Was talking to some friends who were versed in the privacy and security space, and introduced them to Atala Prism. The immediate red flags they brought up was the lack of open source information and concentrated data storage. So i was wondering if there’s more information on this that could be shared that i don’t already know.
First, is Atala Prism Open Source?
Second, would someone be capable of creating multiple accounts so to speak, or separating their data so as to avoid Meta-Data leaks?
Prism member here.
We do have to make most of it open source, at least the necessary stuff to let people build products on our ecosystem, we should do so incrementally, unfortunately, I have no dates.
About multiple accounts, individuals by default get a new private DID while interacting with a new entity.
Thx for sharing this with us. Do you guys designing a new did method or using some already existing one such as did:peer or similar. If it is a new did method then will it be blockchain agnostic or tight coupled to some chain assuming Cardano’s?
Right now we have our own did:prism method, as we are still refining details about the overall protocol, we haven’t tried publishing it.
While we initially built everything on top of Bitcoin, lately, we are focusing only on Cardano, while there are discussions to stay ledger-agnostic, I can’t confirm if we’ll do that in the short term.
Thx, also will you guys implement verifiable credentials bundled with blinded link secrets? If you implement vc will it support zero knowledge proofs? Is did:prism based on some prior method(s) or written from scratch?
There are no plans for blinded link secrets yet, also, we are delaying zero knowledge proofs on vc to the future.
As we are working on incremental changes, we will likely start with selective disclosure based on merkle trees at first.
Thx for sharing these with us. That would be nice if we could have some sight/access to the did:prism method spec even if it’s in a very early stage.
I’d be happy to do so once we have something to share.
That’s ok thx.
That merkle tree selective disclosure is interesting, but in that case where the data would be stored? In some issuer’s (e.g. IOG) server or on the chain (very unlikely and highly not recommended)?
Sorry for being to pushy, but how did doc from a DID resolution would work ? Similar to Bitcoin?
Because, you mentioned that it was initially built on top of the Bitcoin, that means, afaik, that the method specific id of the DID contains a bitcoin transaction details, and that tx’s input (UtxO is the public key) of the DID doc, and it’s resolved by some URL embedded in one of the some tx’s output as metadata.
And that metadata contains some URL or similar to a service for resolving the DID doc.
Will, it the same?
That merkle tree selective disclosure is interesting, but in that case where the data would be stored? In some issuer’s (e.g. IOG) server or on the chain (very unlikely and highly not recommended)?
Whether selective disclosure or not, the data can’t be stored on-chain due to privacy reasons, it is generally driven from a peer to another peer by sending end to end encrypted messages through a middle server.
Institutions have a specific web app where they store the data from people, as well as the credentials they issue/receive, such web app should run on the institution’s infrastructure, and they are in charge of protecting such information.
When a credential is shared to the mobile apps, the app keeps it locally, so that it can share it later with other peers/institutions.
Sorry for being to pushy, but how did doc from a DID resolution would work ? Similar to Bitcoin?
For the first stage, we’d have a separate service that allows resolving our DIDs, the goal is to eventually get our DID Method registered so that it can be resolved from the universal-resolved from DIF.
It is not really related to Bitcoin, while it was supported initially, we haven’t actively worked on that for months, and are fully focused on Cardano.
Because, you mentioned that it was initially built on top of the Bitcoin, that means, afaik, that the
method specific idof the DID contains a bitcoin transaction details, and that tx’s input (UtxO is the public key) of the DID doc, and it’s resolved by some URL embedded in one of the some tx’s output as metadata.
While this is a possibility, all the data related to the Prism protocol doesn’t depend on the underlying ledger, hence, it doesn’t matter which address posted the Prism data, we just take data and process the keys that came there.
And that metadata contains some URL or similar to a service for resolving the DID doc.
There are no URLs (or service endpoints) involved, yet, those will likely be required when registering our DID method.
Yes, thx I am quite familiar /w Did specifications and following them for many years now, but I was not and still not clear how prism would work in details for users (not for Georgian gov) but User (e.g. Users center in Daedalus, that CH mentioned sometimes in some of his AMAs). I am asking cos I would not like to see some locked solution in the decentralised nature of SSI.
Anyway, what I could decipher or assume, is that IOG would have some centralised repo for containing user details, users would create some did based on some their wallet’s key, retrieving some VC (signed by IOG’s did’s - stored on chain - priv key) through some IOG’s web server and stored in the holders/prover/user wallet/app and the verifier (other user) could verify through Cardano blockchain.
But, I would like to know the nitty-gritty of Prism, cos there are some use-cases which would be very helpful (did based contacts of ADA users as an example i.e. some merchant-user (even user-user) relationship that could generate some automatic payment code based on some private pairwise DID.
I would (I can eve say we the community who understand SSI) not like see that IOG would create on its own DID ecosystem, despite there is a tremendous of effort and work has done in the last 5 years in SSI community. Like hyperledger (I know IOG is member) indy -aires -usra etc, evernym, sovrin, DIF etc., with some huge companies like Microsoft, IBM etc., wit a lot of good stuff like VC, DID Auth, DKMS/DKMI and DID).
So, I am not sure what IOG are trying to achieve, as these companies (with hundreds of developers coding for years in SSI) are far-far beyond of IOG’s Prism I think, so I do not know where to place the Prism.
Yep, makes sense, and looking forward for the DID method spec.
A very good point. The entire point of prism if it is to promote DID they need to work with the open source community rather than the closed wall approach till now. If Cardano thinks that they will beat the open source community in such things then it is just a big illusion. Given that big players like Microsoft is entering the space, the only natural thing I would think of , is to now publish DID specs (https://w3c.github.io/did-spec-registries/#did-methods) here. I hope these words fall on the ears of IOG so that adoption of cardano can be on track !
As of now, I’m not involved in the Daedalus integration, but, to my knowledge, the goal is to keep most details decentralized, so that as a user, you can claim your DID, have your contact list, and use Daedalus to be able to send money easily to your contacts, as well as to share credentials, all of this powered by prism.
There are no plans for such centralized repo, the goal is to keep prism as decentralized as possible.
Even that I’m not very involved in that, I understand that will be the case (take this with a grain of salt).
We do currently participate in the DIF, and there are some small improvements proposed to them, at the end, our goal is work with those specs, we just need time.
As a personal opinion, we are building some end products that happen to require SSI, hence, in order to deliver sometimes we need to make compromises, like deviating a bit from the W3C specs, etc, we are not trying to reinvent anything, lots of the stuff we have is very similar, and we have plans to get to those specs.
Agree, internally, no one believes we can beat the open source community, we need to build this together given the necessary time, even inside the DIF, there are many members with very different implementations.
Cool thx, I am eager to see the did:prism and the related stuffs when it is available. Anyway, thx for sharing these with us.
thanks for clarification. Looking forward to build DID based apps on cardano. Would help if we get the necessary documentation for the same or atleast some libs in common man’s language such as golang, java, js/ts, scala etc. !
We are currently working on our SDK, which should provide the necessary tools to build on top of prism, as of now, it targets JavaScript/Java/Scala/Android, we have plans to build one for Swift (iOS) later.
We plan to provide the necessary test vectors for the core functionality, so that if anyone is willing to, integrating a new language shouldn’t be difficult.
In any case, I hope we can open source this soon.
Cool. Given the fast response i am sure we will reach this goal soon! Let Cardano see the light of the day.