How does ZeroIDentify Work?
ZeroIDentify employs a unique cryptographic methodology that operates with a root-private key and derived private keys to authenticate users while maintaining their anonymity.
The Root-private Key
Every user will create a random root-private key. This is the primary key that underpins their online identity and forms the basis for creating derived private keys. Private key uses solana private key. Users will only need to remember this one root-private key.
Generation of Derived Private Keys
Whenever a user signs up for a new service, they generate a derived private key using the root-private key and a special rule described later. Importantly, the server they're signing up for cannot reverse-calculate to find the root-private key or derived private key. In essence, no personal information is shared during the sign-up process.
Process of Creating Derived Private/Public Key
Here's the protocol for generating derived keys:
1. User has private/public root key pair (r, R) where R = r·G.
2. Server has a domain name like domain.com
for ( i = 0; i++; ){
1. User can compute a derived private key d using the ECDH: d = H(r+H(i)).
2. User can compute a temporary derived public key D = dG
3. If the first two letters of the string D match the first two letters of domain.com, D is the derived public key for the User to sign in the site for Server
}
Merit for End-users
No Traceability
With ZeroIDentify, harmful sites where a user signs in only once will be unable to trace the user's ID. This anonymity is crucial in an era where user data is a prime target for hackers and marketers alike.
Single Key Memory
End-users only need to remember one root-private key. All other derived private keys can be regenerated using the root-private key. This ease of use makes managing multiple accounts and services hassle-free.
Simplified User Experience
The user experience is simplified to the point of simply clicking and waiting to create the derived key to sign in. After sign-in, users just click to login using the derived key stored in the browser's cookie.
Merit for Service Providers
Protection Against Cyber Attacks
A further rule for derived private key creation ensures the generated public key starts with a word specified by the service provider. This computation takes several minutes, equivalent to bitcoin mining, which mitigates against attacks from hackers creating numerous accounts or bots scraping data.
Easy Implementation
Service providers can gain a large customer base by simply implementing ZeroIDentify. With the exponential growth in privacy-conscious users, this service offers an appealing proposition.
Support Many Certifications ( Not yet implemented )
ZeroIDentify plans to support customers who already have certification systems like Google's identity service and cryptocurrency wallets. This ability to work in conjunction with other systems allows for versatile use, broadening its appeal to potential users and providers.
Decentralized Service ( Not yet implemented )
ZeroIDentify moves towards supporting decentralized identifiers, known as DIDs. These digital identities are owned and controlled by the individual or organization to which they correspond, instead of being controlled by a centralized authority. Such decentralization enhances security and gives more control to the users. This service is preparing to support protocols such as IPFS and IPNS for decentralized identity services in the near future.
