Main Access & Identity Network (M.A.I.N) is the heart of the overall objective of Main & it’s services. This document describes the approach & solution Main uses to decentralize identity of it’s user & overall process, lifecycle & some of the use cases as on date of Main DID.
This document mainly focuses on the DID v1.0 standard & may continue to evolve or change as the requirements change.
This document is subject to change as the solution is built upon or evolved.
Main’s services are first developed as micro service & eventually merges with single web3 micro service, the reason we do that is as we bring in new features such as web 3.0 we write in separate isolate environments & the service on it’s own doesn’t disrupt the Main’s core existing functionality. We follow the same pattern overall and eventually merge it into a single micro service to avoid running too many service instances in the infrastructure landscape.
Main’s Web 3.0 Micro Service contains the following application services:
Application API I
PFS Private Nodes
Main SideChain Private Nodes
The functionality of application api are as followed:
Storing and retrieving encrypted content from private IPFS which holds the encrypted user data
Private contract deployment which stores the hash reference only resolvable by the user using their private keys
Both this functionality is designed in such a way that it allows CRUD operations (CREATE, READ, UPDATE & DELETE), This has been further explained in it’s own section under Main SideChain.
Main SideChain has the following two services, IPFS & Ethereum Private network, these two services together allow a unique mechanism to store, retrieve & resolve private encrypted data.
The encrypted data is stored for two purposes:
Allow users securely stored encrypted data but owned and controlled by themselves
To ensure always the latest state is available
The actual unencrypted data always stays on the user device & it is the source of truth at all times.
IPFS nodes in this case allow mutation of data as the state change & and doesn’t make the data publicly available, this is done as per the DID v1.0 standards which makes it mandatory for any PII to be encrypted and stored on isolated silos rather than storing it on public domain.
IPFS allows the user to encrypt the data & push the encrypted state at all times, this ensures as long as the user has the private account to recover or restore the data on any new device.
Microservice written for IPFS provides the following functionality:
Add Private Data
Update Private Data
Read Private Data
Delete Private Data
All these methods return encrypted data to the user to decrypt with their own private key to know or reach the private data a user must have created content resolvers using the contract methods.
Ethereum private network allows users to deploy contracts for each identity or data type. Once the contract is created, The user can only read, update & delete the resolvers for private data.
This makes it impossible for anyone without access to the private account key or identity key to retrieve PII information unless it is owned by the user.
All the identity contracts which contain PII are accessible by the user only.
What is important to note on the private contract is that only the contract owner has the ability to manipulate the content references thanks to the contract modifier function which validates “ifOwner” before allowing any manipulation.
The Main Public chain is publicly accessible & this is where a user owned public contract is deployed & this is publicly available.
These contracts are DID contracts & follows the standard of DID v1.0 for verification, attestation & resolving the content.
These contracts are designed in such a way that it does not expose any PII information however allows users to validate users credentials for verification & attestation.
Main chain is a fork of Ethereum with few modifications to the core to ensure faster transaction times.
These contracts can be directly deployed from the users device to chain & Main uses a unique approach where the user deploys & owns contracts unlike other approaches where a registry is maintained of all users in a single contract.
1) Has Identity
2) Specification Exists
3) Create Identity
4) Update Identity
5) Delete Identity
6) Get total identity count
7) Get Main Name by Address
8) Get address by Main Name
9) Verify & attest function example
Main’s Decentralized profiles allows users to publish a public web profile to public ipfs using mainapp.
The profile data is filled from the Main mobile app.
This is selective data chosen by the user to publish and make public which includes links to social identities, user image & about me section.
Main name is also the primary resolver to wallet services, Wallet service of Main allows the users to resolve wallet addresses using the recipient main name.
Wallet resolution process:
Main Public contract allows users to self attest and deploy identities which does not contain any PII attributes instead only contains the ‘Sub Identity Resolvers’, Let us see this process more closely:
All users own their contract, which allows them to self attest the identities they own which don't have authority to sign & attest such as block chains. Main DID acts as the primary resolver.
Once a user shares the Main DID with anyone it has the ability to resolve the Main name & Similarly when a user shares the Main name with anyone it also sends the unique contract address (Main DID) to the user. This is running a smart contract deployed and managed by the user themselves allowing them to identify.
No one knows your main name unless you authorize or share it with anyone & this is when the associated Decentralized address is shared. Main DID is a publicly available contract & can be accessed by anyone however it all starts once someone knows your main name which resolves to Main DID Contract.
Main DID Contract contains various identities & these are resolvable using either by the service type, provider name etc under the key which returns the public key of the relevant service/provider’s value stored.
This is the simplest form of decentralized service which allows resolution of service & identity thanks to user owned Main DID Contract. This service can be used to resolve relevant blockchain keys allowing the known users to resolve with just the Main Name.