Identity Management In Custodial Blockchain System - An Overview
Software Engineer - 29 September 2021 -
Software Engineer - 29 September 2021 -
With Blockchain’s popularity growing more than ever, many industries like healthcare, accounting, banking, governments, music, and online marketplaces have already started adopting it.
Organizations are even finding blockchain use cases for their existing web applications. There could be several challenges when integrating blockchain-based use cases with existing multi-tenant web applications. One such challenge is devising a secure blockchain identity management mechanism. Its existing authentication method can be utilized that can further allow the user to interact with the distributed ledger.
In this blog, I’ll discuss some possible solutions to the challenge of identity management mechanism. Let’s discuss it in detail.
I have listed down some of the common solutions that you can leverage while dealing with the identity management bottleneck.
In a Distributed Ledger Technology (or DLT) system, a public-private key pair uniquely identifies a user. This identity gives the user access to interact with the DLT. As the name suggests, the public key is publicly made available to other users of the DLT system, whereas, the private key should be kept secret by the owner of that identity. Considering the traditional username/password authentication, user names are generally public data. For example, in social media applications, users can find each other via username. Passwords are secret to a particular user. It is the user’s responsibility to remember the password or keep it safe and secure.
Public key authentication is a relatively new authentication mechanism and fewer people are familiar with it. Compared with password authentication, a user has almost all control over what he wants, the username and passwords. But in DLT, the public/private keys are generated using a public-key generation algorithm as a pair. Generally, these keys are represented as long hexadecimal strings that makes them extremely hard to remember. Due to this complexity, it demands to be stored in a location that doesn’t make it, vulnerable to theft and loss.
Various solutions are available to securely manage DLT identities, such as cold wallets where a user can hold his identity in a secured offline device. The non-custodial hot wallets can be browser-based software. Please have a look at our Crypto Wallets blog for a more detailed explanation on wallets.
In a trusted organization, it’s too much of an overhead for its end-user to deal with managing these identities on their own. There is a lot of security risk attached if a highly authorized user’s DLT identity is stolen.
Instead, the organization can control the DLT identity and provide other user’s authentication, so that the end-user can interact with the ledger. In the next section, I’ll discuss one such mechanism to achieve the same.
Crypto Custody is a solution where a trusted organization holds and manages the user’s DLT identity. Fundamentally, the organization is handling the crypto assets on behalf of the user. When an authorized user wants to interact with the ledger, the application will internally pick the DLT identity mapped to the current user to sign and submit the transaction. With this approach, the user can be granted access to the system with a username/password. Using a custodial service is desirable to an asset holder because it mitigates the security risks attached to it like theft or loss.
The custodial approach provides a better user experience, in terms of security the custodial solutions are considered safer for all the new users who lack the experience with key management.
However, it should also be noted that such mechanisms do not give users the complete control over their assets. If there is any security vulnerability in these services and they get hacked, user’s assets will be lost.
Let me now discuss some approaches that you can leverage to manage identities in a custodial environment.
It’s a pretty straightforward approach. A unique DLT identity is generated for each user and it’s mapped with the user’s system credentials (username/password). The DLT identities are stored as plain text in a database. Upon successfully logging in to the system with the user’s username and password, the user can now submit transactions on DLT. Internally in the design, whenever the user submits any transaction on DLT, his mapped DLT identity is fetched from the dB to sign the transaction.
This approach is straightforward to implement, but exposes the system to most significant security risks. Since all the identities are stored in centralized storage without any encryption, it will expose all the identities to the attacker if the DB is compromised.
This approach is very similar to the previous one, but here the identities have been stored encrypted using a secret key (i.e., Symmetric-key encryption). A single secret key is used to encrypt/ decrypt all the DLT identities across the application. The stored identity is always in the encrypted form and is only decrypted at runtime by the server application to submit transaction on DLT.
Encrypting the private key on dB eliminates the risk of exposing identities in case of a DB attack. It still is quick and easy to implement, as it only adds one encryption/decryption layer on top of the implementation of the previous approach. Here, the concern should be on making the application fully secure. If an attacker gets access to the application runtime, the attacker can decrypt all the identities stored in the DB and submit transactions on behalf of the users.
Having identities encrypted increases the overall system security, but it still has a single point of failure. The use of a trusted external vault to store identities can outsource our security concerns. Azure, AWS, HashiCorp are some of the popular vault service providers. Also, multiple vaults can be used to have more decentralized storage, thus reducing the risk of a single point of failure. Multi-Party Computation (MPC) is another very advanced and complex form of encryption. This encryption involves multiple parties along with their private keys and encrypted data. To know more about MPC, you can check out this link.
To conclude, crypto custody solutions deliver significant value to the end-users in safeguarding their cryptocurrency assets. It improves the end-user’s experience and plays an essential role in onboarding new and inexperienced people to the world of cryptocurrency.
I have mentioned a few approaches to manage DLT identities in a custodial environment, all with some pros and cons based on simplicity and level of security. With these factors in mind, one can choose an identity management scheme suitable to their needs. So, now whenever you come across identity management challenge, try out these solutions. Do share your experience.
Till then, happy reading!