DokChain Use Case
Unlike popular public blockchain networks like Bitcoin and Ethereum that are intentionally divorced from a notion of identity, the cornerstone of the DokChain network is a multi-party, contextually-relevant identity management protocol that allows entities in the network to conﬁrm the identity of an individual user.
DokChain’s identity management system is grounded in the belief that the entirety of a person’s digital interactions creates the strongest possible signature of who they are as an individual. Medical records, e-commerce clickstreams, government-issued identity cards, biometrics: anything that increases conﬁdence in determining the uniqueness of an individual can be incorporated.
And in keeping with PokitDok’s belief that patients should be at the center of their personal data, we have developed an identity management solution that allows the user to decide what they are willing to share of their personal record based on the context of each encounter.
The PokitDok Identity by Consensus implementation is a means to generate and manage a universal identity that maintains privacy and anonymity while providing a very high level of identity validation confidence through integration of the world's most trusted Identity Providers and a mechanism for proof of the necessary contextually relevant identity attributes without revealing any portion of the private identity attributes. Also, the implementation provides auditable transparency of all interactions with Identity Providers, Identity Requesters and Identity Owners while maintaining the privacy and anonymity of the Identity Owners.
This orchestration of Identity Providers, Owners and Requesters is implemented in a permissioned blockchain, DokChain, where the personally identifiable information is held in encrypted off-chain data stores. Identity Owners, Providers and Requesters implement a design pattern embedded in an SDK to integrate as off-chain resources. The DokChain identity is created or recovered when an Identity Owner executes the Identity by Consensus Smart Contract of the DokChain SDK.
The result of this process is the generation of a public/private key pair. The private key is split using the Shamir’s Secret Sharing algorithm, and then shards of the key are stored with several Trusted Identity Key Holder services. The Trusted Key Holders each only have access to a single shard of the key.
The Identity Providers will facilitate retrieving the key shards from the Trusted Identity Key Holders when a previously verified identity performs the identity by consensus process; this is then viewed as a recovery operation. All of these steps are transparent to the user and preclude the user from having to know details about the storage and management of the private key.