The TrigID Personal App
Available soon on the Apple App Store and Google Play Store. The TrigID Personal app allows you to claim your identity and ensure the accuracy of your key information. You can buy the ID tokens you need with an in-app purchase.
You can also use TrigID Personal to validate the personal information of anyone else. Just key in the personal information that person claims – the app will Mash it and validate it against on-chain arcs. The app will also validate a face image or voice print.
Use it to maintain your own TrigID secret phrases and private keys. Each is paired with a public key, so you can use it to verify your identity when dealing with banks, telcos and other entities the have KYC requirements. If you ever feel a phrase or key has been compromised, you can just remove it and add another.
During the community consultation period TrigID Personal will run against the TrigID sandbox.
Valuing ID Tokens
How much is an identity worth?
It depends on what a buyer is able to do with it. We do have some useful examples to base an assessment on: Facebook bought Instagram for $28 a user, then WhatsApp for $42 per user. That was nearly five years ago.
Today, identity thieves will spend as much as $100 for comprehensive Identity data. In the US the average cost per identity-theft-related fraud is just over $1000. Simple Identity theft insurance costs $25-$60 annually. Add a little protection and monitoring and that becomes $100-$400.
These and many more facts suggest that $50 is a more than reasonable estimate of the value of a digital identity, so that's what we use in our calculations.
Take a look at the services that TrigID makes possible - the value of a universal and curated database of identity is immediately apparent. Your ID token is ultimately paying for the curation and maintenance of identity records, and that curation is what's making the TrigID identities valuable.
There's a one US dollar value in just the simple cleansing part of data curation (de-duping, attribute validation), so we've assessed the token's initial value to be USD $1.00. The market, however, will ultimately determine the worth of the Curation service and the ID token - as it does with all tradable commodities.
A cryptocurrency token economy is a powerful tool for influencing behaviour and getting work done. This power is even more revolutionary than the "blockchain" technology that makes it possible.
Predicting the behaviour of a token economy over time can be challenging, however. A token that behaves like money or a security makes for a simple model, but a token that has an actual use has an economy that is far more difficult to model and manage.
These are some of the ID-Token-related issues we've had to address and will continue to address during the Community Consultation period:
- • How do we allow for project growth but also make sure that early token buyers are rewarded for their faith in the project?
- • How many ID tokens do we need if we're giving them away as a reward for populating a 7,600,000,000 person Identity Graph?
- • How many can we let get into circulation before oversupply destroys their incentive value?
- • How much of the Graph can we populate before this happens and we have to close down the bounty program?
- • What submission rate can we permit before the Ethereum Virtual Machine starts to choke?
- • How much time do we need to allow for confirmation of new Identities and new Mashes?
- • How much of the Graph should Curators pre-load using readily-accessible sources?
- • Once the Graph is fully loaded, how many ID tokens are needed to support edits, births and deaths?
- • What happens if too many ID Token speculators choose to HODL?
- • How do we ensure that the poorest and least-advantaged get their identity created and maintained?
- • How do we prevent a threatened actor from using their purchasing power to stifle the project?
Early consultation and modelling has led us to this updated strategy:
- • Each Curator issues bounty rewards from a small pool of ID tokens.
- • This pool is topped-up automatically by a proof-of-new-data-triggered token minting Replenishment Event.
- • Existing token holders are also issued additional tokens when a curator pool is replenished.
- • An electronic vote is conducted before each replenishment event. Voters have the power to change key automated replenishment parameters, including the curator:holder token issue ratio.
The six-month period leading up to the first Curated ID Bounty Program load event will be a period of intense consensus-building between ID token stakeholders and other interested parties. Discussion will take place at https://forum.trigid.org/ and there is much to examine:
Mash Algorithm optimisation including; how it handles multi-token identifiers and junk words, collision distribution strategies, Mash sizes and multi-Mash requirements
Vulnerabilites and risks for the TrigID graph itself and for services that rely on it. Also new remote attacks the graph makes possible – like the Dictionary Filter Attack discussed below.
Curated ID Bounty Program features and rules including; bounty schedules for first arcs and confirmations, pre-testing services, validation escrow, bounty schedule changes and new mechanisms as the Identity graph approaches steady state.
Strong Proof of Identity
Creating a few personal passphrases is a great way to allow a service locate you in their database, but it doesn't prevent people pretending to be you. A sophisticated bad actor can read the Mashes from blockchain and then give something that generates a collision. To prevent impersonation, you need to register a public key with the TrigID Identity Graph.
If a service wants to prove you're you, there are a few steps they need to take behind the scenes. They need to create a message, encrypt it with your public key, then get you to decrypt it with your passphrase (or private key).
If you don't trust the service with your phrase or private key even for the few milliseconds it takes to decrypt the message (and you shouldn't, unless it's an emergency) you can use a trusted key intermediary service or use an app that will decrypt the message and send it back to the service. The TrigID Personal app can do this for you.
Verifying an identity's claims
Locating and confirming an identity is a highly-reliable event. For a 20-bit Mash, the chances of locating the wrong identity in the US from an SSN and Drivers Licence number is less than the chances of winning a typical national lotto game six times in a row. And it only gets harder, the more Mashes you use.
But that's not true for information about an identity. 20 bits represents about a million vertices in the TrigID graph. For unique Unsafe values (Let's say SSNs on the US population) – the 20 arcs that point to typical TrigID will cover around 2000 values (SSNs).
That will mean a one in 500 false positive error rate. If you're testing (say) Fred's proof-of-age for a bar, one error in 500 hundred is probably OK. But if you're testing whether you have the right medical record number for Fred, only a zero error rate is acceptable.
The solution to this false-positive-error problem is two-factor verification of the truth or fact claimed. The same "triangulation" mechanism used to locate a TrigID can be used to verify a "truth".
Any fact that you're wishing to confirm unequivocally using the TrigID graph will need to be entered with two arcs. In the case of Fred's medical record, it will need two numbers - which could, of course, be existing Mash values.
The Dictionary Filter Problem
In a Dictionary Attack a large list or "dictionary" of values is sequentially applied against an application in the hope of finding one that the application will accept. Usually the dictionary contains passwords and the "attack" hopes to gain access to some account.
The strategy can, however, also be used for other purposes. A bad actor – pretending to be Fred – could, for example, apply to set up a bank account using a dictionary of SSNs. With more than 300,000,000 SSNs in use, however, such an attack is never going to work.
If a bad actor knows enough about Fred to isolate his TrigD vertex, however, he can use the TrigID graph to turn that 300,000,000 SSNs into just 2000 – as we saw in the exercise above. 2000 applications spread over several days could well result in one that's successful.
We call this the Dictionary Filter Problem. Once a TrigID graph is loaded and live, governments, banks, and other custodians of your identity will need their applications to be much more vigilant.
Ensuring Data Integrity
The Curated ID Bounty Program provides a powerful incentive to load identities and their attributes. Those same bounties, however, are an incentive to load fake identities and attributes or attributes without sufficient notability.
This is one of the key reasons for giving an ID token a value and requiring that the ID be spent to deliver data. Most fraudulent submissions will be detectable using graph analysis techniques. Get caught and your bounties and your valuable submitted ID tokens will be forfeited.
Some of the program features that will be used to ensure data integrity:
- • All bounty program submissions must be provably linked to a TrigID.
- • Confirmation bounties for independent second, third and fourth duplicate submissions.
- • Validation periods that allow time for confirmation submissions and collusion testing.
- • Foundation Identity Record requirements including a minimum arc count and at least one Attestation Relationship
- • Extended validation escrow.
The details of these and other rules and strategies will be communicated and fine-tuned during the community consultation period.
On a smaller scale, there will always be those who wish to create the equivalent of a "false passport" to support illegal activity. There's no way to prevent this, but the Universal Identity Graph will make it easier to track the use of such false identities.
Towards an Identity Oracle
A blockchain Smart Contract is a powerful piece of software, but there are limits to its reach. If it needs data, that data has to be already in the blockchain machine and available to the Smart Contract in a form that it can use. If the contract needs to check an identity, for example, it has to rely on an external application to observe that need, go fetch the identity information and then feed it back to the contract. That external application is referred to as an "oracle".
There is no broadly useful oracle for identity. If there were, a whole new world of automated, immediate, incorruptible and cheap-to-transact commerce would be possible. Automated bank account creation and border protection. Automated transfer of everything from cars to houses. Automated payment of social security entitlements and insurance claims.
A populated TrigID Identity Graph makes such an oracle possible. What's more, since TrigID gets its data from the blockchain, it's possible for the identity oracle to be trustless and decentralized. All that's needed is the software to make it run. Our development partner FactNexus Pty Ltd has undertaken to open-source a TrigID-focussed version of its GraphBase DBMS for this purpose.
TrigID will initially be implemented over the Ethereum blockchain. Ethereum is powerful, proven and popular but there are concerns about its scalability and its overly-centralised governance.
The TrigID project has been built to be blockchain-agnostic and easy-to-migrate. This means there's no need for it to confine its records to a single distributed ledger. EOS, NEO, Cardano, Dfinity, IOTA are all potentially suited and there are many other public distributed ledgers in the pipeline. One or more of these can be a suitable new home for TrigID Mash data should the need arise.
Why TrigID is Different
The biggest difference between TrigID and any other digital identity technology – blockchain-based or otherwise - is that TrigID lets Personally Identifiable Information (PII) be safely stored and used in public. That PII can be publicly audited and validated, and it points to one, and only one, identity for every human. Putting it in public blockchain means that It can't be tampered with, it must be maintained by consensus and that it can be used by everyone.
No other digital identity technology – blockchain-based or otherwise – can make these claims.
How TrigID compares with a few of the many public-key based identity technologies
Glossary of Terms
Graph: A set of objects and the relationships that join them. Not a chart.
Arc: A relationship between the vertices (or nodes) of a graph. Sometimes called an "edge".
Attestation Relationship: A relationship between TrigID graph identities that attests to those identities. Usually a parent-child, sibling or legal guardian relationship.
Bounty Program: A program where rewards are given for successfully performing a task.
ERC20: A technical standard used for smart contracts on the Ethereum blockchain.
Mash: A product of the Mash algorithm. The algorithm takes an unsafe personal identifier and turns it into one or more safe reduced-information Mash values.
Public Key: From a pair of keys, the one that can encrypt a message. The other "private" key can decrypt the message. Used for authentication.
Self-sovereign Identity: Identity that can be managed by self and can't be controlled by any authority.
Zero Knowledge: A protocol where no knowledge is transferred between communicating parties.