Bringing Ecosystems Collectively: How W3C DIDs and VCs will help with Ethereum’s Three Transitions

12 September 2024

Ethereum Open Group Initiatives L2 Requirements Working Group

Vitalik Buterin recognized three essential transitions for Ethereum: scaling by means of L2 rollups to cut back prices, enhancing pockets safety by way of good contract wallets for higher safety and person expertise, and advancing privateness by means of privacy-preserving mechanisms. This text explores how integrating W3C Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) can handle a few of these challenges by enhancing the administration of identities, keys, and addresses, leveraging current decentralized id options to help Ethereum’s transitions effectively to maneuver to a extra L2-based world.

As Vitalik Buterin identified in a sequence of 2023 articles, notably his Three Transitions article,  Ethereum is transitioning from a younger experimental know-how right into a mature tech stack that might deliver an open, world, and permissionless expertise to common customers. Nonetheless, he believes that there are three main technical transitions that the stack must bear, roughly concurrently:

• L2 Scaling Transition: This entails shifting the ecosystem to rollups to handle the excessive transaction prices on Ethereum, which have reached $3.75 and even $82.48 throughout a bull run
• Pockets Safety Transition: The shift to good contract wallets (account abstraction) is important for enhanced person consolation and safety in storing funds and non-financial belongings, shifting away from centralized exchanges and single non-custodial wallets.
• Privateness Transition: Guaranteeing privacy-preserving funds transfers and creating different privacy-preserving mechanisms resembling social restoration and id techniques is crucial to stop customers from resorting to centralized options that provide just some or nearly no privateness.

Vitalik emphasizes that these transitions are essential and difficult as a result of intense coordination required to implement them. Specifically, he mentioned the implications of those transitions on the connection between customers and addresses, cost techniques, and key administration processes. The connection between customers and their addresses, and key rotation/restoration are a significant concern each technically and from a usability perspective – UX determines success or failure regardless of how good the underlying know-how is.

On this article, we’ll delve into these latter points and talk about how options from one other ecosystem, particularly the one centered on decentralized id, additionally also known as self-sovereign id, can considerably support with the transitions with out having to reinvent too many wheels.

The issue assertion within the context of Ethereum’s technical transitions may be summarized as follows in accordance with Vitalik:

• Advanced Funds: The transitions make easy actions like paying somebody extra complicated, requiring extra data than simply an handle as a result of the person wants to find out which funds to make use of, the place to ship it to, and particular cost directions usually involving id data.
• Good Contract Wallets: Good Contract wallets add technical points that should be addressed, resembling making certain wallets monitor ETH despatched by good contract code together with monitoring throughout networks.
• Privateness Challenges: Privateness-preserving transactions, if carried out, introduce new challenges, resembling needing a “spending public key” and encrypted data for the recipient to seek out the cost and how you can choose it up.
• Id Modifications: The idea of an “handle” will change, probably requiring a mix of a number of addresses, encryption keys, and different knowledge to work together with a person.

These factors, subsequently, elevate the query of how we handle id, addresses, and their keys collectively, and in a means that doesn’t confuse the person, and compromise the safety of their belongings.

Given the above drawback assertion, the idea of an “handle” within the Ethereum ecosystem, is evolving, with the normal thought of an handle as a single cryptographic identifier turning into out of date. As an alternative, “directions for how you can work together with me” will contain a mix of addresses on a number of Layer 2 (L2) platforms, stealth meta-addresses, encryption keys, and different knowledge. In his article, Vitalik factors out that one potential strategy could be utilizing the Ethereum Identify Service (ENS) data to include all id data. Sending somebody an ENS identify like “alice.eth” would permit them to entry all the mandatory particulars for interplay, together with cost and privacy-preserving strategies. Nonetheless, this technique has drawbacks, resembling tying an excessive amount of to at least one’s identify and the shortcoming to have trustless counterfactual names, that are important for sending tokens to new customers with out a prior blockchain interplay. As well as, the ENS system is a rent-seeking system. Subsequently, extra broadly, it’s not equitable and doesn’t assure continued possession of 1’s id; that’s not a tenable scenario. Another resolution entails keystore contracts that maintain all id data. These contracts may be counterfactual-friendly and usually are not tied to a particular identify, permitting for extra flexibility and privateness.

This brings us to the subject of keys controlling “addresses”. Particularly, key rotation and key restoration in a multi-address Ethereum Ecosystem. Key rotation is simply turning into an vital function with good contract wallets and account abstraction the place the controlling handle of a sensible contract pockets would possibly change as a result of a secret is rotated or recovered which necessitates a brand new controlling handle. No matter key rotation or key restoration, the normal technique could be to run onchain-procedures on every handle individually. That is impractical as a consequence of fuel prices, counterfactual addresses, and privateness issues. As talked about earlier than, Vitalik proposes the utilization of keystore contracts that exist in a single location and level to verification logic at totally different addresses. This may permit the creation of a proof of the present spending key for transactions. This requires a restoration structure that separates verification logic and asset holdings, simplifying the restoration course of by requiring solely a cross-network proof for restoration.

On this context, Decentralized Identifiers can leverage keystore contracts to empower a modular verification logic for contract accounts that verifies zk proofs by means of a particular validation module and embeds a system to standardize onchain executions.

Including privateness measures, resembling encrypted pointers and zk proofs, will increase complexity. Nonetheless, it provides potential synergies with keystore contracts for persistent addresses for the reason that persistent handle might be “cloaked” in a zk proof.

What does this all imply for good contract wallets? Historically, wallets had been designed to safe belongings by defending the personal key related to on-chain belongings. If the important thing was to be modified, the outdated one might be safely disclosed with none danger. Nonetheless, in a zero-knowledge world wallets want to guard knowledge apart from belongings. The instance of Zupass, a ZK-SNARK-based id system, illustrates that customers can maintain knowledge regionally and solely reveal it when obligatory. Nonetheless, shedding the information’s encryption key means shedding entry to all encrypted knowledge. Subsequently, the administration of encryption keys can be turning into more and more vital. Vitalik means that a number of gadgets or secret sharing amongst (key) “guardians” might be used to mitigate the danger of shedding encryption keys. Nonetheless, this strategy isn’t appropriate for asset restoration as a result of potential danger of collusion amongst “guardians”. Lastly, the idea of an handle as a person’s on-chain identifier must change, and, subsequently, wallets should handle each asset restoration and encryption key restoration to keep away from overwhelming customers with complicated restoration processes aka poor UX. For instance, Signal In With Ethereum depends on the onchain handle and the person’s personal key controlling that key to generate the authentication message. Nonetheless, there isn’t a notion of a one-to-many relationship on this strategy, and no notion of a sensible contract pockets as the first delegate of the person. The verifying occasion, additionally referred to as the relying occasion, subsequently, can’t assess the scope of the authorization(s) required for the person when logging wherein is essential relying on the performance the verifying occasion makes accessible to the person handle.

The Three Transitions are extra than simply technical enhancements; they signify radical shifts in how customers interact with Ethereum-based stacks, particularly within the areas of id, key administration, and addresses, thereby, evolving the Ethereum ecosystem from its present state right into a extra user-friendly and accessible platform that prioritizes scalability, safety, and value. Subsequently, one would naturally ask the next query: Are there instruments and frameworks already accessible that might be utilized by the group, particularly relating to id, key administration, and privateness to ease the transitions? The reply to that may be a particular sure. Specifically, the ecosystem that has developed across the idea of decentralized id and its requirements, frameworks, and quite a few reference implementations has produced tooling that’s readily usable inside the Ethereum stack.

What’s the Decentralized Id Ecosystem?

The decentralized id ecosystem is concentrated on giving people management over their digital identities with out counting on centralized authorities. It leverages blockchain know-how and cryptographic rules to make sure privateness, safety, and user-centric id administration. On the core of this ecosystem are two key ideas: Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).

Decentralized Identifiers (DIDs):

DIDs are a brand new kind of identifier that permits verifiable, self-sovereign digital identities. They’re distinctive, globally resolvable identifiers related to a topic, resembling a person, group, or system. DIDs are decentralized by design, that means they don’t depend on a central registry or authority for his or her creation or administration. As an alternative, they’re created and managed by the customers or entities appearing on their behalf. DIDs usually make the most of public-key cryptography to make sure safe interactions and permit the topic to show possession and management of their id and carry out particular approved actions resembling assertions, authentication, authorization, and encryption.

Verifiable Credentials (VCs):

Verifiable Credentials are digital credentials that include claims a few topic’s id, attributes, or {qualifications}, issued by trusted entities referred to as issuers. VCs are tamper-evident and cryptographically signed to make sure their integrity and authenticity. Importantly, VCs are moveable and may be offered by the topic to verifiers, resembling service suppliers or relying events, with out the necessity for these verifiers to contact the issuer straight. This permits seamless and privacy-preserving id verification throughout totally different domains and contexts.

A number of key gamers and organizations are contributing to the event and adoption of decentralized id applied sciences:

• Decentralized Id Basis (DIF): DIF is a consortium of organizations collaborating to develop requirements and protocols for decentralized id techniques. It promotes interoperability and innovation within the area.
• World Vast Internet Consortium (W3C): W3C hosts the Credentials Group Group, which incubates work on verifiable credentials and associated applied sciences, and the Decentralized Identifier and Verifiable Credentials Working Teams, that are creating updates to the respective specs
• Hyperledger Indy: Hyperledger Indy is an open-source mission underneath the Linux Basis. It’s centered on offering instruments and libraries for constructing decentralized id techniques.
• Sovrin Basis: Sovrin Basis operates the Sovrin Community, a public permissioned blockchain designed for decentralized id administration.
• Microsoft, IBM, and different tech corporations: A number of main tech corporations are actively concerned in creating decentralized id options, contributing to requirements improvement, and constructing reference implementations.

Requirements play a vital position in making certain interoperability and compatibility inside the decentralized id ecosystem. Some key requirements and reference implementations embody:

• Decentralized Identifier (DID) Specification: Defines the syntax and semantics of DIDs, together with strategies for his or her creation, decision, and administration.
• Verifiable Credentials Information Mannequin: Specifies the construction and format of verifiable credentials, together with JSON-LD contexts for representing claims.
• DIDComm Messaging Protocol: Allows safe, personal communication between DIDs utilizing end-to-end encryption and cryptographic authentication.
• SSI (Self-Sovereign Id) Protocols: Numerous protocols and frameworks, resembling DID Auth, Presentation Alternate, and VC API, facilitate safe interactions and transactions inside the self-sovereign id paradigm.
• Hyperledger Aries: A framework that gives a set of interoperable elements for constructing decentralized id options, together with brokers, wallets, and protocols.
• Privado ID former Polygon ID: A set of instruments constructed for builders to create safe and trusted relationships between customers and purposes within the Web3.  It focuses on decentralized id, giving customers management over their knowledge. The toolkit relies on the open-sourced iden3 protocol.
• QuarkID: An open-source DID resolution at present deployed on ZKsync Period with digital credentials being issued by the Metropolis of Buenos Aires.

Under, we element how a decentralized id framework may be efficiently utilized to the cross-network challenges for id, handle, and key administration beforehand mentioned.

Utilizing Decentralized Identifiers (DIDs)

Drawback: Managing id for a person throughout numerous Ethereum networks is complicated.

DID Resolution for Identities:

• DIDs present globally distinctive identifiers which are resolvable (to their DID Doc) and cryptographically verifiable throughout any blockchain community.
• Every DID is related to a DID Doc which comprises details about the connection of a DID with a set of cryptographic keys, the features these keys can carry out resembling verification, authentication, authorization, assertion, and encryption, in addition to service endpoints resembling API endpoints to addresses managed by the keys listed within the DID Doc.
• The connection of DID to their DID Paperwork or respective cryptographic representations may be saved on any blockchain community, making certain tamper-proof and protracted id data.

DID Paperwork for Handle Administration:

Drawback: Customers have totally different addresses on the Ethereum mainnet, testnets, and Layer 2 options, together with counterfactual addresses.

DID Doc resolution:

• A DID doc has a verificationMethod knowledge property permitting a DID proprietor or controller to specify symmetric and uneven cryptographic keys for any desired curve resembling secp256k1 utilized by Ethereum stacks.
• The verificationMethod for a key additionally permits the person to specify an ID for the verification technique. That is usually the DID plus a fraction as per the DID specification. This fragment permits two crucial issues. First, it permits you to specify a community identifier, for instance, “1” if the bottom line is an Ethereum key, and different numbers if that key isn’t on an Ethereum community. As well as, the fragment may be prolonged to point if the important thing belongs to a counterfactual handle or a sensible contract pockets. For instance, “did:ion:1234xxxxddd4444-#1-counter” would point out that the general public key recognized belongs to a counterfactual Ethereum handle. As well as, if required for sure causes to individually establish an handle on Polygon PoS vs Arbitrum One the “1” might be changed by the chainId of the goal community, e.g. 137 for Polygon PoS.
• Lastly, a sensible contract pockets may be given its personal DID and managed by the DIDs of the good contract pockets house owners the place every proprietor identifies a number of controlling keys for the pockets as specified of their DID doc. This final level permits for 2 main enhancements for good contract wallets – key rotation aka key restoration, and an arbitrary variety of controlling keys with out revealing these controlling keys

DID Paperwork for Key Administration together with Social Restoration:

DID Resolution for Identities:

Drawback: Key restoration and key rotation for Ethereum addresses, notably good contract wallets, are complicated and usually are not user-friendly.

DID Doc resolution:

• When a public key related to a DID have to be rotated for safety or restoration functions, a person can merely replace a DID Doc and change the outdated public key with a brand new public key within the verificationMethod utilizing one other controlling key. This could be a key the person straight controls, or if management has been delegated, by one other person controlling a DID listed as controller.
• Subsequently, this may also be achieved for a Good Contract pockets. Every controller can independently replace the important thing within the verificationMethod related to their DID. That is sufficient as a result of the person can produce a cryptographic dedication that the replace was executed accurately that may be submitted to and verified by the good contract pockets.    

Privateness (Zero-Data) Side of DIDs and DID Paperwork

• DID Paperwork may be represented as zero-knowledge proofs by first merkelizing their JSON-LD doc, after which verifying Merkle Proofs of relationships of DID-to-key and DID-to-functional-capability (as represented by means of a number of cryptographic keys).
• Utilizing zk-SNARKs, particularly, allows environment friendly verification of cryptographic key claims on Ethereum networks.
• For instance, the zero-knowledge circuit for a sound key rotation replace of a DID doc would do two issues: a) confirm that the updating secret is within the DID doc and is a controlling key by verifying a Merkle proof of inclusion within the DID doc and b) confirm the digital signature of the controlling key over the foundation hash of the outdated DID doc. The general public inputs to the proof could be the Merkle Root of the brand new merkelized DID Doc and the foundation hash of the outdated DID doc, and the personal inputs could be the Merkle proof and the digital signature. The good contract would solely should confirm the proof, verify that the outdated root hash was registered, after which replace the outdated with the brand new root hash.
• This has the benefit that no data is leaked about which addresses management the good contract pockets. Each good contract pockets transaction might be totally nameless if all transactions submitted to the good contract have a recursive zero-knowledge proof that verifies {that a}) the general public key belonging to the handle submitting the transaction is a controlling key of the DID that may be a good contract proprietor and b) {that a} zero-knowledge proof that the transaction was signed by the proper quorum of signatures of the good contract pockets house owners was correctly verified by a verifier within the circuit itself. 

Utilizing Verifiable Credentials (VCs)

Drawback: The entity performing a key operation resembling a key rotation or a digital signature for a monetary transaction should show that it’s a authorized entity that meets all relevant compliance guidelines for a jurisdiction that has compliance oversight.

VC Resolution for Compliant Key Operations:

• W3C VCs permit assertions to be made in regards to the topic of the credential resembling “Alice is a authorized enterprise in Brazil”, or, “This enterprise is a authorized entity within the US and a registered Dealer-Supplier”, or, “The authorized US entity A is a legally registered Dealer-Supplier and is legally approved to behave on behalf of the authorized US entity B”. 
• Given the standardized construction and public context reference recordsdata that specify the VC normal and particular VC varieties, every VC may be readily became a zk proof given a standardized, and publicly accessible zk circuit. Revealing solely the authorized id of the VC issuer as the foundation of belief, resembling a KYC supplier.
• Such zk proofs, particularly, ZK-SNARKs may be submitted with any transaction and verified in a sensible contract resembling a sensible contract pockets or a DeFi protocol.
• This enables for compliant transactions on Ethereum stacks with out revealing any delicate id or different related compliance knowledge.

Helpful Implementations for Ethereum Networks

There are dozens of various implementations of the W3C DID specification. Whereas many DID strategies usually are not as scalable as obligatory, or not simply anchored on a blockchain, a number of DID strategies match the invoice for the Ethereum ecosystem – permissionless, blockchain-anchored, scalable, and low cost. All of those DID strategies are based mostly on the Sidetree Protocol.  The Sidetree Protocol is a “Layer 2” DID protocol that may be carried out on prime of any occasion anchoring system, together with Ethereum, and is compliant with W3C tips. The Sidetree protocol doesn’t require centralized authorities, distinctive protocol tokens, reliable intermediaries, or secondary consensus mechanisms. Particularly, the Sidetree protocol defines a core set of DID PKI state change operations, structured as delta-based Battle-Free Replicated Information Sorts (i.e. Create, Replace, Get well, or Deactivate), that mutate a Decentralized Identifier’s DID Doc state.

Subsequently, by leveraging an Ethereum-based implementation of Sidetree, the Ethereum ecosystem can make sure that every person has a self-sovereign id, that’s each personal and interoperable throughout totally different L2s and purposes.

We consider that the mixing of W3C DIDs and VCs into Ethereum’s infrastructure is essential for navigating the upcoming transitions. They supply the mandatory instruments for managing identities, keys, and handle safety, and privateness, and are aligned with the decentralized nature of blockchain know-how.

Sadly, the Ethereum ecosystem and the decentralized id (DID) ecosystem haven’t intersected a lot, although each share a deal with decentralization. The Ethereum ecosystem has primarily focused on advancing and scaling its blockchain know-how, whereas the DID ecosystem has prioritized creating requirements and protocols for governing digital identities. In consequence, alternatives for collaboration between these two ecosystems have been restricted.

We see the Three Transitions as a chance to alter this and begin a better collaboration between the Decentralized Id and Ethereum ecosystems.

Acknowledgments

Particular thanks go to Eugenio Reggianini ([email protected]) for proofreading the manuscript and including vital content material.