free web page hit counter
How we implemented a durable, transferrable, and recoverable user identity system in the World's Fair contact while maintaining 100% trustlessness

How we implemented a durable, transferrable, and recoverable user identity system in the World's Fair contact while maintaining 100% trustlessness

Etherum Reddit

Reddit / Etherum Reddit 17 Views

I wanted to share a few more details about a particular aspect of the World's Fair contract that I think may have wide applicability for other dapps in the Ethereum ecosystem. It's a new and deceptively simple approach to implementing identity on the blockchain.

Creating some kind of user-login system when building a dapp is a very common task, and many dapps take the approach of utilizing a user's Ethereum address as the globally unique token, either on its own or mapped one-to-one to some other data like a username. For example, a user's identity in some dapp might be encoded in a smart contract as:

0x170972e5CAaE16e88bA08C8F97aE6B8f718559Ab // user's Ethereum address 

and mapped to an identity like

myname => address // username mapped to one address 

which is of course just a username mapped to a regular Ethereum address. While this is a great alternative to the centralized approach where the application stores a username/password combo, it comes with one very large drawback:

What happens if the user's private key becomes lost or compromised?

At that point, the user's only recourse would be to create a new address, resulting in losing control of their data/funds/assets/reputation/etc. So it's not ideal. Centralized applications can get around this problem by outsourcing the final authority over an identity to a trusted third party, usually an email provider—all you have to do is click "Forgot Your Password" and you get an email with a special link that lets you reset the password. Great. But it's not going to work for applications that are truly decentralized.

It'd be fantastic if there was a way to build a dapp so that user's can reassert ownership of their identity while still maintaining 100% decentralization and trustlessness.

There is.

In World's Fair, a user's identity is represented on the blockchain as two addresses that both belong to the user, like this:

Account { address owner; // linked address address recovery; // recovery address } 

and mapped to an identity like

myname => Account // username mapped to two addresses 

When a user creates an account, both addresses are saved on the blockchain. The first address—the "linked address":

  • Is set to the address that sent the transaction when calling createAccount()
  • Is stored by the user in MetaMask and used to authorize interactions with the contract
  • Can be changed to a new address, as long as the user has the private key of the existing linked address

In contrast, the second address—the "recovery address":

  • May be specified by the user at the time of account creation, or afterward—but only if it has not been set already
  • Cannot be changed once set, even by the person who controls the account's linked address
  • Is stored offline in a safe, separate location, and never used for anything, EXCEPT...
  • In the case event that the user loses control of their linked address, only the recovery address may call the special function recover() that causes the recovery address to replace the linked address, thus restoring control to the user over their identity.

It's as if every person had two different keys to their house—one kept in their pocket and used every day, and another one kept in a safety deposit box and only used if the first key is lost. It's important to note that in this scenario, even the owner of the first key can't remove or replace the second key, once the second key is safely stored. Once the fail-safe is armed, the only way it can be rearmed is by first activating it, which requires that you own the second key.

So that's cool.

Identities on World's Fair are transferrable too. Let's say I registered the username "vitalik" and at some point the man himself wanted that account (a developer can dream... sigh). To transfer that identity to him, I would first call recover() to get rid of the account's existing recovery address and then (using the same address, since it's now become the linked address) call changeLinkedAddress() setting it to whatever address he has specified. Then the new owner is free to set his own recovery address.


It's a blockchain version of Forgot Your Password, with full trustlessness and transferability to boot.

submitted by /u/lovvtide
[link] [comments]