In the blockchain world of peer to peer transactions there are no intermediaries and the mechanisms baked into ensure the system is trustless. In this world all we need to know is that Bob’s address is 1CG89UQpeCSzkQQ2uqaoATMZAGJ3EeXvy and Bob can see it came from Alice’s address 15U6N2ufCNPFR5KoXfXsZibc3QJe1Rr3SQ. This means Bob doesn’t have to wait for Alice’s bank to process the payment and credit her account with the money Bob sends.
Where blockchain collides with reality is that there are a raft of rules and regulations designed to protect Bob and Alice, and make sure that the financial systems cannot be used to process the proceeds of crime and in particular money laundering. To make it much harder for criminals the financial system needs to know who you are and the origin of funds. To make blockchain transactions comply with anti money laundering (AML) the first thing we need to do is to verify who somebody is known as Know Your Client (KYC).
The creation of communities around mutual resources is another important use case where identity is key to ensure the integrity of the community and prevent the Sybil attack where multiple addresses could be used to manipulate the outcomes of voting.
Now we walk into the first issue, who can verify someone and what records do we trust? Normally a person’s identity is a combination of an official document and proof of address. This is not held on a blockchain but across government databases and addresses are verified by showing evidence of recent bills with the person’s current address. All nicely off chain. There are a range of companies that perform the necessary checks with a variety of solutions. What they all have in common is that they introduce centralisation and trust is given to the companies that they are indeed providing the correct information and that it cannot be intercepted or hacked.
The goal is to find a way that keeps the blockchain decentralised and find a way for identity to be verified and that the proceeds of crime cannot be pushed through the blockchain to clean it up.
What if the community in the blockchain verified the identity of newcomers before they participated? It would break the model that anyone can use the blockchain provided they had a address and funds, however, to comply with regulations, or in the case of commons or communities around mutual resources there need to be some boundaries so we know who people are.
The model for community validation of identity is a form of crowd sourcing where people in the community validate the identity of new people joining.
If we leave it to the community to verify identify we then have the “nothing at stake” issue. That means you have someone who could claim they have verified people when they actually did no checks at all. This would be made worse if we introduced an incentive so that a verification check lead to a small reward. We also leave the door wide open for bad actors who could help criminals launder their money by setting a bunch of fake identities that are “verified”, or create a bunch of accounts to influence voting and governance decisions.
The community members who verify identity could be asked to deposit tokens into an account which is held in escrow and acts as a stake. What value does a stake have? We need a governance system in place that introduces the mechanisms where certain behaviour can be punished and a portion of the stake can be taken from the escrow account.
Putting in place a governance mechanism for community based identity verification relies on a constitution, a reward and punishment mechanism, and importantly the community trust in the group that verify identity. The identity verification is done by people and can thus adapt to the local identity criteria of the country rather than setting up automation rules for the 195 countries in the world.
The first piece of the constitution for self-sovereign identity verification is to create the governance around the people who will do the identity checks. Let’s imagine a self-sovereign organisation that is based on sharing knowledge and providing the infrastructure around local energy cooperatives. We need a mechanism to verify the local membership, and before this can be done there needs to be a pool of proposers.
There is a mechanism to add a new proposer, where an existing proposer submits a proposal to add a new proposer to the proposal pool. The proposal is discussed amongst the group and if there is sufficient consensus and the vote reaches the quorum and voting threshold the new proposer is added to the group once the proposer has locked the required number of tokens to a staking account.
We also need two mechanisms for the removal of a proposer, one is the case of a “good leaver” which is seen as someone who can no longer commit to the community and whose stake is returned, then there is a “bad leaver”, this is the proposer who has breached the terms of their role, and perhaps verified a bunch of rogue accounts, the bad leave has their stake removed and is removed as a proposer.
Strike off a proposer
With the proposer set in place and the mechanisms to add new and remove proposers we are now set to welcome new members to the community or verify people to comply with KYC and AML regulations.
There is a pool of proposers to ensure you don’t have the scenario of “pay me €100 and I will verify you”, the person wishing to be verified can ask several proposers. Proposers are encouraged to cross check with each other to avoid duplicate verification proposals.
The proposer submitting a governance proposal to add a new member, the proposer needs to pay a fee and on acceptance is paid a reward. The idea behind asking the proposer to pay a fee is an anti-spam measure. The reward is to acknowledge that time and effort has been spent to verify the prospective member or do the required KYC for regulatory purposes.
Add a new member or KYC process
It is important to note that the proposers act as a wider community and keep communicating to ensure the trust is maintained and that they catch and stop any bad actors.
The governance and self-sovereign identity verification is either baked into a blockchain’s constitution and run as an integral part of the chain or it is a series of smart contracts run as a governance service forming a subset of an application.