Scrypta Identity Framework

The source code of the Scrypta Identity Framework, which manages the Identity Gateways, can be inspected at this address: https://github.com/scryptachain/scrypta-identity-framework and it is the component that makes the interfaces available to external authenticators.

It is an application in NodeJS and the providers are managed through PassportJS (http://www.passportjs.org/). Except by e-mail, which is integrated via Mailgun (https://www.mailgun.com/) and the telephone via Twilio (https://www.twilio.com/). In this case the gateway and the provider will coincide, as the verification of the e-mails and the telephone takes place internally.

Identity assessment

Whenever the user wants to identify himself, he will have to clearly show his identity payload (which can be done using a mobile app) and the counterpart (always via the app, automatically) will verify that the payloads presented are actually valid, as a verification will be done. via public key, payload and blockchain.

The result, which can be found on the site https://me.scrypta.id will be something like this, which we render graphically for privacy reasons:

Indeed it will be possible to verify that, for example, the Github payload written to block 416667 is the following and is connected to the addressLZzzH9C7outN754hqfyTZ6Hhjk2nsoX9no. This information can be found here: https://proof.scryptachain.org/#/uuid/3e7ce.f696.4b11.bf0c.cec51cff386e

{
"signature": "2f04635376ef2cbbc9c083b6093e5bfc864bc779a8aa670c431f5ad14c2e261003ef2aaeaab8990f9a3cec8a67296a05b1463b5f9ba98c78d83d1269163232b7",
"gateway": "0240f294ef20c7bbb82bae24d8d22c7ab94d195adf153162482b6bf540393d7dd5",
"fingerprint": "79a7c75eb20eca8ca36b781bbde1e0e960a39e4d4d92f4d4452cf47c7e5b0b936c5051690f84ee177d497003ea50dd32192cf18422130a1eb8bb6172cd48275f"
}

Let's better explain what is written inside the blockchain:

  • signature: is the signature of the payload by the address LZzzH9C7outN754hqfyTZ6Hhjk2nsoX9no.

  • gateway: it is the public key of the Gateway address.

  • fingerprint: as mentioned, it is the signature of the same payload by the gateway address.

Operation Scheme

EHere is an operating scheme that summarizes all the steps:

enter image description here

Integrated providers

Currently the integrated and functioning providers are the following:

  • Github

  • Google

  • Linkedin

  • Twitter

  • E-Mail

  • Phone

Final Goal

The ultimate goal of this framework is to give the possibility to institutions or companies to create their own set of addresses whose identity is guaranteed thanks to the blockchain and the method mentioned above.

Scrypta will implement this identity system within the Manent mobile app, allowing users to exchange identity information and save it within their "Address Book". This will allow a double operation, the first is to actually have a list of trusted contacts and the second is to create TrustLink with these contacts, so you can sign agreements or sign documents.

Extensibility and practical cases

It is clear as in the case for example of a company that wants to identify its employees (and their digital operations, allowing them - for example - to sign documents or interact with a corporate app) that the management of these payloads through the files. sid (decentralized) could be complex. Thanks to the open nature of the framework, nobody forbids creating a centralized storage for all these identities and connecting them, for example, to the company e-mail.

Thanks to these identified addresses, therefore, the most varied operations can be carried out, from the exchange of funds to the signing of documents, to the creation of trustlinks.