Ontology's decentralized identity framework

Ontology’s decentralized identity framework ONT ID is a decentralized identity framework based on the W3C recommendations for decentralized identifiers and verifiable credentials. It is designed to enable the identification of, and communication between different entities, say individuals, institutions, objects, assets, etc. in both decentralized, as well as centralized networks. It can be used to generate and assign digital, cryptography based identities to different entities such as individuals, institutions, objects, content, and so on.

The ONT ID framework is not limited to the Ontology chain. The method has been implemented on Ethereum and Binance Smart Chain as well, extending all the same features to those networks.

ONT ID provides a self-sovereign system of data authorization and ownership confirmation, thereby granting true control to users. The entire process of ID generation, storage, update, and other critical operations are fully automated and decentralized in nature, thereby allowing the users operating within the ecosystem to have full control and ownership of any data that may be associated with them. Discrete IDs linked across various ecosystems can have multiple delegates and attributes. In the form of verifiable credentials, entities can make and verify claims in terms of data ownership, access rights, and validation. Since any entity that is part of the network can do this, this makes the ONT ID framework a strong contender to build an account mechanism with a high degree of disintermediation.

A few characteristics of ONT ID:

  • Decentralization

  • Self-sovereignty and management

  • Privacy protection

  • Security

  • Ease of use

Ontology establishes a decentralized trust model and a distributed trust delivery system through ONT ID and a mechanism that uses verifiable claims. It uses the zero-knowledge proof protocol to assure the privacy protection of verifiable claims. Through ONT ID, Ontology will also incorporate various authentication service agencies, and establish multi-source authentication to achieve a more complete picture of the respective entity's identity.

Verifiable credentials allow for the entities that are a part of the trust network to make claims related to their identity within the scope of the network, which can then be verified for their validity by other entities using a decentralized trust mechanism. More details on verifiable credentials and the trust mechanism are available in the next section.

In addition to building a trust network that relies on certain central entities, different entities can also build strong trust relationships amongst themselves. Such a credibility based network is generated through mutual authentication between entities. The higher the number of successful authentications, the higher the credibility of a particular entity. High credibility rating would make the entities more reliable and trustworthy, and authentication from a high credibility entity will equate to higher credibility for the said entity.

ONT ID also comes with OScore, a feature that takes on-chain data and behaviour, runs it through an algorithm to determine the reliability and generates credentials. Refer here for more details.

Salient Features

Some of the main features of the ONT ID framework are listed below.

Account Mechanism

An account mechanism that links to wallet addresses and is supported across the Ontology, Ethereum, and Binance Smart Chain ecosystem on the application layer.

Cross-chain Identity Aggregation

Linking to the respective contracts deployed on the Ethereum, Ontology and BSC chains to facilitate interoperability in the form of off-chain services such as an Oracle. Also, cross-chain communication between the ONT ID contracts deployed on Ontology and the target chain respectively.

Multi-asset Support

Support for assets from multiple chains (Bitcoin, Ethereum, Ontology, etc.)

Credit Score

A reputation score assigned to addresses based on transactional data such as asset ownership, transaction history with smart contracts, etc.

ONT ID comes with OScore, another opt-in feature that users can enable to avail services from platforms that require proof of reliability, such as uncollateralized loans. More details on OScore here.

Self-sovereign identity

In the context of ONT ID, the term entity refers to the following:

  • Individuals - Individual users of ONT ID

  • Legal entities - Institutions, organizations, enterprises, etc.

  • Objects - Mobile phones, automobiles, IoT devices, etc.

  • Content - Research, creative content, etc.

It is important to note that the term identity strictly refers to an entity's identity within the Ontology trust network.

An ONT ID is basically an identifier within the scope of the system. All the entities that are part of the network shall have an Ontology Identifier (ONT ID) that identifies and manages it's identity.

Users can register their ONT IDs using Ontology's ONTO wallet. The download links are available here.

On the Ontology blockchain, an entity can correspond to multiple individual IDs, and there need not exist any kind of relationship between the said multiple IDs.

The ONT Auth and Signing server services have been deployed on the Ontology mainnet.

A signing server is a back end service that links ONT ID from end user to the account system inside an application. More information on signing servers is available here.

Workaround for Traditional Systems

It is normal for traditional businesses to have partially, or fully centralized systems. Thus, keeping such scenarios and use cases in mind, Ontology has developed a workaround for centralized systems to integrate and use ONT ID.

The ID can be handed back to the user by changing the owner property of an ONT ID from the application to the end user. While conceptually, the ONT ID is delegated from the user to the application server host. The terms for this shall be prepared in advance, and the user would then authorize this 'delegation' by accepting the terms.

Technically speaking, the delegated ONT ID is able to perform the following tasks:

  • Perform actions such as registration and login within the system on behalf of the user,

    and publishing results to the Ontology mainnet.

  • Enable the users to take over full control and ownership of their ONT ID if they wish to do so.

Last updated