Introduction

In the dynamic realm of emerging decentralized identity solutions, the development of the idOS marks a huge leap forward. An open-source solution designed to be the identity layer of web3, the idOS empowers users to own, manage, and securely store their identity data. Built by Fractal ID, Kwil, NEAR, Gnosis, and Aleph Zero, the idOS is a joint effort built upon the principles of chain-agnostic design, compliance, self-sovereignty, and decentralization.

Julian Leitloff, Co-Founder of the idOS and Fractal ID, joined by Johan Salaï of Pagoda,  recently took to the NEARCON’23 stage to introduce the idOS and its identity management capabilities to a broad audience of dApp developers building on NEAR during NEARCON23. His speech delved into the vision driving the idOS, the intricacies of its architecture comprising decentralized storage and access management, current use cases being built, its partnership with NEAR, and the promising future developments that position it as a transformative force in decentralized identity solutions.

Read the excerpts below!

The whole speech can be viewed here.

What is the idOS?

Julian: “The idOS is two things. It’s a decentralized storage, a distributed system of nodes that store identity data, and it’s an access management protocol. You can think of it as being an IPFS-style decentralized storage, that is specifically made in a compliant way to host identity data and an access management protocol in which users are actually in charge of their information and can give access to their identity data throughout the ecosystem.”  

Why is the idOS needed now?

Julian: “We’ve been talking about identity for quite some time. Vitalik is writing about it every four years, urging the whole industry to adopt and go to a native standard of how to manage identity and we still haven’t gotten there. It’s not for the lack of trying – we’ve seen many approaches to solve it. If we look at the identity landscape today, it kind of seems like medieval Europe, where if you want to travel to your neighbor, you have to identify yourself again. If we take this metaphor to an ecosystem we can see that identity cannot flow freely. Neither can users freely flow across ecosystems. Even from dApp to dApp, we have a problem where we keep forgetting someone’s identity, and we need to ask for it again, and every dApp needs to build the whole thing again. We don’t think that this is great and that’s the pain point we are solving.“

What led to the integration of the idOS into the NEAR ecosystem?

Johan: “NEAR and idOS is essentially a partnership that’s been meticulously crafted to ensure that we respond to the needs of founders and developers. This sets the standards of what identity should look like in web3 going forward. Imagine a world where your data is as fluid as you thought and as private as your diary. This is a world we’ve been dreaming about for years in the decentralized world. We’re not just introducing an identity layer today. We are taking your sense of identity and integrating it with idOS into NEAR. We are enabling our builders and developers with the possibility to create innovative dApps but also make sure that these dApps are compliant and self-sovereign. NEAR becomes the first major blockchain ecosystem to integrate identity at its core. It’s about enabling a community and ecosystem for widespread adoption going forward.”

What are the current use cases of the idOS within the NEAR ecosystem?

Julian: “The first use case is to really enable DeFi that touch people’s everyday lives. Whenever we talk about having a debit card or opening up a bank account, identity is needed in a compliant way or just onboard. We opted to build a native layer to enable users to hold their own data and pass it on as they wish. Another application is proof of personhood. So, making sure a person is really a unique person who hasn’t created like 10 or 20 different wallets already.

NEAR is the ecosystem that has really early on focused on users. From my perspective, this is taking it a step forward, because we’re going from users that are unique wallets, active wallets to actually verified users. This is specifically interesting, not just from the proof of personhood perspective, but also when you’re talking about enabling DeFi rails. You could go to NEAR and you would have 5 million people that are already verified with one click and onboard to even financially regulated applications.”

How does the idOS work?

Julian: “The user comes and wants to put in data. They can just put in data of their own choosing, but sometimes you want to have verified data, like for example KYC, your proof of uniqueness. So they go to the identity provider, they get that data back, they encrypt it themselves, and they put that data package into the idOS. Then if a dApp or NEAR wants to request that data, they go to a node to request access, which is forwarded to the user to actually consent to that process. So, to approve an access request, the user then takes that data decrypts it, encrypts it with the dApp’s receiving public key, and uploads it into the idOS and that’s the cool part. 

In the future, the dApp can also go to the node to request the data even if the user is offline. The idOS is a Data Storage and Access Management Protocol. However, there are cool things that are on top, which is that you can actually add any type of data to it. You can add reputational data, you can add a social graph to it if you like and you can build upon it because it’s really a composable identity stack. For example, imagine lots of dApps are using the idOS and you want to build an analytic tool so that dApps finally can see what type of users are actually using that dApp. Perhaps you also want to build an incentive system that works for real users, and not just an army of bots. That is something that is enabled with the idOS because it’s permissionless – you can just build on top of it and you can build with the idOS as a module.”

Why do you think the idOS will succeed?

Julian: “We think that we identified different reasons for it. One part that we see is compliance. In the end, if you want to build an application, if you want to have a service, and you have your lawyer tell you that this doesn’t work because there are data privacy issues that are standing in the way, the whole solution isn’t feasible. This was important for us to solve. 
Permanent data availability is another. If you have an identity wallet, and you go to a dApp, you have two choices as a dApp provider – you either download the data, and put it into your AWS web2 databases, or you don’t do anything with the data. But if you make the first step, then you have to build the onboarding flow again, you have to make sure that you maintain this content management client relationship management system, and the data will grow stale. It’s not chain agnostic. So if you provide a solution that is an unchained solution, but you don’t provide the service to go with it, you can’t really use it. That’s what the idOS does differently from other solutions out there.”

What is coming to the idOS in the next couple of months? 

Julian: “We are going live today on NEAR and we are super excited about it. We also partnered up with Gnosis, for example, to give users the ability to have a self-custodial debit card – even for highly regulated use cases, in this case in the UK, and then Iceland, Then we have Aleph Zero that is adding a privacy layer on top of it and this is even more important. We already have dApps integrating it. We have 14 different dApps that agreed to integrate the idOS, so that you can not only create your identity on NEAR.org, but you can also consume it for very different use cases. All the way from proof of personhood, which is a very light touch where you just want to know if someone is a real person or the bot to highly regulated use cases.”

When you link the idOS account to the NEAR wallet, is that linkability visible on the blockchain?

Julian: “The creation of the idOS account isn’t visible. What is visible is if you’re giving an access grant, this will show up in a smart contract that gives that access to another receiving address, which is the dApps address, but it doesn’t show what is being shared. The node providers know which address is linked to which ID but they also don’t know what’s in that verifiable credential because it’s encrypted by your public key.”

TL;DR

• The idOS is an IPFS-style decentralized storage, that is specifically made in a compliant way to host identity data and an access management protocol in which users are actually in charge of their information
• With the integration of the idOS, NEAR is enabling builders and developers with the possibility to create innovative dApps that are compliant and self-sovereign.
• Enabling real-world DeFi, Proof-of-Personhood, Compliance, and Permanent Data Availability are a few of the initial use cases of the idOS. 
• For future developments, idOS has partnered with Gnosis to give users the ability to have a self-custodial debit card and Aleph Zero is adding a privacy layer to it.

Explore more about the idOS — the identity layer of web3 — on the website, social media, GitBook, and GitHub.