4thTech approach to Web3 multi-chain identity for end-users & organizations (May 2022)
The Web2 reality as we know it did not prove sustainable, as personal data manipulation by the corporate giants is just not acceptable. Unlike Web2 where our identities are disclosed and locked by the intermediaries, the decentralised Web3 on-chain identities (i.e. dID) need no third party, are portable and completely anonymous until and if the users decide to tie them to the off-chain identity. Web3 identities are born with the creation of a wallet account that represents the user’s decentralised identifier. Users can interact with permissionless Web3 on-chain systems using the same wallet account without revealing their physical identifiers like phone numbers or email addresses. Wallet KPI core infrastructure enables anonymous identity as a default. Due to specific requirements of 4thTech W2W communication protocols (i.e. dMail, dChat, dNotary) where data is being exchanged and confirmed between wallets, a custom wallet framework had to be developed which enables UI-platform, UI-staging and White-labels UIs access. Users can transact and communicate using the same wallet account across multiple dApps (i.e. dMail, dChat, dNotary) as their anonymous on-chain identity is seamlessly transferable between them. Every wallet becomes a user on-chain identity and data vault that only the user controls. Furthermore, the 4thTech wallet framework (i.e. FOURwaL) supports multi-chain accounts and serves as a dID on Ethereum, Tolar HashNet, Edgeware, Solana, Moonbeam, Tron & Evmos.
FOURwaL dID
Web3 wallet is a device, program or service which stores the public and/or private keys and can be used to represent on-chain decentralized identity, track ownership, and receive or send cryptocurrencies, NFTs or other data. Up to now, Web3 wallets were mostly used for cryptocurrency asset holding and exchange. The FOURwaL is a Chromium and Firefox Web3 extension that enables you to create multi-chain wallet accounts on Ethereum, Tolar HashNet, Edgeware, Solana, Moonbeam and Tron public blockchains (i.e. multi-chain wallet accounts also act as anonymous users dID). FOURwaL is a non-custodial wallet, which means that the user has sole control over their private keys and sole access to received data in the form of dMail, attachments or messages.
With a single purpose, the FOURwaL enables users dID and acts as a unique tool for 4thTech and White-label partner UI access. It provides a secure way to connect to 4thTech products and protocols (i.e. dID, dMail, dChat, dNotary) as it contains a pair of public and private cryptographic keys. A public key allows; (1) RSA encryption of data; (2) screening of recipient wallet addresses (i.e. Ethereum, Tolar HashNet, Edgeware, Solana, Moonbeam, Tron, Evmos); (3) for other wallets to execute 4thTech services to the desired wallet’s address, whereas a private key enables the decryption of received communication such as data files and short messages from the sender address. With the exception of the backup and restore function, all the wallet account management is available within the UI platform.
dID, on-chain identity protocol
Because we are dealing with data exchange and not asset exchange, there is no off-chain ID connection needed between the user and his or her off-chain identity. 4thTech enables users to exchange data in the form of dMails or on-chain messages without revealing any of their off-chain identifiers such as phone numbers or emails. dID connects wallets when data is exchanged. It serves as the public key exchange point between users (i.e. the data sender needs a public key of the receiver) and enables on-chain identity needed for W2W dMail & dChat communication. The protocol also enables a self-sovereign framework of data (i.e. data files and metadata) authorisation and ownership representation. All ID processes are fully automated and decentralised by their design, thereby enabling users to have full control and ownership of any data that may be connected with them.
🧲 Advantages; (1) blockchain is used as a trust mechanism; (2) permissionless onboarding, and; (3) multi-chain support (i.e. Ethereum, Tolar HashNet, Substrate Edgware & Moonbeam, Solana, Tron, Evmos).
dID TestNet
dID for end-users is available as a part of non-custodial FOURwaL, UI-platform and UI-staging. The protocol is deployed in production and powers the 4thTech multi-chain dMail, dChat & dNotary communication protocols.
🔗 FOURwaL Chromium DL
🔗 FOURwaL Mozilla DL
🔗 UI-platform login
dID for organisations
Opposite to permissionless identity used by end-users in a decentralised Web3 environment, organisations need a connection between off-chain and on-chain identity. If using decentralised blockchain technology, organisations need to be able to identify and verify the recipients of the sent data or assets. 4thTech approached this issue by enabling the connection of the off-chain X.509 digital identity with on-chain dID. The 4thTech on-chain identity can now be verified using users’ off-chain X.509 digital identity certificate. The connection process is executed off-chain and managed by the organisation admin, so it complies with existing online regulations.
Backend validation
$certInfo = (object) $user->certificate_info;$siTrustAuth = new SiTrustAuthentication(
$certInfo->serialNumber,
'SIGEN-CA',
'',
'',
$user->tax_number
);
$verificationData = $siTrustAuth->verify();
💡 Note: As X.509 digital certificate standard is widely supported across Europe, the solution can be easily adapted to all counties using the same certificate standard. X.509 standard digital certificate can be used for data encryption, notarization of signed data, digital signature, digital identity verification and timestamp. With various European Union certificate publications, the X.509 standard is widely used and as such appropriate for blockchain digital identity integration. The X.509 Public Key Infrastructure is also approved by eIDAS (i.e. electronic IDentification, Authentication and Trust Services).
X.509 connection process can be divided into four sections;
- the user selects the X.509 standard (i.e. installed on the user’s computer) qualified digital certificate, associated with the individual or organisation;
- A simple KYC form is completed with the certificate holder's name, last name and tax number;
- dID prepares and sends WSDL requests in a SOAP envelope via HTTP POST protocol to the government-managed automated service (i.e. the issuer of the X.509 certificate), which replies with the verification. If the user’s tax number corresponds with the qualified digital certificate serial number, the user is successfully verified;
- A link is created by the dID between the user’s X.509 digital certificate and its FOURwaL wallet address.
dID testing for organizations
Usually, staging is set up to replicate the production environment, test code or updates to ensure quality under a production-like environment before application deployment. In most cases, staging is not open to the public domain. This was also the case for 4thTech, but with the need for Enterprise testing, Staging now serves as a pilot platform and is open to the public. Anyone can now test 4thTech solutions including dID.
Even though the 4thTech Staging environment is a replica of the production environment, there are still some key differences such as; (1) different web platform access links (staging.4thtech.io instead of app.4thtech.io); (2) the production environment uses public MainNet blockchains, while Staging uses TestNets and pilot DLT network SI-Chain; (3) production environment transactions use valuable MainNet tokens for gas, as Staging uses free TestNet tokens, and; (4) staging enables testing of the dID X.509 identity
💡 Note: dID X.509 testing is currently enabled only in Slovenia where test verification connection is enabled between SI-Trust infrastructure. The protocol is interoperable with the EU-Trust framework, and small differences in the installation and verification process may vary.
🔗 FOURwaL Chromium DL
🔗 FOURwaL Mozilla DL
🔗 UI-staging login
Disclaimer
All content provided herein, including but not limited to text, graphics, logos, and images (the “Content”), is the property of Block Labs Luxembourg S.a r.l., a legal entity established under the laws of the Grand Duchy of Luxembourg, registered with R.C.S. Luxembourg under N B263508 at the following address: 41, rue du Puits Romain, z.a. Bourmicht (Atrium Business Park), L-8070 Bertrange, Luxembourg (the “Company” or “we”). It is protected by copyright and other laws that protect intellectual property and proprietary rights. You are granted a non-exclusive, non-transferable, revocable license to access and use the Content for the sole purpose of obtaining information about the 4thTech technology and other educational purposes. We have done our best to ensure that the Content is accurate, updated, complete, and provides valuable information, but neither do we guarantee nor take any responsibility for its accuracy and/or completeness. The Content is not intended as, and shall not be understood or construed as legal, financial, tax, or any other professional advice, sale or offer for sale of any securities, and/or crypto-assets. The Company is not engaged in rending of and/or is not licensed to render any of the crypto-asset services and/or financial services, such as investment or brokerage services, capital raising, fund management, or investment advice.
