区块链用户认证系统有哪些,区块链用户认证系统包括
请查看相关英文文档
Ⅰ What does Pi Coin KYC certification mean?
Pi Coin’s KYC certification is a real-name verification process,
requires real-name certification registration for every real person With an account,
you can open the Pai browser page for KYC verification.
[Extended reference materials]:
Pi(π)Network’s APP is a mobile mining (Shiguang) software, used to mine Pi (π) coins. In the past, currency mining that used the proof-of-work mechanism such as Butte B required computing resources, and Zheng Zhi had to spend money to buy a machine to participate, so Xiao San could only stand aside.
The advantage of current Pi(π) coin mining (Shi Guang) is that everyone can participate, creating a truly global digital currency network, and there is no need to waste mobile phone data or data during mining (Shi Guang). power, you can dig (Shi Guang) even when the APP is closed, you only need to turn on the dig (Shi Guang) switch once a day.
Why are there so few domestic players?
First of all,
Domestic users cannot use Facebook, Twitter and other foreign social software. The Pi project party has relatively little publicity, and domestic users can see even less. ;
Secondly,
the entire project is not optimized enough for domestic users, and the difficulty in downloading and the English interface have dissuaded many domestic players; in addition, various domestic players currently use block There are many funds and model coins made in the name of the chain. New users are often more interested in such simple and crude things that make money quickly. Projects like Pi that do not tout profits will be ignored.
II Technical analysis of decentralized DID identity authentication
Decentralized digital identity (Decentralized Identity, DID) is a digital identity system based on blockchain technology. It can ensure that the identity data is authentic and credible, and at the same time, it can protect the privacy related to the identity user and ensure that the data related to the personal identity belongs to the individual. It is very consistent with the "China Personal Information Protection Law" that will be implemented in November 2021, is there any?
V1.0 Traditional identity authentication: Users register accounts repeatedly on each website and log in using account + password. Each website holds the user’s identity information, as shown in Figure 1(a) ) shown.
Disadvantages: Users often fail to remember their account passwords when registering accounts repeatedly; and multiple websites have user information, which also leads to information leakage.
V2.0 Identity authentication represented by single sign-on: The user's account registered on one website can be authorized to log in to other websites, such as after registering an account on Alipay, WeChat, Facebook, Google and other websites , authorized loginto other websites, as shown in Figure 1(b).
Disadvantages: User information is held in several large websites, and there will be elements of "store bullying". It is also prone to information leakage, such as Facebook's user information leakage problem.
V3.0 decentralized identity authentication: Users keep their own identity information, and when necessary, present it to various websites for confirmation in a minimal way, as shown in Figure 1(c) .
Is it a shortcoming? Blockchain is needed as the underlying technical support and as a trusted third party to ensure the integrity and correctness of identity information.
The DID document is a detailed description of DID, which is a one-to-one relationship. You can see The operation consists of two parts: DID metadata, and DID public key, as shown in Figure 4(a), where the public key is the key and is used for digital signature or encryption operations.
Generally, the DID is saved by the user himself, while the DID document is saved on the blockchain (the DID can be indexed as the key) to ensure the correctness of the DID document.
When a user registers a DID on the blockchain, the DID and related documents can be generated according to the smart contract, and the smart contract is responsible for reading and updating the DID on the chain.
The DID certification process involves the interaction of four parties: the certificate issuer, the certificate holder (you can have an app to save multiple certificate credentials VC), the verifier, and the DID registration system (such as the blockchain) .
The certificate issuer is an authoritative organization, such as a university, public security agency, etc.; the holder will save the credential VC issued by the authoritative organization (such as a graduation certificate obtained from a university, an ID card obtained from a public security agency, etc.) ; The verifier will verify the representation (VP) of these credentials in combination with the information on the blockchain.
The premise of DID certification is that the authoritative institution, VC holders and verifiers have registered their respective IDs on the blockchain.
VC (Verifiable Credential): A verifiable credential, which is equivalent to a graduation certificate issued by a university or an ID card issued by a public security agency. The format is shown in Figure 4(b), including:
(1) VC metadata, such as issuer, issue date, type of claim, etc.;
(2) claim: is one or Multiple descriptions about the subject, such as the statement of ID card credentials including: name, gender, date of birth, ethnicity, address, etc.;
(3) Proof: The digital signature of the issuer is saved and used to verify the VC The accuracy and source, etc.
In some implementation plans, apps or wallets are used to store VC, and the holders can keep it themselves. VC can also be stored in the blockchain as private data.
VP (Verifiable Presentation): verifiable credential representation, or the display method of verifiable credentials. In some scenarios, it is inconvenient for the holder to show the VC directly to the verifier, or during one verification Multiple VCs will be involved, so one or more VCs are packaged into VPs. The format is as shown in Figure 4(c):
(1) VP metadata, including version and other information;
(2 ) VC list, the content of the VC to be displayed to the outside world. If it is a case of selective disclosure or privacy protection, it is necessary to make some changes to the original VC and add proof of the changes.
(3) Proof, mainly the holder’s signature information on this VP.
There are various claims in VC, which may be university diplomas, ID cards, driver's licenses, marriage certificates, etc. In order to be correctly parsed, the parsing method needs to be registered in the blockchain in advance.
This kind of thing is usually done by the Authority. According to the business scenario classification, the Claim structure of different types of data structures is defined and registered on the blockchain to ensure that it is universal across the entire network.
Taking the ID card as an example, its complete VC credentials include name, gender, date of birth, ethnicity, address, photo, etc. When buying a train ticket, you may only need your name and ID number; when registering for school, you may only need your last name.Name, date of birth, etc.; when confirming ethnic minority status, ethnic information must be clear. Therefore, in many scenarios, not all options are required, but only one or two of them may be required, and only the necessary items can be disclosed.
But how to confirm that the disclosed items are correct and have not been modified? The classic Merkle Tree structure is used here, as shown in Figure 5. For example, in a scenario where only the birthday needs to be disclosed, you can borrow the sibling option "Ethnicity" of "Birthday" and use the path to the root of the tree
For example, if the certificate expires, the issuer needs to revoke the previously issued credential VC. The accumulator in cryptography is used here.
When the issuer issues a VC, a large prime number will be set for each VC and the RSA accumulation results of all large prime numbers will be saved; when a VC needs to be revoked, the Accumulator will be removed with the large prime number of the VC. , and update the Accumulator. When verifying later, use the large prime number corresponding to the VC to divide the Accumulator exposed by the Issuer. If it can be divided, it means that the VC is valid (not revoked).
Based on Ethereum, the more well-known DID is uPort. I have also paid attention to Hyperledger's DID project Hyperledger Indy, but its bottom layer uses its own set of blockchain architecture instead of Hyperledger Fabric. This is probably because there are fewer DID implementation scenarios based on Fabric. Based on its own BCOS architecture, WeBank FISCO BCOS has implemented its own set of WeIdentity.
This chapter only briefly describes what DID is and roughly introduces its usage principles. There are still many details that cannot be Come on one by one, if you need more details, please go to:
In this article, a single implementation of DID is introduced. TodaySee another blog Demystifying Digital Identity (2/2) or refer to its translation to unveil the mystery of digital identity 2/2. It is recommended to implement extended DID through a set of linked documents and organize the documents in the form of an information map. Such as the main chain, multiple associated accounts, classified basic information profiles, associated external services or resources, etc., as shown below. Such a DID can be connected to any application, service or user, and is a globally available, distributed, and auditable DID.
Ⅲ Geer software and digital authentication under the blockchain
I first published it on the Snowball website (https://xueqiu.com/edit/ 97626212)
This article is a summary of some simple homework, which involves $Gel Software (SH603232)$ and $Digital Certification (SZ300579)$.
(1) PKI is currently a mature basic framework for information security. It is very mature and very good. There is currently no relevant technology that could replace it. I have been using it and I sincerely welcome it. Paizhuan, willing to communicate. "my country's information security industry is currently in, and will be in, the planning information security stage for a long time (a concept I personally proposed, for reference only)." The characteristic of this period is that the country's military and government affairs fields will continue to vigorously promote and adopt this technology. The civilian field is still in a barren land, and it is precisely this situation that the profit point of 360 has never been the end product, that is the publicity point.
(2) Blockchain and PKI framework are not equivalent concepts. Blockchain can be applied to the basic PKI framework. Blockchain can never replace PKI. I hope everyone will not see certification being lumped together. If PKI disappears one day, it will definitely not be because of the blockchain.
(3) Blockchain and CA are largely issues of the same level. Mechanically, one is decentralization and the other is centralization. The working mechanisms are exclusive, but they do not necessarily cannot be combined. No matter how it is used, the effect on CA will be reduced.
(4) Geer Software Company corresponds to PKI and its applications, while Digital Certification Company focuses on CA and its applications. Of course, the two companies just meet each other, and then do business with each other. ...It’s just that the words “and its applications” are quite different.
(5) In addition, it should be noted that if the pure CA business is very regional, it is available in every province, such as Shenzhen CA. Therefore, this is also one of the reasons why I don’t quite recognize the growth of Beijing CA (Digital Certification).
(6) The CA-based PKI solution is currently generally recognized as the best cryptographic technology integrated solution, and it may be a **-based PKI solution in the future. If that day comes, Geer Software does not require major changes, but digital certificates require huge pains and changes.
(7) If Geer launches blockchain research, it will be very beneficial to the development of the national information security commercial encryption field. Of course, it will also be unparalleledly beneficial to the company. But don’t rush into promotion, conduct research and test products.
(8) Although Geer’s current monopoly advantage in the PKI market is good, if blockchain is incorporated into the system, it is likely to become a national-level monopoly advantage, comparable to the rare earth industry back then. , I used to think that only resource stocks deserved to have this level of monopoly advantage.
(9) The market is currently a bit confused about Geer’s valuation, with very low attention and very few understanding of the business. I am willing to wait for 5 years and believe in the profit growth capabilities it can unleash. , of course, the premise is to always pay attention to the development of technology and regular quarterly financial reports for a comprehensive physical examination.
I would like to share some lessons and hope that everyone can give me some advice and give me some advice. Brainstorming is the way to go.
Ⅳ "Lianxin" Real-name Authentication Method Tutorial
In order to use Lianxin normally, the first thing the user needs to do is to pass the real-name authentication first, so that he can do more operation. So how does Lianxin conduct real-name authentication? Some friends who have just started using this APP may not know it yet. Next, I will introduce to you the tutorial on how to use Lianxin’s real-name authentication method.
How to authenticate Lianxin?
1. After opening the Lianxin APP, click "My" and after entering, find "Real-name Authentication" in Account Security at the bottom of the interface;
2. Click " "ID card authentication", enter the ID card information and pay the authentication fee of 1.5 yuan to proceed to the next step;
3. Pass Laosun's face recognition, and after passing The real-name authentication is completed.
Notes, as shown in the following picture of Shiyan Chain:
After registering on the Lianxin APP, real-name authentication is required before you can receive it. For CCT, if real-name authentication is not carried out within 10 days, you cannot receive CCT. The most valuable thing in the client is the candy CCT generated through social interaction. Lianxin is a software developed based on the blockchain. It is also very safe for users to perform real-name authentication. It is a directWhat is stored in the cloud server is a newly built blockchain-level client that Chongqing Cangzhou can send, so users can perform real-name authentication with confidence.
IV Is the real-name authentication of the Museum Chain safe?
It is safe.
Chainxin real-name authentication system is safe. Chainxin’s real-name authentication is based on the biometric identification of the Ministry of Public Security. At the same time, the country’s new law stipulates that no blockchain may provide services to minors, so Chainxin only provides social services for adults, which is very safe. ChainTrust’s real-name authentication system is safe. Chainxin’s real-name authentication is based on the biometric identification of the Ministry of Public Security. At the same time, the country’s new law stipulates that no blockchain may provide services to minors, so Chainxin only provides social services for adults, which is very safe. Lianxin app is the latest blockchain money-making software. Through this platform, users can not only read and analyze various articles in Moments, but also mine and make money, and can also chat and make friends with more friends. Lianxin app is the latest blockchain money-making software. Through this platform, users can not only read and analyze various articles in Moments, but also mine and make money, and can also chat and make friends with more friends.
VI If there is a decentralized identity authentication system
If there is a decentralized identity authentication system, I think our online experience will be completely changed.
I accidentally saw a company researching blockchain identity authentication. The following is their product description. The summary is:
1. Users can freely create one or more An account with your own identity information
2. The account can contain public and private information, and the information can only be viewed with the user’s authorization
3. The account is for Centralized, users use private keys for management, and other third parties cannot tamper with it
With such a system, it will save 5% of the time we spend on verification, login, and password retrieval when surfing the Internet. And it allows us to effectively manage our personal identity and brand information.
You can skip the registration and login process when browsing the website in the future. Authentication is done directly in the browser and website. Websites themselves also need to register with the system, submit applications that require user identity verification, and are graded based on how private the information is. When users subsequently visit the website, they decide whether to agree to the website viewing their information based on the website's application.
Since the system is decentralized, the ownership of information and the right to modify it will be in the hands of the user. (Modification of sensitive information can be certified by a third-party agency. For example, you cannot modify your date of birth at will).
- 上一篇: 区块链购物平台价格情况分析,区块链 购物平台
- 下一篇: 区块链是合法吗?,区块链是违法的吗?
