Welcome to the Elastos Blog
Read it here first
Unlocking the Power of Decentralized Identity with Elastos
DID you know that Elastos holds the key to your digital destiny? Yes, as the only Web3 ecosystem with a dedicated identity chain, Elastos’ Decentralized Identity (DID) can unlock a world of secure, private and authentic Web3 experiences for everyone. This blockchain-powered identification method complies with the World Wide Web Consortium (W3C) with unique and proprietary specifications that enable anyone to control their personal data and embrace the evolving decentralized internet.
DID is a practical solution to the issue of centralized identity management in Web 2.0, where individuals must have multiple logins and passwords for different websites. In contrast, DID provides a universal identity solution that can be used across various platforms in Web3, avoiding the issue of platform-specific identities and enabling interoperability. For example, individuals have control over their data with a DID and can use a single identifier across different applications and services.
Many projects consider themselves at the forefront of Web3 but lack the fundamental mechanics in their identity systems that Elastos has been perfecting for over 5 years. From self-sovereignty to zero-knowledge proofs, Elastos DID offers flexibility, security and privacy like no-other identity solution in Web3.
Web 2 Identity Solutions
Now, look at the Web 2.0 solution to signing into various websites. Try logging into ChatGPT, which will prompt you to sign in through Facebook or Google. In a Lifelock article about this subject, the author alludes to how convenient it is to use social log-ins. However, there are clear and present dangers associated with this method.
When you log in through a social media or Web 2.0 account, you relinquish the right to your data to that respective website. The user’s information could be sold, shared, and manipulated in many ways that’s not known to the original owner. If hackers access one of the user’s social media accounts, they will easily access the websites the user had assessed through social log-in. If Google or Facebook experiences an outage, the user reliant on social login could be logged out of various websites.
Typical Web3 Sign-Ins
Web3 is a term thrown around often but not many people understand the underlying concept. The true purpose of Web3 is to steer away from the archaic architecture of the present World Wide Web and transition into an actual peer-to-peer version. Currently, centralized entities and 3rd parties are needed to facilitate data and transactions. Most Web3 wallets and “decentralized apps” (dApps) operate like the Web3 mullet – decentralized in the front and centralized in the back.
Tahbot’s article named “Decentralized Identity is failing us. Welcome to the Web3 mullet” explains how blockchains give users an impression that they are logging into their favorite dApps in a trustless and secure fashion.
For example, Sign-In with Ethereum (SIWE) makes it impossible to provide proper end-to-end encryption for the user using a blockchain private key because the app must store the cookies or session on a server to maintain the info of you as a logged-in user. This data is stored in a centralized place where the user cannot control his or her information. Overall, the public blockchain address acts as a security and privacy risk.
Web3 solutions for identity management still need help, such as the requirement for wallet addresses in most sign-in processes. This approach has flaws, such as the need for users to share their data, which defeats the purpose of decentralization. Web3 has a long way to go before providing truly decentralized and user-friendly identity management solutions that preserve the privacy and control of user data. DIDs offer a promising step in the right direction by providing a universal, interoperable, and secure identity solution for individuals on the decentralized web.
Elastos DID Solution
Elastos brings a rock-solid foundation for actual end-to-end encryption of data via its DID solution. As opposed to using a blockchain address to access an application, as most blockchain wallets and apps do, signing in with Elastos DID provides a personal private key. Most importantly, after signing in with a DID, all the credentials are stored locally in the user’s device, along with the DID private key.
DID data is split in two ways: on-chain (stored in a DID Document on the blockchain) and off-chain (stored on the user’s device or other private storage). The on-chain data includes basic information about the DID, while additional information like Nickname, IM, and verifiable credentials can be uploaded to the chain and made public or kept private.
Unlike signing in through Metamask and having the blockchain address and credentials compromised by a centralized service, signing in with DID via Elastos allows users to control all their data, credentials, and user information. In a world where data breaches are becoming more common, and centralized entities monetize our information, but Elastos users, through the use of DIDs, are in total control of their own data, their own identity and their digital destiny.
Elastos dApps and Wallet with DID
The future of the decentralized web lies in the hands of its users, quite literally. The private and DID keys, the gatekeepers of a person’s digital identity and assets, are stored on the user’s device, such as the Essentials Wallet (Apple or Android), giving them complete control and ownership. This data is further secured through encryption and stored in specialized storage vaults, creating a truly decentralized system that puts the power back in the hands of the individual. Elastos’ DID marks the departure from the centralized systems of the past, where a select few controlled data and identity. By embracing this new model, we can create a digital world where the preservation of privacy and ownership is the foundation, and the fruits of our online labor belong solely to us.
Unlike the traditional Web3 blockchain-based wallets like Metamask, signing into blockchain websites using the Essentials wallet is pure with DID. All the information and credentials are securely stored off-chain in a Hive node or an Elabox. There’s no possibility for users’ data and information to be tampered with or stolen, as everything is in their possession at all times. Instead of using blockchain addresses, Elastos/Essentials users are signing in with their unique DID, allowing them to quickly secure private access– which is what true Web3 is all about.
A number of dApps built on Elastos serve as an excellent use case for people trying to take advantage of the power of DID. KYC-me is an application that allows users to verify their physical identity and generate private and unalterable credentials that hold their personal information. These credentials can be downloaded into identity wallets such as Elastos Essentials and serve as a use case to log into third-party dApps later on. Users submit their email addresses, photographs of themselves, and a country ID to allow proper verification. This information will always be stored offline and only accessible to the holder of that respective DID.
Another example is CreDA, the blockchain credit rating agency. CreDA assesses a person’s creditworthiness through their wallet’s historical transactions and mints the score along with the person’s DID as a credit NFT (C-NFT), which acts as a soulbound identifier for other applications to know who is credible, while allowing the user to remain anonymous.
Elastos DID is a new type of digital identity that give individuals more control over their data and provide increased security and flexibility for Web3 platforms. Instead of relying on centralized entities, such as governments or corporations, to manage and store identity information, DIDs utilize decentralized technologies like blockchain to provide a secure and verifiable way to collect and store identity information.
The decentralized nature of DIDs make them more resistant to data breaches and other security threats since the data is stored across multiple nodes in the network instead of being housed in a single central repository. DIDs aims to create a more secure, private, and empowering digital identity solution that gives individuals greater control over their personal information and therefore, control over their digital destiny.