Skip to content

0xCatBox/ETH-Seoul--SoulTag-Winner

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ETHSeoul-SoulTag

  • ETH Seoul 2022 Hackathon Results
  • Produced by Team Unchain

Used Technology Stack

Project Description

Ideas

from https://github.com/Nerolation/EIP-ERC-721-Stealth-Addresses/blob/271a3b4651f73bac9ec32621abb0eb1308a8c79f/eip.md

Reasons for creating this project:

We have recognized that too much of our personal information is abused in our daily lives. Our information is being processed and sold by unreliable third parties. But we are too defenseless on these issues. Blockchain has brought information transparency, but the protection of personal data has not yet been achieved. This is the biggest wall that blockchain has to overcome in order to be applied in reality. Our experimental protocol design makes it possible to achieve self-soverign identity (SSI) by delegating privacy and privacy rights to individuals. We make many things possible, such as data selling and rental, through this point. Also, this will solve the flaws of nft and maximize the performance. It is expected that many problems of the Defi ecosystem can also be solved based on the utilization of this protocol.

Methodology:

We propose a protocol that achieves both anonymity and confidentiality without using zkp. This protocol allows us to achieve SSI. There are two protocols we propose. One is a least-responsible protocol that does not use stealth addresses and has confidentiality and anonymity. The second is an irresponsible protocol that uses stealth addresses to maintain confidentiality and anonymity.

Why we don't use zkp

We personally prefer the lightweight method. When zkp is added, it becomes very computation heavy. From a user's point of view, you can selectively discard it from one Soul Tag(SBT) to create a Verification document, or you can combine multiple selected Soul Tags(SBT) to create a Verification document. zkp is very slow and uncomfortable, while our protocol becomes fast and comfortable.

1. Least Responsibility Protocol with confidentiality and anonymity without using stealth addresses

  • A protocol that can protect confidentiality and personal information by selectively disclosing the non-transferable NFT (Soul Bound Token) containing personal information, object identification, and personal information contained therein, and a recovery method were also presented. Through this protocol, we can achieve self-soverign identity (SSI).

  • In order to achieve SSI, two preemptive tasks must be resolved. It is anonymity and privacy. We use this protocol to achieve two things: minimal anonymity and privacy. In this case, minimum anonymity means anonymity that is difficult to specify off-chain. It is not intended to guarantee anonymity by using stealth addresses for unique identifiers on-chain.

  • The anonymity achieved by using a stealth address can achieve complete confidentiality, but I think that it is highly likely to be abused by society. So, we believe that at least the information of the departure and destination addresses to which the encrypted personal information is transferred should be disclosed. Therefore, while address disclosure is not completely confidential, it is a minimal line of defense against any potential abuse. Also, we encrypted the contents for authentication using an asymmetric key. The party who authorizes this uses their private key to sign and re-stores the document that discloses the public key, which is a signature verification method, on the block chain. Here, since claims are encrypted with the holder's private key, only the person in charge of the personal information can open it, so personal information control is completely possible. In addition, by selectively disclosing the sbt issued in this way in the future, sovereignty control over personal information can be achieved once again.

  • We envisioned a scenario in which we applied this protocol. Now the idea of this scenario stems from the discomfort we experienced when entering this hackathon venue. This problem is due to the primitive verification method. The names of the participants on the excel sheet and the participants themselves were asked. If the name you answered at that time and the name on the list match, you were allowed to enter. At this time, there were several participants from foreign countries who registered but had difficulties in entering because their names were lost from the list. Also, the possibility that someone enters by saying someone else's name cannot be ruled out. Therefore, security was very weak, and the possibility of losing my personal information could not be excluded if the list they had was lost. We also questioned the ability to identify ourselves by writing down our real names. This actually does not protect my personal information and allows it to be disclosed to anyone.

  • However, the Soul Tag (Sbt) issued by applying this protocol we made identifies us as a unique object, so if we only show this Soul Tag, we selectively show our identity information to guarantee the right to control my personal information You can receive and verify your identity. Also, during the hackathon, you can selectively disclose your information during ice-breaking time and prove to other participants that you are a participant in this hackathon.

2. Unresponsible protocol using stealth addresses to keep confidentiality and anonymity

  • This protocol achieves complete anonymity and confidentiality through stealth addresses that do not disclose addresses. Since the address cannot be specified, the personal information contained in the transmitted sbt can be completely protected. However, the problem is that people who use this protocol for malicious purposes are also untraceable. Therefore, in order to proceed in the right direction, it is recommended to use protocol 1 rather than this method using a stealth address. The difference between protocol 1 and protocol 2 is whether or not a stealth address is used.

The detailed preparation method of the protocol is as follows.

Manufacturing method

How to use the protocol

Applied in generality meeting

When you need to identify for a one-time event

1. One-time ticket to ensure anonymity and authenticate yourself

Method: Personal information protection authentication can be achieved by issuing a one-time ticket sbt and disclosing the minimum information required for authentication.

2. One-time ID that can guarantee anonymity and authenticate yourself

Method: One-time identification card for refugees (refugees can achieve identification and anonymity only with the sbt issued by itself)

3. Anonymous Electronic Voting

Method: Because transfer is impossible, their rights cannot be transferred and only sbt ownership can identify them.

Organize

As a methodology for achieving SSI, we presented two protocols. Achieving SSI requires reconciling anonymity and confidentiality. This protocol presents a solution that can solve the fundamental problems of the nft and defi ecosystems. Additionally, it may be difficult for the establishment of SSI to find a connection point for a solution to the problem of defi and nft. However, if you apply sbt to reality as above, you will understand naturally.

Usage

cd dapp
npm install
npm install hardhat
npm hardhat compile
npm start

Tracks we participated in

Main Tracks

  • Creativity
  • Public Goods
  • dApps
  • Privacy & Scaling
  • etc

Sponsor Tracks

  • IPFS & Filecoin

Pinata storage

Contributers

  • Team Unchain

Example Images

스크린샷 2022-08-11 오후 11 18 35

스크린샷 2022-08-11 오후 11 19 49

Presentation Images

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

스크린샷 2022-08-11 오후 11 19 49

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 90.4%
  • CSS 5.0%
  • Solidity 3.2%
  • HTML 1.4%