Microsoft Identities on the Ethereum Blockchain

My favorite time of the year at Microsoft is the “OneWeek” Hackathon.

Hackathon Image

It’s a time of the year where you can work with some of the most talented engineers around to solve problems that you all agree are awesome.

I have lead a different project every year, some of which have been hinted to in my previous blog posts.

This year will be no different.

Hypothesis: Microsoft’s identity system has value which can be transferred to the Ethereum blockchain

One of the amazing things about identities on Ethereum is that they are free, anonymous, and simple to create. However this also makes them pretty useless when trying to gate access to decentralized applications. There are solutions to combat this problem if you to build a reputation or token staking system around your application, but this usually involves a new identity to undergo significant onboarding before their identity becomes valuable. What if instead of completely recreating new identities, we could bootstrap them using our existing, modern identities?

There is value in Microsoft Identities. I don’t mean specifically “Microsoft.com accounts”, I mean the identity system that is built by Microsoft, and is used by 85% of the Fortune 500. If a user has an account in the Adobe company tenant, then we can pretty confidently say the following:

This is actually the very information which powers Microsoft cloud services like Azure, Office 365, and the larger Microsoft Graph ecosystem. It is the same information that millions of apps use to build authentication and single-sign. There is trust because Microsoft has spent the time and energy to build a system with rigorous role based access control (RBAC), and companies have spent their time and energy populating these systems with data which powers their companies.

My hypothesis is that there is value in these Microsoft identities, simply for existing. Not all of them are equally valuable, but for large companies who methodically manage and control that information, the value is actually quite high. The question is then: “How can we migrate this value onto Ethereum?”

Building an attestation service

Decentralized identity systems being developed on Ethereum are attempting to solve a number of critically important problems, however they are not attempting to replace all forms of centralization. There will always be some amount of centralization involved with adding claims or attestations to an identity. For example, if you want to prove that you are a US citizen, you will need to go to your state’s DMV to get an ID card.

In this case, we are interested in employment, and if you want to prove that your are an employee of a certain company, you will need to prove that you are registered within their internal systems. Imagine a middle tier service that accepts a valid authentication token, and associates that with an Ethereum address that the user provides. Then, if you can then make these proofs easily accessible, you then unlock a number of possibilities for dApps to take advantage of that information. Imagine the following user stories:

The plan

High level architecture

The plan for the hackathon is actually relatively simple, mostly because we will be executing a proof of concept versus a battle tested, production ready design. Let’s dive deeper into the pieces of the puzzle:

Web Front End

The sign up process:

Middle Tier Service

Registering the user:

Back End Identity Contract

Storing the identity information:

CorpCoin Contract

Testing our identity system:

More to come!

That is all I am ready to share for now, but note that this is just a very high level overview. There are so many intricacies and details to think about when solving this problem. Here are just a few:

Watch this video to learn more!

GitHub

This blog post has an associated GitHub project: Microsoft-Identities-on-the-Ethereum-Blockchain

GitHub

This blog post has an associated GitHub project: Microsoft-Identities-on-the-Ethereum-Blockchain