If I see a contract on the ledger to which I am an observer, I can only see that there is a party id (or there are several party ids) contained in the
What is the best practice to verify the real-world actor behind this party id?
I can imagine that we put identity contracts on the ledger, containing information about the ledger parties, signed by the said ledger party and by a “god party”. (Without the “god party” signature any ledger party could publish arbitrary information about themselves.) But this also raises the question of how I can verify the real-world actor behind the party id of the “god party”.
I can also imagine a verification process via a propose-accept workflow:
- I create a request contract on the ledger for the party whose party id I want to verify, containing the hash of a secret.
- I send the secret off-ledger to the real-life actor who/which claims to own the party id.
- If they can answer to the request contract with the secret, and the answer is signed by the party id I want to verify, I can believe that they really own that party id. The hash would be not strictly necessary, but it can provide mutual verification so that they also verify my party id through the process.
Or is there a simpler way?
In general, I like the KYC Provider approach.
I.e., an entity provides the services of creating KYC certificates. It would need to go through some kind of off-ledger process to verify the identity, but would then create an on-ledger certificate, connecting the PartyId to its real-life actor.
This is similar to the “identity contracts signed by a ‘god part’” that you have mentioned, except that there is no special elevated party.
A service provider would specify which “KYC Providers” it trusts and accept, and if you as a user want to to use the service of such a provider, you’d need to obtain a certificate signed by one of the trusted KYC providers.
This gives a lot of flexibility when it comes to these trust relationships.
How could I verify the party id which represents the KYC provider? (And the turtles all the way down…)
I believe there are a couple of ways around that.
Either the entity gives you their PartyId via a secure channel,
Or you look at the cryptographic key used for that party. If you have a standard certificate connecting the key to the legal entity, you could use that.
I’m referring to the design principle 2 and 3 Identity Management — Daml SDK 2.3.2 documentation
But I’ll let others weigh in as well.
Thanks, Darko, will check it out.