PolygonID is a new and impressive way to manage your identity in the online(web3) space. It’s an amazing innovation in identity management that gives you self-sovereign power over how your identity is shared and used.
This article seeks to unravel and explain what polygonID is all about.
To help you understand things better, we’ll need to start from the ground to the top.
One very important concept that remains very crucial in society, is the concept of identity.
On a daily basis, we’re required to either prove, disclose or share our identities in one form or the other. Our identity can come in simple forms like our names, and in more organized forms like IDs, and licences that we carry.
When it comes to the world of tech, identity management is soo important. We’re required to prove or share different pieces of our identity in one form or the other(e.g. names, usernames, emails and more) from day to day. This happens especially when registering(signing up), and logging into different online platforms.
There are different forms of identity management when it comes to the online space. Below are three of them.
Centralized Identity: This mode of identity management has to do with the concept of having different user accounts for different platforms. This mode of ID management is most popular in the online space.
Federated Identity: This mode of identity management has to do with having a single account which is recognised across a number of platforms. Such accounts are usually issued by a trusted third party.
A very practical example of this is your single Google account which can enable you to access different online platforms and services.
Decentralized Self-Sovereign Identity(SSI):
The SSI concept is one that proves hard to understand. But I hope you’ll get a good understanding as you read on.
The first concept here is the concept of “decentralization”. To keep things simple, decentralization is simply one of the core foundations on which blockchains are built. Decentralization helps in spreading data across a number of sources instead of having a single source of truth (like a single company database) that can be easily manipulated.
The other concept(SSI) simply brings in the fact that you are empowered to be the sovereign holder of your Identity - being able to keep your details as private as possible - while still proving ownership and right of access.
In SSI, we receive digitally signed credentials, store them in (private) digital wallets, and then provide them when required to securely prove our online identities.
SSI gives users(individuals or organizations) the sole ownership of their digital identities, while also empowering them with the ability to have control over how their personal data is shared and used.
This mode of identity management is just so impressive as it solves problems involved with the other two methods of identity management earlier explained.
The trust triangle - How decentralised self-sovereign identity works.
For Decentralized SSI to be possible, a very important concept comes into play. It’s called the trust triangle. Here’s how it works.
The user is required to prove/provide their identity(or piece of identity) only once to a party called the “issuer”. The issuer then generates a cryptographic proof of that identity which is called a “Verifiable Credential(VC)” in PolygonID, This Verifiable Credential is then stored on a digital wallet and presented at the point of verification for access or proof of ownership to be granted - all still without revealling the user's identity.
The party that verifies the claim, is called the “Verifier”.
For all these to be possible, there must indeed be a trust relationship between the issuer and the verifier.
Please take clear note that just as stated above the user’s identity is kept sovereign - it will not be revealed to the verifier.
The verification process is carried out against the already generated Verifiable credential while the user’s identity is kept secret.
A very important question you might be asking is “How then is the revealed piece of identity kept from the verifier, and yet the verifier is able to verify it and agree to the claim”
This is made possible by a concept in cryptography called Zero-Knowledge (ZK) Proofs.
The Concept of Zero Knowledge (ZK) Proofs.
In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, while avoiding conveying to the verifier any information beyond the mere fact of the statement's truth. The intuition underlying zero-knowledge proofs is that it is trivial to prove the possession of certain information by simply revealing it; the challenge is to prove this possession without revealing the information, or any aspect of it whatsoever
- Source: Wikipedia.
Different analogies are used in attempt to explain ZK proofs and make it more understandable. The best that I found so far, is the “Two balls and the colour-blind friend” story/concept. Read it below.
Imagine your friend "Victor" is red-green colour-blind (while you are not) and you have two balls: one red and one green, but otherwise identical. To Victor, the balls seem completely identical. Victor is skeptical that the balls are actually distinguishable. You want to prove to Victor that the balls are in fact differently-coloured, but nothing else. In particular, you do not want to reveal which ball is the red one and which is the green.
Here is the proof system. You give the two balls to Victor and he puts them behind his back. Next, he takes one of the balls and brings it out from behind his back and displays it. He then places it behind his back again and then chooses to reveal just one of the two balls, picking one of the two at random with equal probability. He will ask you, "Did I switch the ball?" This whole procedure is then repeated as often as necessary.
By looking at the balls' colours, you can, of course, say with certainty whether or not he switched them. On the other hand, if the balls were the same colour and hence indistinguishable, there is no way you could guess correctly with probability higher than 50%.
Since the probability that you would have randomly succeeded at identifying each switch/non-switch is 50%, the probability of having randomly succeeded at all switch/non-switches approaches zero ("soundness"). If you and your friend repeat this "proof" multiple times (e.g. 20 times), your friend should become convinced ("completeness") that the balls are indeed differently coloured.
The above proof is zero-knowledge because your friend never learns which ball is green and which is red; indeed, he gains no knowledge about how to distinguish the balls.
- Source: Wikipedia.
This above illustration is a very beautiful analogy that helps to describe the way cryptography (zk proof) is used to keep the identity of a user secret and sovereign while still proving ownership or right of access.
Now let’s bring PolygonID into the gist.
What is PolygonID.
After all the explanations I’ve made earlier in this article, I bet you can already guess how PolygonID comes into the scene.
PolygonID is a very ingenious piece of verification technology that was developed by the amazing folks at Polygon.
It combined the concepts already explained in this article to give users the power to prove their identities without actually revealing them to third parties.
Polygon ID enables organizations on one side to issue verifiable credentials about users, and organizations on the other side to verify those claims via a suite of tools created for each member of the SSI ecosystem
Polygon ID, with the help of zero-knowledge proofs, lets users prove their identity without the need of exposing their private information. This ensures both the Freedom of Expression and Privacy by Default (User's identities are secured by zero-knowledge cryptography).
Every identity is identified by a unique identifier called DID (Decentralized Identifier)
Every identity-based information is represented via a Verifiable Credentials (VCs)
Source: PolygonID docs.
You can learn a lot more by reading the PolygonID docs.
Potentials of PolygonID.
A revolutionary and ingenious piece of tech as PolygonID has definitely got a lot of potential. From the thrill of being able to prove your identity while still maintaining your privacy, to the massive new identity management horizon(ecosystem) that this innovation stands to accelerate, to the new use cases being unveiled, I'm just very confident that PolygonID is an innovation that will only keep making giant strides.
Some use cases for PolygonID.
Polygon ID can be utilized in a number of very relevant ways.
It can be used in KYC programs.
For e-commerce onboarding.
For passwordless login/authentication.
It can also be used by top institutions like banks and DAOs.
And just many more amazing use cases...
It can be used to document medical cases without revealing the identity of the affected(sick) folks.
There are just so many possibilities with PolygonID.
How PolygonID works
The amazing team ID team at Polygon were able to come up with a suite of tools to make the process of Decentralized self-sovereign identification possible. Below is a quick summary of how identity management works with PolygonID.
You’ll need to download the PolygonID mobile app from an app store.
You’ll then visit an issuer platform/website to generate a cryptographic proof(Verifiable Credential) of any piece of identity you wish present at verification points.
Once the proof(VC) is generated, you can then save it to your wallet on the PolygonID mobile app.
At any point you wish to get verified, authenticated or authorized, you’ll simply need to provide the VC on your PolygonID mobile app. The VC is then verified to prove your claim using the zk proof concept. After which access is granted if your claim is confirmed to be true.
All of this is done without giving out any of the contained identity information to the verifier - only the cryptographic Verifiable Credential(VC) is presented - amazing thanks to zk technology.
In PolygonID, all of these processes are handled with the aid of Quick Response(QR) codes and some other underlying pieces of tech like zk cryptography, and blockchain/web3.
This video by Steph Orpilla will definitely be an awesome resource to help you get a better grasp of how the PolygonID service and the mobile app work.
Getting started with PolygonID.
Getting started with Polygon ID is easy. Simply visit your app store, download the PolygonID app, and begin exploring.
Decentralized SSI is a fairly revolutionary concept. Hence its adoption and use are still at a low.
This means you might rarely find supporting issue/verifier platforms to put the app and service to use. That’s why the Polygon team continues to push for its adoption among developers. It's good to note that very crucial progress is already being made.
I wrote this article as part of my participation in the Polygon IDThon challenge. I hope it has really helped in giving you a good understanding of what PolygonID is all about and also some of the relevant underlying concepts.
If you found value in the article, do drop reactions and comments.
You can also connect with me on social media. My handles are just below.
Thanks for reading