Category

Hyperledger Indy

Hyperledger Indy Graduates To Active Status; Joins Fabric And Sawtooth As “Production Ready” Hyperledger Projects

By | Blog, Hyperledger Fabric, Hyperledger Indy, Hyperledger Sawtooth

By Steven Gubler, Hyperledger Indy contributor and Sovrin infrastructure and pipeline engineer

The Hyperledger Technical Steering Committee (TSC) just approved Indy to be the third of Hyperledger’s twelve projects to graduate from incubation to active status.

This is a major milestone as it shows that Hyperledger’s technical leadership recognizes the maturity of the Indy project. The TSC applies rigorous standards to active projects including code quality, security best practices, open source governance, and a diverse pool of contributors. Becoming an active Hyperledger project is a sign that Indy is ready for prime time and is a big step forward for the project and the digital identity community.

Hyperledger Indy is a distributed ledger purpose-built for decentralized identity. This ledger leverages blockchain technology to enable privacy-preserving digital identity. It provides a decentralized platform for issuing, storing, and verifying credentials that are transferable, private, and secure.

Hyperledger Indy grew out of the need for an identity solution that could face the issues that plague our digital lives like identity theft, lack of privacy, and the centralization of user data. Pioneers in self-sovereign identity realized we could fix many of these issues by creating verifiable credentials that are anchored to a blockchain with strong cryptography and privacy preserving protocols. To this end, the private company Evernym and the non profit Sovrin Foundation teamed up with Hyperledger to contribute the source code that became Hyperledger Indy. The project has advanced significantly due to the efforts of these two organizations and many teams and individuals from around the world.

A diverse ecosystem of people and organizations are already building real-world solutions using Indy. The Sovrin Foundation has organized the largest production network powered by Indy. The Province of British Columbia was the first to deploy a production use case to the Sovrin Network with its pioneering work on Verifiable Organizations Network, a promising platform for managing trust at an institutional level. Evernym, IBM, and others are bringing to market robust commercial solutions for managing credentials. Many other institutions, researchers, and enthusiasts are also actively engaged in improving the protocols, building tools, contributing applications, and bringing solutions to production.

The team behind the project is excited about current efforts that will lead to increased scalability, better performance, easier development tools, and greater security. User agents for managing Indy credentials are under active development, making it easy to adopt Indy as an identity solution for diverse use cases.

If you’d like to support Indy, join our community and contribute! Your contributions will help to fix digital identity for everyone. You can participate in the discussions or help write the code powering Indy. Together, we will build a better platform for digital identity.A

Hyperledger Welcomes Nine New Members to its Expanding Enterprise Blockchain Community

By | Announcements, Hyperledger Fabric, Hyperledger Indy

Advances Collaboration with Growing Portfolio of Working Groups and Cross-Industry Special Interest Groups

SAN FRANCISCO (March 27, 2019) Hyperledger, an open source collaborative effort created to advance cross-industry blockchain technologies, today announced that nine organizations  have joined the community. The new members, which includes the first general members from Malaysia and Saudi Arabia, further strengthen the global support for the leading enterprise blockchain project.  

Hyperledger is a multi-venture, multi-stakeholder effort hosted at the Linux Foundation that includes various enterprise blockchain and distributed ledger technologies. With the support of its fast-growing and increasingly diverse community, the organization announced the expansion of its portfolio of Special Interest Groups (SIGs), with the addition of the Hyperledger Social Impact SIG, Hyperledger Trade Finance Special Interest Group and, most recently, Telecom SIG. Hyperledger also welcomed the Smart Contract Working Group. Additionally, Hyperledger released two case studies offering a detailed look at Walmart’s unprecedented advancement of the food supply chain industry using Hyperledger Fabric and British Columbia’s efforts to cut government red tape with Hyperledger Indy.

“Our growing line-up of members and cross-community and cross-industry groups all point to the value of collaborative development, particularly for enterprise blockchain technologies,” said Brian Behlendorf, Executive Director, Hyperledger. “As our Walmart and British Columbia case studies demonstrate, blockchain creates common ground for a network of stakeholders, adding value for everyone in the process. We view our community-based, open source approach in the same light, encouraging cross-industry collaboration at every turn. We welcome our newest members and look forward to their contributions to the community’s efforts.”

Hyperledger allows organizations to create solid, industry-specific applications, platforms and hardware systems to support their individual business transactions by offering enterprise-grade, open source distributed ledger frameworks and code bases. The latest general members to join the community are Altavoz, Flowchain, Limar Global, PeerNova, Inc., Quant Network, ReGov Technologies Sdn. Bhd, Securitize and Silicon Valley Bank.

Hyperledger supports an open community that values contributions and participation from various entities. As such, pre-approved non-profits, open source projects and government entities can join Hyperledger at no cost as associate members. Associate members joining this month include Auburn University RFID Lab.

New member quotes:

Altavoz

“When Altavoz began accepting Bitcoin in 2013, we came to understand the importance of blockchain through the forest of cryptocurrencies,” said Altavoz CEO Nelson Jacobsen. “This led to work with the entertainment trade group, MusicBiz.org, on crypto and blockchain educational issues for artists, labels and music distribution companies. Joining the Linux Foundation and Hyperledger is the right next step for the growth of blockchain in the entertainment industry, and we look forward to being a part of Hyperledger’s efforts to create an open standard for distributed ledger technology.”

Flowchain

“Flowchain is excited to be a Hyperledger member,” said Jollen Chen, founder & CEO, Flowchain. “As a distributed ledger for peer-to-peer IoT networks and real-time data transactions, Flowchain’s design and architecture achieve advanced performance in both time and messages size compared to traditional distributed ledger technologies. By joining Hyperledger, Flowchain is ready to move to the next level and build up more application scenarios for IoT and AI industries. We are also looking forward to collaborating with more open-source based teams to evolve blockchain solutions.”

Limar Global

“We are pleased to join Hyperledger and to be the first Saudi company to join this global member community,” said Abdulellah M. Alnahdi, co-founder/director of Limar Global Technology. “Our team has been inspired by the Vision of 2030 for digital transformation of our country.  Limar Global Tech aims to be a leader in the technological developments of Saudi Arabia and we realize that Hyperledger is the perfect community for our government and private sector to leverage for this digital transformation. We strive to bring forth the best for our people and working with the Hyperledger community will allow us to accelerate the use of DLT in our country. Whether its eHealth, Supply Chain management, or government services, we strive to adopt use cases that will ultimately make people’s lives easier. Our mission is to simplify life with advanced technologies and to help create a digital state that serves the greater good in our country. We look forward to collaborating with the Hyperledger community members and contributing to the greater cause of trusted networks.”

PeerNova, Inc.

We are excited to join the Hyperledger community,” said Gangesh Ganesan, PeerNova President & CEO. “Our Cuneiform® Platform is built on principles of interoperability across existing financial and market infrastructures. Joining the Hyperledger community allows us to continue developing a solution that works seamlessly with internal, external, and all emerging DLT networks to achieve end-to-end visibility in real-time while ensuring privacy and confidentiality.”

Quant Network

“We are honored to join Hyperledger and the Linux Foundation to contribute to open source software and provide domain expertise,” said Gilbert Verdian, CEO and founder, Quant Network. “We see the immense value of collaborating to bring mass adoption for blockchain technology and contributing with our Overledger operating system, which helps unlock the potential of blockchain technology by addressing interoperability between blockchains as well as existing networks. Our work is driven by the belief that collaboration makes the blockchain ecosystem stronger, which is why the majority of our code is open source. We believe it’s crucial to support the development of DLT solutions and Hyperledger projects for enterprises and developers. We are excited to join this community to both contribute and help customers and users around the world benefit from this transformational technology.”

ReGov Technologies Sdn. Bhd.

“We are excited to be the first general member of Hyperledger in Malaysia,” said Datuk Paul Khoo, Founder and CEO of ReGov Technologies Sdn Bhd. “The goal is to infuse and grow the capabilities of Hyperledger within the Malaysian public and private sector to build trust and accountability while streamlining processes to reduce cost. Leveraging the ecosystem of Hyperledger, ReGov will drive change using this next-generation technology to improve transparency and governance within all organisational spheres in Malaysia.”

Securitize

“At Securitize, we believe all financial products will eventually adopt blockchain,” said Carlos Domingo, CEO & co-founder, Securitize. “As a leading technology platform for financial products, we see our membership in Hyperledger as a logical, evolutionary step in order to properly provide services to financial institutions on both permission-based and private blockchains.”

Silicon Valley Bank

“We could not be more excited to join the Linux Foundation and Hyperledger and do our part to advance the Open Source community,” said Dave Kochbeck, Chief Scientist, Silicon Valley Bank. “As the leading financial services institution for the innovation economy, it is critically important that we go beyond the transaction to engage deeply in the technical communities that will help shape the future of financial services and how we work with and support our clients.”

About Hyperledger

Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration including leaders in finance, banking, Internet of Things, supply chains, manufacturing and Technology. The Linux Foundation hosts Hyperledger under the foundation. To learn more, visit: https://www.hyperledger.org/.

Reducing Government Red Tape: British Columbia Creates New Business Identity Model with Hyperledger Indy

By | 网志, Hyperledger Indy

In Canada, starting a new business can be like navigating a maze with three levels: local, provincial, and federal. A helpful checklist on starting a business in Canada offers 60+ links to explore. All this red tape frustrates entrepreneurs and governments alike.

To lighten that burden, teams from the governments of British Columbia (BC), Ontario and Canada have started an ambitious project to fight red tape using decentralized identities and trusted credentials. They are jointly building the Verifiable Organizations Network (VON), to provide an open source software stack that helps business people establish trusted and enduring digital identities and speed up applying for permits and licenses from government agencies.

The first project to emerge is OrgBook BC, an online directory that makes finding authentic and authoritative data about companies faster and easier. Launched in January of 2019, it is designed to reduce the time to do due diligence on a new supplier or client from hours down to a few seconds.

Of course the path to this launch included a number of key development challenges, strategic technology choices and partnership across governments and the larger Hyperledger community. For more on all of these steps, check out this detailed case study.

Now that OrgBook BC is live, the VON goals are expanding the applications, growing the footprint and encouraging more jurisdictions to use the software stack until the network effect takes hold. To get the larger developer and business community engaged, the team is hosting BootCampBC as part of #BCTechSummit. The Honourable Jinny Sims, Minister of Citizens’ Services and MLA for Surrey-Panorama, will be opening the event, underscoring the government’s commitment to driving the growth and adoption of VON.

BootcampBC, hosted by technology leaders from Hyperledger Indy, Verifiable Organizations Network (VON) and the Sovrin Foundation, will cover the concepts of self-sovereign identity and guide participants through building their own Hyperledger Indy agent to verify and issue verifiable credentials using VON’s technology.

All Are Welcome Here

By | 网志, Hyperledger Burrow, Hyperledger Fabric, Hyperledger Indy, Hyperledger Iroha, Hyperledger Sawtooth

A Minneapolis coffee shop that has fueled or at least caffeinated a lot of Hyperledger commits.

One of the first things people learn when coming to Hyperledger is that Hyperledger isn’t, like it’s name may imply, a ledger. It is a collection of blockchain technology projects. When we started out it was clear almost immediately that a single project could not satisfy the broad range of uses nor explore enough creative and useful approaches to fit those needs. Having a portfolio of projects, though, enables us to have the variety of ideas and contributors to become a strong open source community. Back in January of 2016 Sawtooth and Fabric were both on the horizon followed shortly by Iroha, but we wouldn’t have predicted that we would have Hyperledger Burrow and Hyperledger Indy – two projects that bear no resemblance to each other. Burrow is a permissioned Ethereum-based platform and Indy is a distributed identity ledger. Burrow is written in Go, and Indy was created in Python and is porting to Rust.

Both of these platforms are interesting in their own rights, but Hyperledger is even more interesting for the combination of these projects with the others. Both Sawtooth and Fabric have already integrated with Burrow’s EVM. Now Hyperledger has a set of offerings that can simultaneously satisfy diverse requirements for smart contract language, permissioning, and consensus. Likewise Sawtooth and Indy have been working together at our last several hackfests. The results of that may unlock new use cases and deployment architectures for distributed identity. So it’s not that our multiplicity of projects has given us strength through numbers, but rather strength through diversity.

Hyperledger Hackfest – December 2017 at The Underground Lisboa

The hackfests that we mentioned are one of the rare times that we get together face to face. Most of our collaboration is over mail list, chat, and pull-requests. When we do get together though it’s always in a new city with new faces. One of our most recent projects was hatched inside one of those buses. It wasn’t the most ergonomic meeting I’ve ever had but there was room for everyone on that bus.

Hyperledger Hackfest in Chicago

Our hackfest in Chicago was in a lot more conventional surroundings (still a very cool shared creative space .. lots of lab equipment and benches out of view on the other side of the wall to the right). Looking back at this photo is fun for me. I can see a lot of separate conversations happening at each table… people sharing different ideas, helping ramp new contributors, working on advancing new concepts with existing contributors. I can see a lot of similarity but also a little variety. It’s a busy room but there’s still open chairs and room for more variety.

Our next hackfest won’t be until March 2019 (Hyperledger is hosting Hyperledger Global Forum in December in Basel though). The March hackfest will be somewhere in Asia – location to be settled soon. The dates and locations of the other 2019 hackfests aren’t set yet. I don’t know where they will be specifically, but I do know that there will be a seat available and you will be welcome there.

These face to face meetings really are more the exception than the rule at Hyperledger. There are now more than 780 contributors spread all across the globe. 165 of those were just in the last few months. That means that every day we have a new person contributing to Hyperledger. Most of our engagement is through the development process. People contribute bug fixes, write new documentation, develop new features, file bugs, etc. If you’ve never contributed open source code before getting started might be intimidating. We don’t want it to be, though. There are a number of resources to help you get started. You can watch this quick video from Community Architect, Tracy Kuhrt. There’s documentation for each project, mail lists, a chat server, working groups, and some of the projects even host weekly phone calls to help new developers get engaged. Everyone in Hyperledger abides by a Code of Conduct so you can feel comfortable knowing that when you join any of those forums you will be treated respectfully. Anyone who wants to get involved can regardless of “physical appearance, race, ethnic origin, genetic differences, national or social origin, name, religion, gender, sexual orientation, family or health situation, pregnancy, disability, age, education, wealth, domicile, political view, morals, employment, or union activity.” We know that to get the best ideas, best code, best user experience we need your involvement. Please come join our community.

Image created by https://allarewelcomehere.us/ for Hyperledger

As always, you can keep up with what’s new with Hyperledger on Twitter or email us with any questions: info@hyperledger.org.

Five Hyperledger Blockchain Projects Now in Production

By | 网志, Hyperledger Fabric, Hyperledger Indy

IT leaders have been hearing a lot about blockchain and its potential in the enterprise for the last few years, but until now they may not have heard much about how it is actually being used today for real-world business processes inside and between enterprises. So, we compiled this list of five intriguing, Hyperledger blockchain initiatives that are in production today across a wide range of industries, including food supply, fine art, insurance, aviation and accounting.

  1. Food source tracking using blockchain

Ensuring the safety and quality of a vast portion of the nation’s food supply is a huge undertaking, especially since incidents have occurred over the last several decades in which consumers have become sickened or died after eating tainted foods. IBM Food Trust is powered by Hyperledger Fabric to create unprecedented visibility and accountability in the food supply chain. It is the only network of its kind, connecting growers, processors, distributors, and retailers through a permissioned, permanent and shared record of food system data.

The IBM Food Trust network represents the continuation of more than a year of pilot tests with major retailers and food suppliers, including Golden State Foods, McCormick and Co., Nestlé, Tyson Foods and Wal-Mart Stores Inc. These companies formed a consortium in collaboration with IBM to use its food safety blockchain in order to protect consumers and enhance trust the food supply.

The solution provides authorized users with immediate access to actionable food supply chain data, from farm to store and ultimately the consumer. The complete history and current location of any individual food item, as well as accompanying information such as certifications, test data and temperature data, are readily available in seconds once uploaded onto the blockchain. Learn more here.

2. Blockchain for the airline industry

To help airlines improve passenger ticketing processes, NIIT Technologies developed its new Chain-m blockchain application using Hyperledger Fabric that can report on a wide range of critical information, from the number of tickets sold to fare amounts, commissions, taxes collected and more. Using a web-based interface, Chain-m adds transparency to ticketing processes, which is expected to help improve record-keeping, save money and improve security and agility in a complex business.

3. Follow the trail of Cambio Coffee with blockchain

Direct trade organic coffee seller Cambio Coffee provides a clear, traceable supply chain path for its products–from harvesting to roasting, packaging, and shipping–so customers could learn the exact details of what they are buying and drinking. To do that, the company began adding QR scan codes from ScanTrust to its coffee packaging, which when scanned records those details onto a Hyperledger Sawtooth blockchain network. Tying the QR codes together with the blockchain data lets coffee buyers scan the codes to see exactly where their coffee originated and how it arrived to their local store and into their grocery carts. The idea, according to Cambio Coffee, was to give its customers trust in its products and to provide transparency and traceability throughout their journey to customers. Watch the webinar here to learn more.

4. Blockchain for better enterprise operations management

China’s largest retailer, JD.com, offers its own JD Blockchain Open Platform to help enterprise customers streamline a wide range of operational procedures by creating, hosting and using their own blockchain applications. The platform uses Hyperledger Fabric and is an expansion of the company’s Retail-as-a-Service strategy, which offers some of its own internal initiatives to other companies as a service. The China Pacific Insurance Company is using the platform to deploy a traceable system for e-invoices, which are official receipts required in China for business. The system strengthens the security governance of e-invoices by applying unique blockchain IDs to each document, increasing efficiency and streamlining the accounting process, according to the company.

The platform allows users to create and update smart contracts on public and private enterprise clouds, while also enabling companies to streamline operational procedures such as tracking and tracing the movement of goods, charity donations, authenticity certification, property assessment, transaction settlements, digital copyrights and more.

5. Blockchain for insurance compliance data

Insurance companies are required to regularly report a significant amount of regulatory data that is subject to a wide range of compliance requirements and must be shared securely with regulators. The American Association of Insurance Services, a not-for-profit insurance advisory organization, has developed openIDL (open Insurance Data Link), which is designed to automate insurance regulatory reporting. Built on IBM Blockchain thus powered by Hyperledger Fabric, openIDL can help streamline regulatory and compliance requirements while improving efficiency and accuracy for both insurers and state insurance departments. The openIDL is the first open blockchain platform focused on the collection and sharing of statistical data between insurance carriers and regulators, according to the group. Using this blockchain network, insurers can contribute data directly onto the secure platform, which satisfies state regulatory requirements, while historical and current data is stored on an immutable blockchain ledger. Regulators are then provided permissioned access to view only the information they need to see for compliance purposes.

If you’re interested in learning about other ways Hyperledger technologies are used today to solve interesting problems, you can read through our case studies and/or visit the Blockchain Showcase.

(10.1.18) InfoQ: Implementing Privacy by Design in Hyperledger Indy

By | Hyperledger Indy, News

In a recent Hyperledger blog post, Daniel Hardman talks about Hyperledger Indy and its ‘Privacy by Design’ approach to address decentralized identity management. Unlike many systems that add privacy to their product or service after the fact, Hyperledger Indy has been built using a privacy first approach. As the world shifts to more regulation, including GDPR and ePrivacy requirements, Indy can minimize the amount of details a user shares when having their data validated by a third-party system.

More here.

Privacy By Design in Hyperledger Indy

By | 网志, Hyperledger Indy

The Scope and Limits of Indy’s Privacy Tech

Guest post: Daniel Hardman, Evernym

Privacy is a hot topic in blockchain circles–and across the entire digital landscape. GDPR, ePrivacy, and similar regulatory regimes have the world thinking hard and smart. Modern systems must bake privacy into their DNA; it can’t be bolted on after-the-fact. I’ve written elsewhere about why this is true, and how it must be done–and I’ve spent the last couple years helping Hyperledger Indy embody all the privacy goodness I know. I’m encouraged to hear a swelling chorus of blockchain practitioners opine that certain things must NOT go on a blockchain.

Perhaps you have heard a claim that Indy “solves” privacy. Or perhaps you’ve seen skeptics roll their eyes, muttering about how we’re all going to be correlated by the surveillance state, no matter what we do.

The truth is that both of these perspectives distort reality. Indy does offer some wonderful features to aid privacy, and these features matter! But institutions are certainly going to know some things about us, no matter what Indy does. Indy can minimize this in exciting ways. Nonetheless, what privacy we have, now or in the future, will emerge from a combination of technology, social and legal constructs, market forces, and human behavior; it can’t be trivialized as a tech problem.

What “Privacy Tech” Are We Talking About?

Today, Hyperledger Indy’s approach to privacy includes elliptic curve cryptography, pairwise DIDs, semi-trusted agents, agent-to-agent communication using techniques such as libsodium’s sealed box and authenticated encryption, zero-knowledge proofs, a separation between credentials and proofs, privacy-preserving credential revocation features, an affinity for data and key storage at the edge, and a carefully constructed wallet interface that manages personal secrets with industry best practices. In addition, privacy-preserving agent (device) revocation has been demonstrated as a proof of concept.

Indy’s roadmap includes additional privacy-enhancing features such as a user-friendly SSI tool (mobile app) with smart and safe defaults, microledgers, sophisticated policy and/or AI for agents, mix networks for transaction submitting and agent routing, and so forth.

Some of these technologies exist in other identity technologies, but Indy combines more of them, in far more powerful ways, than any similar technology I know.

What All This Tech Does NOT Deliver

Except for people who live in remote, technology-scarce  places, all of us are constantly observed and recorded. Google maps may have a picture of our front door; cell phone towers track the location of our mobile devices; credit card companies see what we spend; closed-circuit cameras watch us on the road or subway.

In such an environment, much will be known about us, even if we use Indy to prove things in zero knowledge. And, if we choose to use Indy to disclose something identifying–our email or phone number or name+birthdate, for example–then the disclosing interaction is correlatable to a much bigger digital footprint, no matter what fancy math did the proving. Even less perfect correlators like first name + fuzzy place + fuzzy time may correlate us, given sufficient context.

It might be tempting to say, then, that there’s no point to Indy’s elaborate privacy posture. But there is more to the story.

What Hyperledger Indy Privacy DOES Deliver

Hyperledger Indy allows you to construct interactions where the degree of disclosure is explicit and minimal–much smaller than what was previously possible. Nothing about the mechanics of connecting, talking, or proving in Indy is leaky with respect to privacy; vulnerabilities that emerge must come from the broader context. No other technology takes this minimization as far as Indy does, and no other technology separates interactions from one another as carefully. If privacy problems are like a biohazard, Indy is the world’s most vocal champion of wearing gloves and using a sharps container for needles–and it provides the world’s best latex and disinfectants.

Of course, this does not give perfect protection. Like a needle stick, mistakes can ruin Indy’s carefully sanitized interactions, and contamination is always a possibility. In 2017, the layouts of US army bases in some of the most dangerous locations in the world were compromised because soldiers had been using the Strava running app to track where they exercised (https://wapo.st/2J6DQqU). If this can happen when stakes are so high, and when the organization is as careful as a sophisticated army, then similar fiascos will undoubtedly occur, both with and without Indy technology, for the foreseeable future. These are serious problems that are not to be underestimated.

Despite the imperfect guarantees, doctors consider it worthwhile–even vital–to wear gloves. And despite risk, Indy’s privacy tech can deliver real value, if we are careful about constraining behavior and understanding use cases. Any interaction that does not leak is a tiny bit of personal, private space–and chaining such interactions together can accrue significant benefits. Indy makes it possible to prequalify for a loan at a thousand banks, in a way that proves credit worthiness, income, and citizenship, without forfeiting privacy. Used correctly, it can insulate cautious whistleblowers; it can enable secure, private voting; it can make online dating safer. Many other use cases exist. In each situation, we must carefully assess privacy beyond the narrow context of Indy’s proving mechanics. Gloves are less helpful when a disease vector is airborne; the government still needs to know who you are when you pay your taxes.

Intentions And Incentives

Besides discussing what protections Hyperledger Indy offers on the technical level, and what ways there might be to defeat such protections, we can also make an argument that architectures, algorithms, data models, and cryptography always carry a certain “intention” towards the parties we interact with. In our case, this intention is to maintain the individual’s privacy, sovereignty, etc. Whether or not the technology can strictly enforce this intention, or to what extent, is an important question, but not the only argument for building it in a certain way.

If we use pairwise DIDs and zero-knowledge proofs, the message is clearly “don’t try to correlate me,” even if you could find a way to do it if you try hard enough. An HTTP Do-Not-Track header says “do not track me,” but it doesn’t offer any actual protection from tracking. The VRM community has been talking about user-defined terms for a long time. In a relationship, you can express “don’t use my data for advertising,” or “delete my data after 14 days,” or “use my data for research, but not commercially.”

Simply expressing these intentions in code and architecture has value by itself. It bears a message that privacy and sovereignty “should be honored,” even if it cannot always be guaranteed technically that it will be. Over time, we expect that through regulation, trust frameworks, reputation, and similar mechanisms, not honoring such intentions will be discouraged. Of course we must always communicate clearly the limits of intentions and guarantees, lest we create a false sense of security that can lead to severe consequences.

One of the main reasons for the growth of Internet’s re-decentralization movement (Diaspora, Bitcoin, etc.) was not only to achieve more privacy and independence, but also to build architectures that better mirror the way we want society to work in the real world (not client/service aka. master/slave). At the same time, the point of view that “technology is neutral” is getting less prevalent, being more and more replaced by an assumption that “technology has built-in values.” From this perspective, privacy tech is valuable not only as a technical defensive mechanism, but also to make a point, to convey an intention.

Importantly, Indy’s technology also enables the transformation of privacy incentives. Companies that once stored PII can now store an opaque identifier for a customer, and contact the customer’s agent to learn more–then throw away the data after they use it. This has the potential to eliminate many centralized data troves as hacking targets, and it empowers people instead of impersonal and conflicted corporate guardians. Indy also provides meaningful advances in the world’s answers to privacy regimes like GDPR. We believe that in the future, social, software, and legal constructs will evolve to take advantage of the privacy features offered by Hyperledger Indy, and that this will lead to ever more creative types of business models and digital interactions not possible before.

 

Developer Showcase Series: Ian Costanzo, Anon Solutions Inc

By | 网志, Developer Showcase, Hyperledger Composer, Hyperledger Fabric, Hyperledger Indy

We return back to our Developer Showcase blog! This series serves to highlight the work and motivations of developers, users and researchers collaborating on Hyperledger’s projects. Next up is Ian Costanzo from Anon Solutions Inc. Let’s dig in!

What advice would you offer other technologists or developers interested in getting started working on blockchain? 

Learn the fundamentals, and then get involved in an interesting open source project.

Working with Bitcoin is one of the best ways to learn the fundamentals of blockchain. The original white paper lays the groundwork in a clear and concise way, and there is a significant amount of documentation and examples available. Once you have a good understanding of the basic cryptography, merkle trees, proof of work, etc, it is much easier to work with more complex frameworks, which tend to layer on additional functionality (and complexity).

Then find an open source project and get involved. No matter what your interest there is probably a existing project in with a need for contributions in a number of areas. Documentation, introductory tutorials and testing are common needs. I’ve been involved in a few projects, and I’ve found there is always enthusiastic support (via slack, rocketchat, telegram, etc.) for new participants.

Also check for local meetups – I’m fortunate that in Vancouver there are a lot of blockchain enthusiasts, many meetups, and I’ve met quite a few interesting characters.

Give a bit of background on what you’re working on, and let us know what was it that made you want to get into blockchain?

I’m working with the BC Government on their Verifiable Organizations Network (VON) project (https://github.com/bcgov/von) using Hyperledger Indy.  I got involved in a roundabout kind of way.

Originally I was working with a homeless shelter in Calgary (https://www.calgarydropin.ca/) – they had recently implemented a new CRM and were looking at ways they could improve service to their clients by (securely) collaborating with other service providers. Their primary concerns were security of personal information, and respect for the sovereignty of individuals to control their own information, where possible. I did a survey of the technology space, and found that the Sovrin network (and Hyperledger Indy) was a clear fit for their requirement. I was lucky enough to get in touch with the BC group who were working with the same technology, and then fortunate to be able to participate in their project.

I’m interested in how blockchain can be used to help protect our personal information, and give us more autonomy and control over how our information is shared and used.

What project in Hyperledger are you working on? Any new developments to share? Can you sum up your experience with Hyperledger?

I’m working with Hyperledger Indy, with the BC Government. My role has been to scale up the solution to handle enterprise requirements, including large data volumes and transaction throughputs.  It’s been a fascinating experience, because I get to work with a lot of very smart people in the BC Government, as well as at Sovrin, Evernym and the whole Indy community.  The technology is new, which is interesting, but we’re also exploring new ways in how the technology is being applied, which creates lots of challenges and opportunities.

Specifically I’ve been working on an Enterprise Wallet for the central credential “holder.” I’ve updated the wallet to support multiple identities and millions of credentials, and to run in an enterprise micro-services deployment. I’m excited for the next round of SDK wallet development, which is going to introduce wallet meta-data, native encryption and improved search capabilities, which are all going to support functionality the team is planning to add in the coming months.

I’d also like to mention that the BC team is working in partnership with the governments of Ontario and Canada. In Victoria we work out of the government’s “Innovation Center”, which is focussed on public/private partnerships and support for the open source community. All the work we are doing is open source, available for use, and we welcome new collaborators.

What do you think is most important for Hyperledger to focus on in the next year?

Ease of use for new developers, as well as scalability. Ease of use is something that Ethereum (for example) has done a very good job with. Solidity is pretty simple to learn, and you can write very sophisticated blockchain applications without having to get too deep into the weeds. This is why Ethereum is one of the most widely used blockchain platforms. The downside of Ethereum is scalability (Crypto Kitties almost brought down the whole network) but that is something they are putting some resources into.

I’ve worked with Hyperledger Fabric and Hyperledger Indy, and I think anyone will agree that these are very complex technologies!  In order to get more widespread adoption documentation, training and tooling are critical. Their strength is that they are more specialized networks, however they come with a very steep learning curve, and this is something that needs to be addressed.

For Hyperledger Fabric, the introduction of Composer for application development was a huge step forward. Hyperledger Indy (what I am mostly working with now) could use similar tooling. There is work in progress on documentation and developer tools, but the more focus in this area the better!

As a private network, Hyperledger Fabric may not suffer from the same scalability concerns as public networks, but Indy supports a public network (Sovrin) so scalability is definitely a concern.

What’s the one issue or problem you hope blockchain can solve?

I like to think that blockchain can be used for the benefit of humanity, rather than just providing a living for those of us fortunate enough to be working with the technology.

Self sovereign identity has a lot of potential, putting information under the control of the individual rather than large corporations, allowing us to (selectively) share with our friends and colleagues, without having to worry about our information being mined and mis-used.  Also being able to benefit disadvantaged populations, like refugees and the homeless.

Privacy is another potential benefit of blockchain, having the ability to secure personal information, as well as being able to communicate and transact anonymously.

I’ve seen a lot of other really interesting applications proposed or prototyped, like using cryptocurrency to distribute aid directly to recipients (reducing the risk of graft), or using blockchain to track ethically captured tuna. I’m excited (and hopeful) for the future of this technology.

What technology could you not live without?

I resisted getting a smartphone for a long time, because I have a bit of a technology addiction. (I also don’t own a TV because I would just end up watching it all the time.) Now I have an Android phone, and I’m in constant communication. I always know the answer to every question (thanks Google) and where to go for lunch or the best route to get to the ferry. When I get involved in an interesting technology (like blockchain!) I become a bit of a workaholic and spend far too much time on the computer.

So the best technology for me is sometimes no technology at all. Leave the phone behind and go for a walk, to clear my mind. Sit down with a pen and paper to solve some problems, rather than try to work it out at the computer (This forces me to do some actual programming for a change, rather than just cut and pasting from StackExchange.) Read the newspaper rather than my news feed online.

Until the nervous twitching starts and I have to reach for my phone!

 

Questions from Decentralized Identity Webinar

By | 网志, Hyperledger Indy

Guest post: Daniel Hardman, Evernym

During our recent webinar on decentralized identity, we accumulated a large backlog of questions. We thought it might be nice to cluster them by topic, and see if we could provide follow-up answers.

Q. How are decentralized identity, DIDs, and similar technologies compliant with (or not compliant with) GDPR, HIPAA and similar regulations?

Done right, decentralized identity can solve many gnarly problems. However, it’s not always done right. The decentralization is an opportunity, not a guarantee. For example, if you put personal data on the blockchain, you have a problem with GDPR’s right to be forgotten–but if you put personal data on a personal microledger, and not in a public place, you have no problem. See http://bit.ly/2taHIR8 for more details.

Q. I do not understand ‘permissioned public’ or ‘permissionless private’. Can you give examples? And why permissioned instead of permissionless?

Permissioned vs. Unpermissioned describes who can operate the network. Bitcoin is unpermissioned because anybody can download the software and run it, without asking permission first. Sovrin and Indy are permissioned, because although anybody can download and run the software, the network won’t accept your node’s vote about consensus on transactions unless/until your node receives permission to join the official validator pool.

Note that this Permissioned/Unpermissioned distinction DOES NOT affect who can use the network to do transactions. That’s a whole different question, addressed by the Public/Private distinction. A public network can be used by the general public; a private one requires special access. Permissioned/Unpermissioned just refers to who can operate the network.

A non-blockchain example of a network that is public but permissioned is ATMs. Anybody in the world can walk up to an ATM and use it, without special access. Thus it is public. But it is not the case that anybody in the world can operate an ATM. You might buy an old ATM second-hand, power it up, and turn it on–but unless banks agree to honor the transactions it does, it’s not going to work. A private permissionless network is one where only a few people can use the system, but anybody in the world can operate the node (or nodes can be configured and participate without any centralized help). An example of this would be a large conglomerate deciding to run a private instance of Ethereum for the benefit of all its subsidiaries. The conglomerate might announce that any division or department can set up a node, but say that only transactions submitted from IP addresses in its corporate intranet IP address range will be honored. Private permissionless is a little bit odd, and often permissions creep into them gradually.

Permissioned networks are helpful when you are worried about regulation (permissionless means there are few levers to control the behavior of the network providers). Permissioned are also capable of greater speed and scale than permissionless (broad generalization). Permissionless systems are naturally censorship-resistant.

Q. What is the user experience like in this brave new world of decentralized identity? How can I use decentralized identity (eID, etc) to get real work done? How do I keep track of all the keys and identity fragments that would be created in such a world?

Here’s a recorded demo that you might find interesting. It shows two sides of a decentralized identity ecosystem–a company, and a private person. The company is using a web application; the private person is using a mobile app. The person is trying to accomplish goals like buying an airplane ticket, proving things with credentials, and so forth. The web application is clunky; the user experience focus here is on the mobile app used by the private person. This demo assumes Sovrin (Indy) is the underlying plumbing. https://vimeo.com/262596133

Q. Most talk about identity centers on human beings. How do organizations and IoT things fit into the identity ecosystem?

Many decentralized identity approaches (including Sovrin and Indy, where I come from) explicitly welcome IoT things and organizations into the ecosystem. There are discussions underway on several fronts about using Sovrin for various IoT use cases, such as proving provenance of devices, securing device communication, and so forth. Organizational use cases are even more mature, with many companies and governmental organizations deploying. One public and advanced example is the Verifiable Organizations Network sponsored by the government of British Columbia in Canada.

The Sovrin Trust Framework (the constitution that Sovrin uses to run an instance of Indy) discusses the relationships of all these types of entities in section 3.2.

Q. Can a decentralized identity that is based on an immutable blockchain be deleted?

(This may relate to the question about GDPR compliance; see above for more on that.)

It depends on what you mean by “deleted”, and what you mean by “based on blockchain.” If an identity owner writes key personal info to an immutable ledger, then deleting such info will be a problem. Indy solves this problem by using the public ledger only for information about entities that don’t have a right to privacy (such as organizations or IoT devices), and requiring private individuals to store their info in a private file called a microledger. This microledger has some nice ledger characteristics–it is tamper-resistant and append-only–but the individual can always delete the file to remove all evidence of themselves.

Q. This is all utopian. Why should businesses give away their data and cooperate in this fashion? Will it take forever for the world to adopt decentralized digital identity? What about vulnerable populations who don’t own a lot of tech?

One incentive that institutions have to adopt this technology is regulation. GDPR, HIPAA, ePrivacy, and other legal requirements are forcing companies to adopt some sort of game-changing identity solution, because traditional approaches are simply too expensive or too hostile to the privacy and user-control standards that governments are demanding.

Another incentive is cybersecurity. If you were the CISO of a large company with many customers, would you feel more secure using traditional identity, where you have a large trove of information about customers that represents a juicy hacking target (including for malicious insiders)–or would you prefer to leave sensitive data in the hands of customers, with the option of looking it up from them whenever you needed it? Leaving it with customers shifts legal burdens in a huge way…

A third incentive is the possibility of eliminating middlemen. Every company would prefer to have a rich, direct interaction with its customers. Today, however, most companies are forced to have a relationship that’s mediated or brokered by some third party. They buy demographic data from data brokers; they contract with ad networks who profile and qualify people to see advertisements; they pay credit reporting agencies to identity proof customers by asking the customers when they last bought a home. All of these relationships cost businesses money and diminish the richness and power they’d like. What they’d prefer, instead, is to reach out to customers directly, knowing they can trust what customers tell them, and to have unfettered interactions with very high trust and a wonderful experience for customers.

These changes are expensive, but their benefits are so attractive that many large organizations are actively exploring the possibilities. This includes multinational banks, the travel industry, the healthcare industry, national governments, universities, and so forth.

Regarding vulnerable populations, the UN and numerous NGOs that work with vulnerable populations are striving to make this technology free and accessible to refugees, children, and those who are displaced or who live away from the internet. The Sovrin Foundation has an Identity for All committee that has interesting stories to tell…

Q. How does Indy compare to Showcard, Civic, uPort, and similar offerings? Is there any effort at compatibility or cooperation or standards?

There are efforts to cooperate. Some of them are taking place in the open, at the W3C, the DIF, and Hyperledger. Most of these efforts are midway through their lifecycle–not brand new, but not frozen into a standard yet. I am feeling very hopeful that these efforts will bear substantial fruit. You are welcome to attend community meetings at Hyperledger; see the community calendar.

I tried to take a platform-neutral stance on decentralized identity in my webinar. I can’t be perfectly objective, though, since I am a practitioner in the space. So please filter my comparison of these technologies through that lens.

All of these technologies are similar in the sense that they involved identity and blockchain. However, they use blockchain differently. They have different beliefs about what belongs on the blockchain, which blockchain to use, how to pay for the blockchain, who should control the ecosystem (if anybody), how to achieve privacy, how much privacy to aim for, and so forth. These differences manifest in different business models, different costs, different assumptions about the basis for trust, and so forth. I respect their people as bright, informed thinkers. I hope they view me as a collegial competitor. 🙂

It’s worth noting that Indy is not a product; it is an Apache 2-licensed codebase that anybody can use for free. Sovrin (an instance of Indy running with a specific constitution) is closer to being a direct analog to these commercial offerings than Indy is. Sovrin is also free.

FWIW, I believe that only Sovrin has a compelling, mature story about personal privacy, and about GDPR compliance. See http://bit.ly/2taHIR8 for more details.

Q. Isn’t there a better onboarding story than “scan your driver’s license and we’ll have our AI check it for fraud–then magically you get a digital identity”? Can we help people develop decentralized identities from birth?

Yes! Sovrin believes that digital credentials should be issued directly, and there are several initiatives underway that demonstrate exciting progress. For example 3 states in the United States are exploring the issuance of digital birth certificates. There is also effort underway among NGOs working with the United Nations to onboard vulnerable persons with a decentralized, self-sovereign, digital identity.

Q. Indy maturity — when will Android support be available, is Fabric further along, can we build something with this today?

The first network built on Indy launched publicly on July 31, 2017, running version 1.0 of Indy. Its SDK released in August of 2017. The demo mentioned above runs against software that’s now about a year old. Parts of the system are moderately mature.

That said, it is true that Indy (and really almost everything in the blockchain space, except for the core Bitcoin and Ethereum ledgers) is a very young technology, and it continues to evolve rapidly. Indy is just now finishing up the due diligence to graduate from Hyperledger incubator status. iOS support for Indy has existed for about 9 months, and Android support comes online in the next month or so. Standards efforts are forcing some evolution. If you’re a programmer, the SDK for this environment supports some common programming languages (python, java, C#, Rust, Go, Node.js) but not every language you might want. In addition, the Indy ledger, despite running as Sovrin for a year, still lacks some experience doing battle with hackers and spammers. So this is a good question; only a specific evaluation of your use cases will tell you whether it’s a good foundation for a business solution today.

Q. What consensus algorithm does Indy use?

Indy uses a modified version of RBFT called Plenum.

Missed the live webinar? Watch the on-demand replay of Decentralized Identity, Distilled today.