This definition is taking from the forthcoming publication: "DISPOSABLE IDENTITIES? Why digital identity matters to blockchain disintermediation and for society. Authors: Loretta Anania, EC Gaelle Le Gars, Rob van Kranenburg." The authors are linked to H2020 ICT Grant Agreement 825652 NGI FORWARD.
Disposable identities are temporary attribute-based identities integrated in any smart contract between a receiver and a supplier. A digital context-based sharing of data that is generalizable: to apply a digital id internet layer to any existing communication service.
The complete ecosystem in which Disposable Identities would operate, requires a similar trust infrastructure where the the combination of seamless connectivity and personalized support is not build on continuous and real-time tracking and tracing of identified users. Instead it operates with attribute-based relational identities, generated for each single interaction between user and service (or object and service) and disposed of, immediately afterwards.
With disposable identities, new applications can be added to this ecosystem using a strict attribute-based solution, needs no full disclosure (of identity) just beyond age, ability to pay for the service, legal compliance in terms of insurance and accountability. Digital services can be delivered to authenticated users without requiring the need for a single full set of identifying data to be shared.
This schema minimizes risks of data leaks and unauthorized reuse of personal data by third party service providers. The proposed technical framework of provable computing developed by zenroom.org, runs on Virtual Machines embedded in the chip used with any personal communication device and any connected object . These chips representing the key material component of the approach, they could be regarded as the digital era equivalent of the secure ID of Passport and require comparable level of confidence in the fabrication process. This argues in favour of relying on chips manufactured under EU jurisdiction. While this represents a major change from the current supply chain for commercial chips which are almost entirely sourced from China for the EU market, it is also a move that may serve other geopolitical and environmental Commission priorities. Zenroom, which can also runs on existing integrated chips, was developed as European alternative for achieving a level of accessibility, provability and certification of computing.
- W3C DID for Main DID and Disposable DID: https://www.w3.org/TR/did-core/
- W3C Verifiable Credential for health messages and usage consent (purpose limitation-GDPR): https://www.w3.org/TR/vc-data-model/
- Kantare Consent Receipt for the consent “content” (JSON Verifiable Claim translation, see examples): https://kantarainitiative.org/download/7902/
- BIP32 for Hierarchical Deterministic Wallets for generation of Disposable ID DIDs: https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki
Technology for the Disposable ID Mobile SDK (preliminary list)
- Zenroom VM for cryptographic creation, manipulation and verification of DIDs, Verifiable Claims (*) and zero knowledge proofs on all targeted platforms, including iOS and Android native and browser-based WASM. (Requires an action from Zenroom to be compliant with the JSON format of W3C DID (Documents) and W3C Verifiable Claims - see specific links in "Standards" section.)
- DECODE APP template for React-Native portable mobile app
- React-Native for Mobile SDK
- OpenIntents (Friedger Mufkes library for between apps communication)
- Markers: To be able to work with markers project will create it’s own open-source library which is able to a) create markers and b) decode data in markers. This library will be based on work on done in Horizon2020 funded TagItSmart project and use following opensource libraries:
- AI SDK/API, https://github.com/Tribler/distributed-ai-kernel, by the team of https://www.blockchain-lab.org/