ONT ID 2.0

Ontology's decentralized identity framework

Ontology's decentralized identity framework ONT ID is based on the decentralized identity protocol developed by Ontology based on the W3C Decentralized Identifiers (DIDs) specifications. It can be used to generate and assign digital, cryptography based identities to different entities such as individuals, institutions, objects, content, and so on. It supports collaborative services such as distributed and diverse ownership confirmation, identification, and authentication of the aforementioned entities. ONT ID provides a self-sovereign system of data authorization and ownership confirmation, thereby granting true control to the respective users of a particular asset.

A few characteristics of ONT ID:

  • Decentralization

  • Self-sovereignty and management

  • Privacy protection

  • Security

  • Ease of use

Decentralized ONT ID Framework

Ontology establishes a decentralized trust model and a distributed trust delivery system through ONT ID and a mechanism that uses verifiable claims. It uses the zero-knowledge proof protocol to assure the privacy protection of verifiable claims. Through ONT ID, Ontology will also incorporate various authentication service agencies, and establish multi-source authentication to achieve a more complete picture of the respective entity's identity.

Verifiable claims allow for the entities that are a part of the trust network to make claims related to their identity within the scope of the network, which can then be verified for their validity by other entities using a decentralized trust mechanism. More details on verifiable claims and the trust mechanism are available in the next section.

In addition to building a trust network that relies on certain central entities, different entities can also build strong trust relationships amongst themselves. Such a credibility based network is generated through mutual authentication between entities. The higher the number of successful authentications, the higher the credibility of a particular entity. High credibility rating would make the entities more reliable and trustworthy, and authentication from a high credibility entity will equate to higher credibility for the said entity.

Self-sovereign identity

In the context of ONT ID, the term entity refers to the following:

  • Individuals - Individual users of ONT ID

  • Legal entities - Institutions, organizations, enterprises, etc.

  • Objects - Mobile phones, automobiles, IoT devices, etc.

  • Content - Research, creative content, etc.

It is important to note that the term identity strictly refers to an entity's identity within the Ontology trust network.

An ONT ID is basically an identifier within the scope of the system. All the entities that are part of the network shall have an Ontology Identifier (ONT ID) that identifies and manages it's identity.

Users can register their ONT IDs using Ontology's ONTO wallet. The download links are available here.

On the Ontology blockchain, an entity can correspond to multiple individual IDs, and there need not exist any kind of relationship between the said multiple IDs.

The ONT Auth and Signing server services have been deployed on the Ontology main net.

A signing server is a back end service that links ONT ID from end user to the account system inside an application. More information on signing servers is available here.

Integration Workaround for Traditional Systems

It is normal for traditional businesses to have partially, or fully centralized systems. Thus, keeping such scenarios and use cases in mind, Ontology has developed a workaround for centralized systems to integrate and use ONT ID.

Traditional System Workaround

The ID can be handed back to the user by changing the owner property of an ONT ID from the application to the end user. While conceptually, the ONT ID is delegated from the user to the application server host. The terms for this shall be prepared in advance, and the user would then authorize this 'delegation' by accepting the terms.

Technically speaking, the delegated ONT ID is able to perform the following tasks:

  • Perform actions such as registration and login within the system on behalf of the user,

    and publishing results to the Ontology main net.

  • Enable the users to take over full control and ownership of their ONT ID if they wish to do so.