ThankApe x ApecoinDAO AIP Idea-a-thon: Innovate on DAO Governance

General
146

Proposal : Non Intrusive Identity Verification

:eyes: Category : Process Improvement

For context, I suggest you go through this → zKYC

:brain: Abstract :

How can we as Individuals interacting in a Trust less setting incentivise desirable behaviour while also upholding values like privacy and individual liberty ?

That’s a question we need to ask ourselves

In this pursuit, we reached a point where we’re electing our own leaders. And To ensure there are major ramifications for them to act maliciously, we verify their Identity.

This entire process needs to be streamlined, I mean it’s not even close to the point one would be comfortable to share the deets with them. Also the “might share with 3rd party entities” didn’t help.

Now, using quantum resistant implementations we not only take the privacy come

:triumph: Motivation :

The current system doesn’t inspire as much confidence , Time for a change. Let’s connect the world stronger to

Not a lot for me to add which I won’t mention later on.

:face_with_monocle: Rationale :

I’m of the belief that this initiative aligns with the values put forth by the DAO and the culture set by the contributors there. With that in mind, I’m proposing this solution.

The advantages imo significantly outweigh the cost benefits. Let’s do this !!

:newspaper: Brief overview :

In house KYC implementation (which can be scaled up massively) with the priority of keeping sensitive user data safe. We first encrypt the data provided by the user for KYC, upload the encrypted data onto IPFS or similar decentralised file storage solutions.

Then we use SSS to split up the decryption key into secret shares which are to then distributed among the Off chain SGX or SEV nodes.

To retrieve the data, you need a clear mandate from (first among ?) equals and only after getting enough votes can you reconstruct the decryption keys to access the encrypted data stored on IPFS [inFavour >> Threshold]

:sewing_needle: Architecture :

#1
#11024×1024 56.7 KB

#2
#21024×1024 111 KB

#4
#41024×1024 63.5 KB

:pencil2: Important Terms :

Most of the terms will be covered in this infographic :point_down:

#3
#31024×1024 35.5 KB

:computer: TLDR :

Here’s a simplified and basic overview of what we’ll do

Step 1 : Your data is encrypted and stored On chain.

Step 2 : The Decryption keys for that specific data is taken and split up and distributed among the nodes.

Step 3 : If there’s a majority mandate, those secret shares can be retrieved and the secret i.e. the Decryption Key can be reconstructed.

Step 4 : Decrypt the On chain data and access it whenever

Step 5 : Stonks !! :chart:

:memo: Steps to Implement : Basics

  1. Explore all possible avenues of our approach
  2. Put together an Implementation for a trial run
  3. Take notes, Iterate and propose solutions
  4. Incorporate those solutions and scale up

:moneybag: Overall Cost to Implement :

Phase 1 → Small scale Implementation [ $15 - 20 k or 5000 APE ]

During phase one, we’ll explore all possible avenues to effectively implement what we’re trying to do.

For this, we’ll use Ternoa’s available tech stack, which is already available with a majority of the features we’d need.

We’ll assess the best way to test out an implementation with the current technical capabilities and figure out where we need to make improvements. We’ll build custom implementations if we have to.

With that, we’ll commence the first ever test of something like this. It’ll be epic, not just technologically but ideologically too as we’ll be upholding the values which bring all of us together.

Full Disclosure : I worked with them on this tech previously (Tech & Product Documentation) that’s why I have a deep understanding of their specific implementation.

We’ll document all of the things along the way

Phase 2 → Scaling up [ TBD ]

Setting up our system + Custom Implementations +

During Phase 2, we’ll lay down a foundation for other projects to follow our lead and help set up secure systems for their own Non Intrusive Identity verification systems so that they don’t have to trust a Third Party with their data or risk it in any way.

This’ll allow us to scale up rapidly and will solve this problem of incentivising desirable behaviour in a Trust less system while being able to protect one’s privacy.

I’ll provide more specific details about our implementation in a dedicated proposal.

Quick Question : Would it be better if we ask for a budget upfront (even if we don’t use all of it) or should we go for a phase wise approach ?

If this wins, I’ll start working on the Dapp which would enable us to replicate at the DAO level and then at scale.

The development of proprietary solutions is capital Intensive, ya know :man_shrugging:

Closing Statements :

We’re laying the foundation for Mass adoption to take place. Let’s ensure we create a solid one.

There’s room for improvement in all aspects of life, that’s a fundamental truth so in a way no implementation is perfect.

I think this is a much better way of approaching the topic of KYC. Imo Technology is an enabler, it helps us transform the way we do things and if we can leverage existing tech in such a way then we can address a lot of our pain points.

I wouldn’t loose any sleep over keeping my personal information stored on this system, that’s how much trust I have in the system.

I believe that privacy is an inalienable right that everyone should have and there’s no substitute for that.

or as Benny Frank one said : wise words to live by really :man_shrugging:

“Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.”

Eth Address for Thankape : 0xb528273a8F1EC8b4f8636ed2feD3A6cbD7A2f265