Detailed Plan

** Executive Summary. Why do we need this?

Your browser extension web wallet is great, it comes handy when you need to pay online. However, that is the smallest part of your needs online. Most of the time you must manage each of your accounts with service providers. You must authenticate to access their service, most of the time by username and password. Your service provider stores those users & passwords, and when they get hacked, your account passwords end up floating on the internet. To reduce that risk you use password managers, to use a different password on every service & keep track of it.

With the upcoming metaverse, or even regardless of it. Online we dare to have multiple accounts for the same service. We use them for different purposes, we make different characters of ourselves, what is online and metaverse, we have multiple identities. This even more information to manage and keep track.

Wouldn't it be awesome if your wallet would take care of authenticating you? Your wallet can sign authentication messages. What would be more secure than actually logging in with your own keys? Your keys, your coins, your accounts. You are in complete control & ownership. Your wallet can also manage multiple identities, in the HD wallet scheme, they are just different master accounts.

It is already possible. In the Hive blockchain, they use this system to authenticate users, their web extension wallet manages different types of keys. One for authentication to their social network, one for spending your funds. Their innovation can be incorporated to be compatible with Cardano and allow us to profit from it and use also our own innovations. It will unlock, as it has done in Hive, not only social media applications but the highest growing sector in crypto: Gaming.

Finally, and the reason to be a nation building Dapp. The concept of a nation is fuzzy online, we need also online native nations. Which are no more than a type of service providers to which you voluntarily adhere. What is relevant for a Nation is to identify you, acknowledge and hold you accountable for your commitments and finally require taxes. Whether you join an real online nation(those with a physical army) or an online native one(your metaverse digital nations), you'll need to manage their identity token and be able to sign commitments. The simplest commitments is signing authentication messages to login to services. But further down, you can sign contracts, sign for support projects and you need to be able to store locally those commitments. Think how well organized are you in your paperwork? Online with more identities you need a digital manager for that.

HD wallets let you create many accounts. You can then use different account to portray your different online identities. Each of which would have its own history, credit, funds, reputation, etc. Because online you are not born, you create yourself.

** Impact & target group

Most blockchains focus on finance, of course we all need money it is a super important and thus there are a lot of undeserved markets & promising ventures to work on. However, you will daily login to services more than you will send/receive a payment. Authentication is a big problem and we wing it with username & password. Public-key cryptography solves the authentication problem, we just need to use it and have it handy in our wallets.

Today, we have HD wallets and their derivation paths. We can pick one path to serve authentication purposes, and thus never mix them with your hard earned ADA. This would provide the same level of security and authentication that public key cryptography offers to secure you funds to secure your accounts. It also becomes an immediate two factor authentication. You have your keys and your know your unlock password and both components are in your control instead of stored by your online service provider.

Additionally, you stop needing to remember passwords, even to have a password manager, or use Google authentication services. This is great for user and application developers, because all authentication happens at the cryptographic level and the user is in full control and custody of their login keys.

From user side. They only have to remember(and have securely saved in physical form) their mnemonic phrase. That restores their wallet and now account logins. Then they need an unlock password, for the web extension to sign the login messages. That's all, no more password managers with master passwords either. Just your unlock password. There is not even a need to give different public keys to different sites, as you do with passwords on different sites. Your public keys are there to be shared, they don't unlock anything, it is your signature with your private key which only you control that unlocks things.

For the service provider it is also great, they only need to validate signatures, no need of figuring out how to store passwords safely or relying on Google/Facebook/etc third party authentication services.

The target group would be anyone with an online wallet. That is too generic and the end goal. Currently it is the niche group of people and developers willing to incorporate this technology. Yet this curious people will be trying things out, experimenting with more identities, or isolating their same identity from different online services. They will need to manage those interactions.

The system lets you manage your identities, login to services as separate entities. And why limit to account identification. Since you can sign messages, you can extend them to sign commitments and other forms of contracts. This is particularly important for cooperation among people. Commitments. We have them everywhere, they are our social contracts. We don't need to limit ourselves to hold NFTs to prove ownership, we can use separate HD derivation paths to sign commitments and contracts.

** What this project is about

This proposal addresses authentication. Off-chain authentication. It doesn't need the Cardano blockchain to work, it will only be cryptographically compatible with it. You don't need to submit a transaction to the blockchain for authentication. This approach has the advantage of no cost on each login you perform, and you can log in from any device, and as many times as you want, because you are just authorizing yourself to access the service.

Secondly is about having your identities vault. This is a local database(I'll use your browsers storage and sync features) where you keep track of your interactions. To which service you registered and under which identity? Did they gave you a contract? how do you store it and where? Yes browser storage is limited but you can mostly save references and the metadata of those documents.

There is a huge application for on-chain authentication. Specially on spam prevention. If you have to authenticate with a transaction on chain, it is a negligible price for a user, but it quickly becomes expensive for a bot network. This is a better way to prevent abuse on services and avoid all those annoying captchas.

Same goes for identity. Here IOHK has the lead with the Decentralized Identifier (DID) in Atala Prism. Yet there is still room for merging authentication to identity. Most probably by signing DIDs with your keys. At the same time, your DID is something you need to store and secure(as you do with your passport), if you are going to have many you need a manager. Yes you'll have many DID. Because they are a compliance system, and there will be many issuers of DID with different requirements and recognition levels. You'll need to manage all of them.

** Feasibility(Skill required)

The biggest tailwind, is that this is an existing solution that needs to be adopted to work over the Cardano ecosystem. That is the Hive Keychain wallet(https://github.com/stoodkev/hive-keychain). A straightforward fork wont do, because of Cardano's own way of serializing thinks, key signing algorithms, hash functions. Yet, having a model product helps a lot, especially being open sourced. There is a clear goal of what needs to be copied.

Second advantage is that all required cryptographic primitives for Cardano are already in the forms of libraries released by Emurgo.

The true challenge of this project is the architectural work of putting this components together into a usable interface. Then abstracting it out again into a library that any wallet provider can incorporate. Finally, writing a CIP for authentication that standardizes the process.

** Auditability & KPI

If you read attentively, you'll notice this project suffers from the two-sided market problem. Creating supply and creating demand. It needs users to want to authenticate with their wallets and it needs service providers offering that authentication option. Although both sides benefit, none is joining without the other. It is hard to judge success on adoption, at least early on. Thus my indicators are around the base infrastructure, and measure deliverables instead of adoption at this early stage of the project.

- An MVP with the login feature released in great imitation of the Hive keychain wallet, as this project web extension.

- The message signing will be available as a library for other web wallets to incorporate this feature.

- A backend message verification reference implementation released for each application provider to use.

- The web extension lets you switch accounts and has an identity dashboard.

The Project will be developed in the open with a public git repository. Because its libraries will be used by other wallet providers and also services. It will be licensed BSD-3 clause allowing everyone incorporate this tool without worrying. It can be incorporated even on closed source application. That is important for adoption as some application developers will not release their software source code yet they need to use this open sourced library.

If you have read extremely attentively other challenges, you'll find my proposal on authentication(on the dapps and integration challenge). This proposal has that as a requirement, yet I include all those requirements for this project here too. Hopefully one of the projects gets funded, if both would the extra funding will be used to provide support for adoption on services that need to authenticate their users so that the interfaces match.

** Success Growth- 3-4: Months: the Projects is released into the open for general use
- 6 Months: 5 Dapps recognize authentication messages signed from this tool
- 12 Months: People get comfortable having online identities as such. We move from one-person one-vote, to character history to vote. Yes weighted voting, but not by money, but rather how much your character contributes to the community. With a form of identity that participation can be tracked. Yet identity is not that you are born, it is what you make out of your self. And your character will receive difference influence voting depending of it pertinence to the community.

** Timeline

Everyone has a plan until they get punched in the face – Mike Tyson.

I propose a 17 Week action plan, on dedicated focus for this web extension

Most software development is unpredictable and has little to do with the task at hand. It always requires investigating and solving problems related to dependencies. It all takes an unpredictable amount of time. Despite that, this is the best realizable timeline.

- Weekend-01-04: Build signing procedures. Help documenting Emurgo's serialization lib.

- Weekend-05-08: Web extension MVP build.

- Weekend-09-12: Draft CIP. Isolate library for signing. Write tutorials.

- Weekend-13-14: Release extension into mozilla addons and google store. Outstanding bugfix,

- Weekend-15-17: Identity manager Dashboard. This uses the browser storage to track your identities, signed commitments with metadata and provides an unified view of those plus your assets.

** Budget

600 USD Cloud Infrastructure 12 months. Includes Continuous Integration & build servers.

The rest of the budget is for work compensation at an average rate of 60USD/hr. On the various tasks of Software design and implementation, documentation writing, tutorial video recording & editing, project stewardship, and other communication. Development work is done by myself. Video editing will be hired.

** My experience

- Plutus pioneer first cohort, "Completed/Survived/Graduated". Awarded NFT 117 of class photo, Titan-C

- Second Place on the Plutus Pioneer Capstone Challenge on the Cardano Summit 2021 for the transaction editor

*** Contributions to cardano

- cardano.el :: <https://github.com/Titan-C/cardano.el>

This is the inspiration for this service

My pull request and issues to IOHK repos.

- <https://github.com/input-output-hk/cardano-node/pull/3082>

- <https://github.com/input-output-hk/Alonzo-testnet/issues/54>

That is part of parallel work done while developing the transaction editor.

*** Most successful Open-Source project

- Sphinx-Gallery :: <https://sphinx-gallery.github.io/stable/index.html>

Grew this project to become the standard documentation tool for Scientific Python projects.

This project is my hallmark of how dense example-based documentation fosters the use of a tool.

*** Other

Currently employed to develop for checkmk. <https://github.com/tribe29/checkmk>

Work ranging from tools to analyze monitoring data, to the user interface. Always with a direct dialog with customers.

I hold a Ph.D. in Theoretical Physics developing simulations for correlated electrons systems.

Everything summarizes into: I'm a tool builder. I build the tools I need to get the job done.