Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- =====
- UPORT
- -> users have control of their identity
- self-sovereign identity
- log in without passwords
- digitally signed transactions
- interaction with Ethereum blockchain
- you build the trust withou reaveling any much information -> reputation systems
- ______________
- login example:
- https://eidenaiethereum.firebaseapp.com/?#/
- "Login with uPort"
- scan QR code with smartphone app
- app will ask for permission to log in
- after login, the website shows your info/credentials
- name, country, public key, other information
- you can decide with information to share
- ______________________________________________________________
- (1) identity within blockchain x (2) blockchain for identity
- 1. identities with private keys are required to interact with blockchains
- challenges today:
- key management lots of wallets > lots of identities
- persistent identity
- authenticating the user (link to 'real world')
- 2. self-sovereign identity can be realized with blockchain and smart contracts
- self-sovereign identity:
- majority of our identities are controlled by Google and Facebook (and the data associated with it)
- challenges today:
- identity ownership
- data ownership
- reputation fragmentation
- password management
- _____________________________
- identities today are isolated
- users identities are isolated in differente centralized servers across organizations
- ex: vital records office, car registration authority, healthcare system, tax authority
- leads to issues:
- - for organizations
- limited information sharing prevent collaboration, interoperability & efficiency
- ciberattacks: insecure centralized data storage increases vulnerability to hacking
- - for users
- physical identity docuements
- repetitive account creation, inconvenience of remembering passwords > ex: different exchanges
- personal information stored in various services
- indentity theft vulerability
- users want to use apps, not worry about networks and gas
- _________________________________
- solution: self-sovereign identity
- secure, cost-effective, interoperable blockchain identity
- - identity and personal data is stored with the user
- - claims and attestations can be issued and verified between users and trusted parties
- - users selectively permission to data
- - data only needs to be verified a single time
- _____________________________
- decentralized identity system
- -> leads to a very flexible, universal, robust identity that empowers its users
- . user's mobile mobile generates keys, maps to smart contract
- . decentralized smart contracts blockchain: role as trust provider, decentralized PKI
- . govts, apps, businesses issue credentials to users
- _____
- uPort
- mobile self-sovereign identity solution and secure sign-on tool
- built on Ethereum
- iOS: Apple AppStore
- Android: https://play.google.com/apps/testing/com.uportMobile
- features:
- - identity rooted by Ethereum blockchain
- - passwordless, single sign-on
- - simplified user centric key management keys are not with uPort team -> stored on smartphone (pk never leaves device)
- - legally binding signatures (depending on jurisdiction)
- - user friendly blockchain transaction card
- - push communication protocol
- - upcoming: Mobile SDK
- - upcoming: gateway for private chains
- uport makes ethereum easy:
- . all your ethereum app accounts in one place
- . create a complete user profile
- . store credentials, verifications and badges
- . mobile factor authentication and signatures
- __________________
- smarter login flow
- 1. user - i want to log in
- 2. app - do you have an account for this app? if not, i'll make one for you
- 2. user - i already have one. here it is
- ___________________________
- gasless onboarding and apps
- uport makes gas disappear for users
- . onboard new users without requiring them to get and use Ether
- . enable transactions without requiring users to interact with gas
- HOW???
- all the transasctions that go through uport are automatically fueled
- transaction fueling service handles this
- -> this way users don't have to worry about it
- __________________________
- whats is a uPort identity?
- permanent blockchain identity
- 1. self-sovereign identifier (is a smart contract on Ethereum to which you control the private keys)
- 2. collection of data credentials acquired through everyday interactions
- 3. controlled by the user with a private key
- collection of data
- . verified data or claims - that belong to the individual (certificates, visa, citizenship)
- . standard schema - for attribute data that can represent legal facts, receipts, etc.
- . represent a person's reputation
- ex1:
- Coinbase gives you an attestation that you are level 3 verified user
- you can use this attestation to go to another provider
- ex2:
- attestation that says you are over 18 and have a driver's license
- you don't have to share the details of this data, just the attestation
- _______________________________
- core concepts & smart contracts
- uPort -> controller contract > proxy contract > application contract
- controller contract:
- has a social recovery mechanism
- you set a social recovery network (same you can do with facebook)
- proxy contract:
- makes the identity permanent (you don't that to change)
- uport uses a smart contract identity model:
- https://imgur.com/a/YfoCB2e
- - upon smart contracts
- your identity -> proxy contract
- control + recovery contract
- - your smart contracts
- app contract 1
- app contract 2...
- ________________________________
- multi-chain account architecture
- today uport support multiple accounts across multiple networks
- mainnet, rinkeby, ...
- multiple accounts to handle multiple dapps (e.g. Gnosus, Status...)
- _________________________________
- bridging ethereum and server apps
- account management
- "web 2.0"
- servers
- INFURA
- IPFS your IPFS data
- Ethereum your smart contracts / upon smart contracts / other contracts
- ________
- who uses uPort?
- end-users
- developers
- dapps
- exchanges
- enterprises
- governments have approached uPort team about identities
- ______________________________________________________________
- developers want to issue badges and other credentials to users
- design credentials and issue them to users:
- - user does something (like attending an event)
- - you issue a badge
- _______________________________________________
- developers want to request credentials by users
- ex: KYC check for token launches
- - you request a KYC badge issued by any trusted source -> exchange, bank
- - user shares KYC badge they received from Coinbase
- credentials that you want to know:
- . is the user over 18?
- . does the customer have valid documents?
- . valid drivers licence?
- . certificate valid?
- . uber reputation?
- . airbnb reputation?
- _________________________
- sample business use cases
- - P2P market places
- regulation network:
- interoperable user reputation data between services for more secure, trustworthy interactions
- perfect for the on-demand economy
- - social media
- user lifecycle management:
- improve onboarding and user lifecycle management without having to store personally identifiable information
- - consumer finance
- shared data and KYC:
- improve customer insights and KYC processes for greater operational efficiency
- - digital media
- portable preferences:
- users bring preferences with them for increased content personalization, smart recommendations and simplified onboarding and UX
- - ecommerce and retail
- boost conversion:
- reduce customer dropoff, cart abandonment and fraud with verified, secure single sign-on and formless checkout
- - regulated finance
- secure credentials and KYC:
- reduce fraud, improve KYC process and benefit from shared credential marketplace with other trusted providers
- ____________
- case studies
- city of Zug
- allows citizens to self-register using uPort
- this way they officialy verify thei decentralized ID by visiting a local Certification Authority (CA)
- citizens can log in into the citizen web portal to securely access government services such as e-voting or tax payments
- .
- citizen first log in on the web portal with uPort
- inform more details
- the web portal then tells citizen to go be verified by the Zug office
- after verification, citizen can then use the cities services logging in using uPort
- -> on the Verifications tab the citizen have a "Zug Digital ID" verification
- .
- https://medium.com/uport/first-official-registration-of-a-zug-citizen-on-ethereum-3554b5c2c238
- ministry of planning
- citizens can upload document for signature and notarization from other parties
- combination of public + private chain implementations
- notarization of documents via IPFS
- _______________________________________
- uPort documentation and getting started
- developer.uport.space
- all in one documentation website
- - learning guides & live embedded examples
- - libray documentation
- - app manager (register your app)
- - developer chat (Gitter)
- - engineering blog
- ________________________
- HOW TO SETUP FUCKIN DAPP
- we're gonna use truffle boxes they help you configure less
- fucking cool
- truffleframework.com/boxes
- npm install and shit
- we're using react-uport -> truffleframework.com/boxes/react-uport
- uport javascript libraries
- redux to manage the state we're requesting from people's smartphones
- attestations are not stored within centralized servers
- -> they are stored on people's smartphones
- request of attestation: you phone provides them
- $ truffle unbox react-uport // trhe 'truffle unbox' command does a lot. doesn't need 'npm install ...' and shit
- to register the dapp:
- https://appmanager.uport.me
- we're gonna create a new dapp, register on the ethereum blockchain
- and store some files about it on IPFS (inter planetary file system)
- approve:
- some smart contracts are gonna be deployed
- we're gonna register an identity on the ethereum blockchain
- we're gonna send a file through IPFS - via INFURA endpoint (they help dapps that you don't want to run the ethereum nodes -> quick connect to those nodes)
- this is a simple example, for demonstration purposes, so we're gonna put this on the browser
- but in non trivial applications, we want to keep it:
- hide it on a backend server, private server
- make request on that, sign transactions, despatch them back to the browser and shit
- $ npm run start
- this will spin up a local webpack server - that also includes hot reloading
- with this we can edit the code, add new stuff, etc.
- it will automatically rebuild itself -> and we're gonna be able to see those changes on the browser
- the uport-react box is simple: doesn't have menus and a lot of pages
- it is meant to show you how to login with uPort + consume some of the data (or information that comes with attestations)
- -> display that within the browser application, manage it via redux store
- code1: https://pastebin.com/raw/5f9MNxFf
- src > util > connector.js
- at the moment if you scan it, it won't do anything, cause code has nothing yet
- !!! the most important part is bring over your credentials
- this is what allow you to sign transactions from your dapp, to your smartphone, confirm those transactions and then send them back to the browser application
- in the code example we are showing the SimpleSigner key on the browser:
- great for demonstration purposes, great for hackatons... but not a best practice
- in fact is a NO NO PRACTICE:
- > people could take your simplesign key, pretend to be you - people can get tricked and shit
- code2: https://pastebin.com/raw/mVngHCe9
- now we just connected our uport react truffle box with the uport decentralized identity platform
- now is gonna do shit! :D
- network: 'rinkeby or ropsten or kovan',
- these 3 networks is because uport has deployed registries in multiple test nets
- so depending on your identity you have to specify
- now when we'll se a bigger QR code => more data being passed
- now the Dashboard shows a greeting page that you just logged in using uport :)
- code3: we are now requesting some data of the user
- https://pastebin.com/raw/VmCJkMMJ
- or
- https://pastebin.com/raw/DpYgCVzu add this code to function requestCredentials()
- src > user > ui > loginbutton > LoginButtonActions.js
- now uport will ask for your permission to show these data of you
- code4: let's show more user data
- src > layouts > dashboard > Dashboard.js
- on
- <p><strong>Congratulations, {this.props.authData.name}! </strong> ...
- add
- <p><strong>Congratulations, {this.props.authData.name} from {this.props.authData.country}! </strong> ...
- log in again...
- NOW WE'RE ON, MOTHAFUCKA! =)
- ----
- ok, but how do we get more information?
- attestations!
- uport allows you to make attestations so you can store more than just the name, country, phone, email... ON THE USER'S SMARTPHONE!
- you can store any amout of information that you want
- so in the future when you application needs it, you can show it :)
- awesome, huh?
- GETTING NINJA:
- https://developer.uport.me
- ------------------------------------------------------------------------------------------------------------------------------------------
- developing user-friendly Ethereum apps is hard
- . account management and login
- . onboarding new users without Ether/Gas
- . know your user / KYC
- . transaction history
- . reputation
- . key management
- _____________
- TO TALK ABOUT
- presentation
- account recovery
- account backup
- login into dapps
- credentials / reputation
- verifications
- badges
- ex: attending on devcon
- -> badge: attend on GoBlockchain uPort presentation (at the end)
- digital passport for crypto valley
- ======
- SLIDES
- https://www.youtube.com/watch?v=6bSOAl1i8bw
- https://www.youtube.com/watch?v=PmSWI6S4TkQ
- https://www.youtube.com/watch?v=z6n62j_JC1c
- https://www.slideshare.net/
- end
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement