League of Identity

League of Identity (LoI) is a decentralized identity-based encryption/signature system that aims at making identity-based cryptography practical by linking identities to real providers like Google, Facebook and digital identity cards.

Overview

More in detail, LoI is a network of nodes offering the following service. LoI publishes what is called a master public key (MPK).

Alice logs into her own Google (or Facebook, Twitter, ...) account alice@gmail.com from a given LoI website and gets what is called an OAuth access token. Alice can send the so obtained access token to a sufficiently large set of nodes of LoI requesting to these nodes a cryptographic token corresponding to her email address and a given month.

The nodes, upon verifying that the access token is valid, send back to Alice a set of token shares by means of which Alice can compute the (full) token corresponding to her email address and the specified month.

The token can be relative to other identity information like a phone number or the social security number. Indeed, the above flow is a simplification in that the system is not restricted to OAuth authentication but is generic enough to also support digital identity cards.

The token can be used for the following functionalities.

Functionalities and applications of the LoI token

  • Encryption. Bob can use the MPK of LoI to encrypt a message associated with alice@gmail.com and a given month and can publish the resulting ciphertext on a blockchain or send it directly to Alice. Alice can use the previously obtained token to decrypt the ciphertext and recover the secret message.
    • Group encryption. The token can be also associated with a group. For instance, the token can be associated with the Google Business domain @oldcrypto.com and anyone can send encrypted messages to all members of such domain Alice and Bob, belonging to the old crypto company, can log into their Google accounts and get tokens to decrypt ciphertexts associated to @oldcrypto.com.

Here we use our LoI identity-based encryption to implement an anonymous payment system similar to our Bank3.

  • Signatures. The token can be used by Alice to sign transactions over blockchains (e.g. Gears ones) so that one can form a Decentralized Autonomous Organization (DAO) based on specific rules. Consider the following application scenarios:
    • The DAO of @oldcrypto.com can be created in an obvious way by issuing corresponding tokens to users of Gmail accounts with the domain @oldcrypto.
    • LoI can issue tokens to the holders of valid digital identity cards (DIC) and this would allow to create e.g., a DAO of the citizens of a given town or the DAO of < 18 years old teenagers.
    • LoI can issue tokens corresponding to Instagram accounts with more than 1 million followers thus creating a DAO of Influencers.

Moreover, the signatures are efficiently verifiable on-chain.

Notice that LoI aims at offering both encryption and authentication/signatures at the same time. Encryption+signatures allow powerful applications, for instance, a DAO of @oldcrypto.com can have encrypted proposals readable only by its members.

References

More information about LoI and a working demo can be found in our repository and other applications for anonymous payments and DAOs here.