ZKP) techniques further enriches protocol functionality by enabling privacy-preserving transactions where users can determine the level of identity information disclosed. Such capabilities suggest broader implications for the protocol’s adoption, particularly in sectors prioritizing user privacy and data sovereignty.

Future Directions

The paper concludes with a forward-looking perspective, outlining potential enhancements such as integrating Zero-Knowledge Verifiable Credentials to bolster privacy. Additionally, it contemplates extending the protocol to support VCs issued by diverse issuers, harnessing the interoperability potential inherent in the SSI model. Furthermore, expanding service access options and developing cryptographic techniques for on-chain identity proofing represent areas for future research.

In sum, the Mediterraneous protocol proposes a robust framework for developing a decentralized digital services ecosystem by centrally embedding SSI principles and supporting advanced privacy-preserving technologies. As developments progress, the protocol could significantly influence the trajectory of digital service ecosystems within the Web3 paradigm, offering a novel intersection of decentralization and identity sovereignty.

Paper to Video (Beta)

No one has generated a video about this paper yet.

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Open Problems

We found no open problems mentioned in this paper.

Continue Learning

We haven't generated follow-up questions for this paper yet.

Collections

Sign up for free to add this paper to one or more collections.

Tweets

Sign up for free to view the 1 tweet with 172 likes about this paper.