idOS Co-Founder, Lluis Bardet, and NEAR Protocol Co-Founder, Illia Polosukhin shed light on the vision behind the idOS and current developments within its ecosystem in this recent Twitter Spaces AMA session with BanklessDAO.
In web3, where the spotlight is on security, privacy, and compliance concerns, a collaborative effort between Fractal ID, Kwil, NEAR, Gnosis, and Aleph Zero has given rise to a transformative vision – the creation of a user-owned internet. Enter the idOS – the identity layer of web3. An open-source, composable, and chain-agnostic solution, the idOS is architectured to enable true decentralized identity across blockchain ecosystems powered by a dStorage network of nodes and an access management protocol.
The idOS empowers individuals with complete ownership of their identity data across decentralized applications (dApps) and blockchain ecosystems, thereby catalyzing scalable user adoption. With idOS, the mantra is simple: your keys, your data. But how does the idOS operate, why is it imperative in today’s landscape, and what use cases does its integration on the NEAR ecosystem fuel?
Read the excerpts below and get up to speed on all things idOS.
What makes the idOS vision relevant in today’s web3 landscape?
Lluis: “I think that identity is what makes someone unique. Everything has an identity, but not necessarily everything has an identifier. That’s important, especially on the internet. In the regular world, you just go somewhere with a document that the government gave you, and you show that to the person, the person looks at you, you’re the same one in the picture in the document. That is how you get identified in most places but when you move this to the digital world into what they would call digital identity, it is much harder. Because the person is not physically there and the identifier is not physical. The identifier is a piece of code of data and you need to make sure that that is not tampered with, and that it belongs to the person who gave it to you. So that becomes much more complex. There comes decentralized identity, which is what enables these identifiers to not be owned by companies that, in theory, own your identity, and then they can share it with others. Thanks to blockchain technology and cryptography, now you can have your identifiers back, and then you can selectively share them. That’s the vision of idOS – giving the identifiers back to the user and then allowing the user to connect them anywhere on the internet.
What happens with most identity verification providers, and that includes Fractal ID, is the fact that data is still stored either in centralized servers or it is stored with the user. But none of the solutions work for the use cases that we need today, especially the financial use cases that require some degree of compliance.”
What are the contributions of the idOS’ building partners?
Lluis: “Fractal ID has been around since 2017 and we have built a lot of different identity solutions; so the knowledge that we bring to the idOS is on the identity side. We have Kwil – they have been working for several years on regional databases for web3. So basically, they are the ones that essentially create these decentralized storage networks that have different node operators that share consensus. Then working with NEAR as well as Gnosis and Aleph Zero, the idea comes from all of these blockchains, having a shared vision with us, which is that we need DeFi to reach the real world. For that to happen, we need to figure out the legal and UX side of it. One of the main points of pain that we are solving here is simply the experience around KYC and compliance. So we are trying to make it more smooth. These blockchains also had the same shared idea and that’s why we’re building together.”
How does the idOS tie into the long-term vision of the NEAR Protocol?
Illia: “We are trying to bring blockchain technology to the level where you, as a user have ownership of your assets. Having ownership is important and blockchain can provide this but it doesn’t connect to a lot of the real-world interactions because of certain requirements, and it’s not the humanity requirement, per se. It’s the fact that you need to prove that you are from this country, or you need to prove that you’re not from some country. Those things are really important and block the adoption of this technology. We could all be using an Apple Pay card that’s backed by a NEAR account but we cannot because it’s hard to get everybody to approve and remove fees, because they expect a tonne of potential AML issues and fraud.
So for me, the idOS addresses how we reduce fraud dramatically, and make sure that everybody feels that there’ll be no kind of money laundering the way that people expect to happen. Instead, we have a compliant, clear, visible, transparent ecosystem of financial products.”
How does account aggregation work on the NEAR Protocol enabled by the idOS?
Illia: “One thing that we are working toward, for the multi-chain side, is what we call account aggregation where one NEAR account will be able to transact on other chains as well. So you’ll be able to use the same information and the same, for example, the stations that you already have, on potentially all those layer 2s and layer 1s. The idea is that you as a user now have one place where you go through those interactions, and then you can navigate across all apps across all chains, not needing to think or redo KYC, to redo some other compliance checks to reapply stuff. As you do more interactions, you gather more and more on-chain reputation that allows you to do a lot more things. For us, that’s fundamentally what we’re trying to bring in blockchains, it is this interconnectivity that stays with you and is owned by you.”
How is the idOS privacy preserving?
Lluis: “First of all, you have your data, you own your data and then you can selectively decide what you share with whom. The way it works is that you will have multiple credentials. So if I’m going to work with NDC, I will only share my proof of personhood credential with NDC. I’m not going to share my full KYC status that says, where I live or what’s my full name, because that is not needed – if the only thing that I need to do is to prove that I’m a unique human being inside the network. Within the idOS, all your data is encrypted with your key pair, which means that nobody can see this data – only you. If someone were to hack one of the nodes, they wouldn’t be able to see anything. They would be able to see that there are some credentials but they wouldn’t be able to see the content of it or make anything out of that. Because they wouldn’t be able to decrypt that.
One of the reasons we’re working with Aleph Zero is because we’re also working on ways that you can use ZK proofs to just prove some elements without really sharing them. There are very exciting ideas with homomorphic encryption, for instance, where if you have a bunch of data in your profile, you will be able to prove multiple claims by just looking into the data with value without sharing that data. So it’s something in general that it’s very interesting and there are a lot of solutions here. But first, we need to build a layer where this data is stored securely. Then we can build applications on top that can improve how we share data, and how we make it even more privacy-preserving.”
Can you explain how the idOS works?
Lluis: “So essentially, the idea is that it has two elements. It has a decentralized storage network of nodes that has multiple node operators – those node operators host user data. User data is encrypted with the user keys, which means that they are the only ones that can access the data. Then you have an access management protocol. This is nothing else but a smart contract that can be deployed across different blockchains. Right now, we have one of these deployed in NEAR. As a user, you can either add data yourself or you can ask anyone to verify some data and then add that to your private profile into the idOS and encrypt it. The idea is that we can have multiple identity verifiers that can issue verifiable credentials. Then the user stores these in their private profile. The user can go anywhere around web3, where these access management protocols and smart contracts have been deployed, and any dApp can ask the user to share a credential with their data.
For that to happen dApps just need to install an SDK. What this allows for any application, or anyone within web3; is that whenever a user connects to them with a regular wallet, they can just agree to share a credential with them. That’s what we call an access grant which is something that gets recorded on the blockchain. Whenever this happens, you have a system where you have issuers that can issue credentials, users can host data into their profile, and applications can very easily, without the need for additional wallets or plugins, ask users to share that data.”
What use case does the idOS have for developers in web3?
Illia: “Specifically, with the idOS developers have the unique opportunity to just embed information that’s already there on the user to new apps. They don’t need to build smart contracts because they already have the idOS, so you can have a really quick piece that pulls user information for their dApp directly in one of those components on decentralized finance, and you can embed that into your own decentralized gateway. From the perspective of UX, this allows developers to build any experience they want around this information.”
How can the idOS reduce risks around increased fraud rates for on-ramps?
Illia: “I think the first step there is getting the idOS adopted by on-ramps such that if a user account has gone through a certification already, you can go and use your credit card or use your debit cards with this. It actually should be beneficial for on-ramps to do this because it reduces risks on their side for fraud which reduces their fees. There’s a win-win there, which they should start to see now as we get this adoption going because the biggest problem with on-ramps right now is fraud rates. And the idOS can really reduce them.”