FixedID: Building a Better SSO

User authentication is a mess. Rolling your own auth is a pain, but implementing SSO with Google, Facebook or Github leads to loss of privacy for users, and also user confusion (anyone who has run a webapp knows users are constantly forgetting which sign-in option they chose). This post proposes a new SSO system I’m calling FixedID, which I believe is strictly superior to “Sign In with Google/Facebook” for both users and app developers, and in many cases superior to email/password auth as well.

FixedID’s central account list and account recovery protocols are built on top of a blockchain to provide credible neutrality. But unlike many other blockchain projects, it’s intended to be primarily useful to the wider world of non-blockchain app developers.

High-Level Overview

Anyone can apply for a permanent integer FixedID. Anyone can visit fixedID.org (not yet live) and apply for a FixedID. This involves submitting what in the crypto world is called a “proof of personhood,” such as a video of themselves that’s hard to fake. They also pay $30 in collateral. All videos are public, and anyone can view the user’s video and challenge the submission. If a challenger proves that the video is a fake or duplicate, they get to keep the $30. Otherwise, the applicant is issued a FixedID, which is recorded on a blockchain.

FixedIDs are fully recoverable. Each FixedID is associated with a crypto wallet used to prove ownership. If an individual loses access to the wallet they used to generate their FixedID, they can recover their FixedID using one of two flows: first, if they previously selected trusted “recovery users,” those users can then vote to recover the FixedID. Second, an arbitration process (run on-chain with third-party jurors, again to maintain credible neutrality) can be run using Kleros or a similar platform.

FixedIDs are ideal for authentication. The wallet associated with a FixedID can be used to sign in to a web application. This sign-in uses a zero-knowledge proof to assure the app that the account belongs to a unique human, while not revealing which specific human it belongs to. In addition to eliminating sybil attacks (sockpuppeting, multi-account trolling, multiple redemption of signup bonuses, etc), this removes the burden of account recovery from app creators.

FixedID owners receive a basic income token. FixedIDs will issue a built-in basic income token, with issuance calculated to produce a modest annual inflation of ~2.3%. All FixedID users in good standing will qualify to receive the token.

Signing Up/Proving Personhood

The signup process will initially work as follows:

• Upload a picture of yourself and a video that involves speaking a predetermined phrase.
• Post $30 in collateral that you’ll forfeit if your account is judged fake.

Initially, to minimize the burden on users unfamiliar with the crypto ecosystem, the collateral can be submitted with a credit card, and the associated wallet can be automatically generated and stored locally in the user’s browser. Expert users should of course be able to transfer their FixedID to a more secure crypto wallet.

Over time as FixedIDs become more widespread, the signup requirements may be raised. For example, we may require each account to find “vouchers” willing to attest to the fact that they’re a real person. Vouchers can be penalized if they vouch for an account that turns out to be fake.

Challenging Fraudulent Users

The FixeID system relies on challengers to determine whether an account is legitimate or not. Every account must submit $30 in collateral at account creation time that is permanently locked into the account. If a challenger believes a given account is fraudulent (either a duplicate of another user in the system, or a completely imaginary person), they can challenge the account. A challenge goes through through several phases of escalation:

1. First, a challenger submits a challenge. The challenge includes their evidence of fraud and a $30 challenge fee. If the account owner accepts that they’ll probably lose the challenge (presumably because they submitted a fraudulent account), they can opt to do nothing, and their account is closed and the $30 collateral is released to the challenger.
2. If the account owner wants to fight the challenge, they can put up an additional $400 in collateral. If the challenger isn’t confident they can win their challenge, they can walk away at this point and forfeit their $30 challenge fee to the challenged user. Otherwise, they can also post $400 in collateral to send the challenge to arbitration, which will happen on Kleros or a similar platform to preserve credible neutrality.
3. The Kleros arbitration is appealable by the losing side, with the monetary stakes required escalating at each level of arbitration.

Recovering a Lost FixedID

An important property of a FixedID is that it’s assigned to one person for life. So no matter what happens—a lost or stolen private key, or even the case where someone intentionally sold their FixedID or vouched for a fake user—it should always be possible for a user to recover their FixedID by assigning it to a new crypto wallet. There are three ways to recover a FixedID:

1. Individual Recovery: a user can use the wallet currently associated with their FixedID to request that the FixedID be transferred to a new wallet. Once a request is initiated, the transfer happens after one week assuming it hasn’t been challenged. During the intervening week, the FixedID continues behaving as normal, it’s just associated with the previous wallet.
2. Social Recovery: A user can add “recovery users” to their FixedID to allow for social recovery. A majority of your recovery users can vote to associate your FixedID with a new wallet. When recovery users vote to recover your FixedID, a one-day waiting period begins. During the waiting period the ID is locked and cannot be used for signing in or redeeming basic income. Adding or removing recovery users requires a 1-week delay before the change is live.
3. Recovery through Arbitration: Anyone can open an arbitration request to transfer a FixedID to themselves. This requires posting $400 in collateral in addition to the arbitration fee paid to jurors. It is the user’s responsibility to prove that they are the same person who created the FixedID account, potentially in an adversarial context if someone else is currently controlling the account. If the transfer request is ruled fraudulent, the existing account owner keeps the $400 collateral.

These three methods escalate, so a group of recovery users can overrule an individual recovery, and the ruling from an arbitration court can overrule a group of recovery users.

Authenticating with FixedID

FixedID is designed to be an ideal authentication scheme, appropriate for replacing username/password auth, Google/Facebook/Github SSO and signing in with an Ethereum wallet directly. I’ve run large user communities before, and fraud, sockpuppeting, vote brigading, repeated trolling, and other varieties of sybil attacks are problems that every community faces. FixedID can help here, while still preserving user privacy! (Note, however, that for communities where ephemeral/throwaway accounts are an intended part of the UX FixedID login won’t be appropriate.)

When an app requests that a user sign in with FixedID, it provides the user with an app-specific string (such as the app’s URL). The user then returns an app token, which is a hash of the app-specific string concatenated with the user’s private key, eg AppToken = Hash("{app_specific_string}.{private_key}"). Additionally, the user provides a zero-knowledge proof that (1) the hash was correctly constructed, and (2) the private key corresponds to some public key in the set of all public keys currently associated with a FixedID (without revealing which one).

This allows the user to demonstrate that they have a valid FixedID account, and also allows they server to verify that they have only one account on the service, since the AppToken would match an existing account if they already had one. It also preserves the user’s privacy, since the app can’t map the hash AppToken back to a specific FixedID. And finally, it moves the burden of account recovery off of the app entirely and onto the FixedID infrastructure. These are significant benefits for an app builder!

Additionally, this can be extended with an Ethmail-like (but less centralized) service so each app is given a single-purpose address that forwards to the user’s main email address.

Note, however, that this scheme as written will break when a user recovers their FixedID to a new wallet. Further work is needed to handle that potentially difficult challenge.

Attestations

Many types of credentials or attestations are conceptually tied to an individual and are not transferrable. A club might attest that I’m a member, a university may attest that I have a PhD, or a country may attest that I have a valid visa.

These types of attestations can be issued against a user’s FixedID. Attestations issued in this way can rely on the security properties of FixedIDs (and the underlying blockchain) to ensure they’re non-transferable and fully recoverable. And just as with possession of a FixedID itself, a user can generate a zero-knowledge proof that they possess a FixedID with a specific attestation, without revealing precisely who they are.

Basic Income/Monetary Policy

All FixedID users will receive a basic income through a new token “Fixed Income” (FIN). There are three primary reasons to bake this into the protocol:

1. The issuance schedule described below will naturally reward early adopters heavily. This should drive initial adoption.
2. Controlling the issuance of FIN gives the protocol a way to punish users who try to subvert the protocol without actually removing their account (which we never want to do for legitimate people). FIN issuance can be locked or suspended for a time in response to eg. vouching for a fraudulent user.
3. It is my opinion that some amount of redistribution is fair, to partially counteract the vastly different circumstances individual humans are born into.

FIN will be issued at an initial rate of 100,000,000 tokens per year. This issuance rate will increase by 2.34% annually, leading to an overall long-term inflation rate of 2.28%. This inflation rate was chosen to (in the long term) double the total money supply every 30 years. The 30-year-doubling is somewhat arbitrary, but I chose it since that’s the approximate length of one generation and this way each new generation gets a fresh start.

Once an hour, the total amount of FIN to be issued in that hour will be calculated, and then distributed evenly among all active FixedID holders. This distribution scheme should incentivize early adopters to sign up, since early users will receive huge FIN allocations before the network becomes popular.

The issuance dynamic is captured by the equations below:

• \[YearOneIssuance = 100,000,000\]
• \[IssuanceInflation = \sqrt[30]{2} \approx 1.02337389...\]
• \[annualIssuance(T) = YearOneIssuance * IssuanceInflation^{T}\]
• \[AnnualInflation = \lim_{T \to \infty} \left ( \frac{annualIssuance(T)}{\sum_{n=0}^{T-1}annualIssuance(n)} \right ) \approx 0.0228...\]
• \[annualIncome(T) = \frac{annualIssuance(T)}{count(ActiveFixedIDs)}\]

Let’s build!

There’s a huge scope of work here, and it will take years to build the complete vision. If you’re interested in helping build a system that may one day be used to authenticate most of the planet, I’d love to hear from you! You can contact me at kyle@ this domain.