The Web3 Digital Passport

[GENERAL] Name and surname of main applicant

Eric Duneau

[GENERAL] Email address of main applicant

eric@incubiq.com

Additional applicants

None

[GENERAL] Please specify how many months you expect your project to last (from 2-12 months)

10

[GENERAL] Please indicate if your proposal has been auto-translated into English from another language.

No

[GENERAL] Does your project have any dependencies on other organizations, technical or otherwise?

No

[GENERAL] If YES, please describe what the dependency is and why you believe it is essential for your project’s delivery. If NO, please write “No dependencies.” .

No dependencies beyond accessing the Atala Prism protocol and platform.

[GENERAL] Will your project’s output/s be fully open source?

No

[GENERAL] If NO, please describe which outputs are not going to be open source. If YES, please write “Project will be fully open source.”

The intention is to deliver the majority of the work as open-source. However, it is possible that the development of most modules will be kept private during the dev phase and delivered open-source only by the end of the project.

 

It is also possible that a few components will be kept private, although it is not yet identified at this stage which component would not be made open-source. As a general rule, components integrating directly into a web3 resource will be made open-source (such as for example the integration with Marlowe smart contract, or the JS library integrating PRISM Agents and Mediators).

[METADATA] Category of proposal

Identity Solutions

[METADATA] SDG rating

SDG 9: Industry, Innovation, and Infrastructure - By developing an innovative digital identity solution, you are contributing to infrastructure development that fosters technological progress.

 

SDG 16: Peace, Justice, and Strong Institutions - By protecting users' personal data, your solution enhances privacy rights and promotes just and transparent institutions.

[IMPACT] Please describe your proposed solution.

Context

Our identities and networks are fundamental to who we are, yet in the Web 2.0 era, we lack ownership of the data that encapsulates them. Our social, personal, and professional connections are controlled by others. But in the new Web 3.0 era, can we reclaim full custody of our data and digital identities? Is it possible to securely transact in a self-sovereign digital world? And can we embrace stricter regulations while preserving our freedom from prejudice or censorship? 

 

These questions drive us to seek solutions that empower individuals, enhance security, and ensure privacy in the digital world, with Data Minimization principles at the core. Our proposed solution aims to establish a framework that allows individuals to retain control over their data and digital identities, whilst still offering a high level of security and convenience of access.

 

Through a convenient, secure, and private Digital Wallet App, end-users can access apps and dApps while maintaining ownership, stay in control of their personal information, and share only the minimum required to get authenticated and/or authorized.

 

Making use of our system’s APIs, developers will have the opportunity to integrate the Digital Passport capabilities into their apps and dApps with minimal effort. This enables them to provide users with a seamless and trusted experience, where individuals can securely interact with decentralized applications while retaining control over their data and identities.

 

Let’s see in detail the two use cases that we propose to cover with our solution.

 

Authentication and Authorisation main use-case

Let’s review a basic use case, and where the authentication / authorization fits in.

 

1.    Sue manages her decentralized identity and Verifiable Credentials on her phone via the Digital Passport app. She has created several “did:prism” Decentralised Identities within the app. She now wants to register with the online service AiForGood.

 

2.    AiForGood have already integrated the Digital Passport for authenticating users into their online services. They also have their own “did:prism” Decentralised Identity with Digital Passport.

 

AiForGood are wary of their online reputation. They have decided to only accept pre-registered validated users. Basically, they do not want bots in their community of real users. 

 

The developers at AiForGood have pre-set their registration requirements with the Digital Passport: they want to receive the following four assurances for a new registration to be valid:

a.     a valid name for the user ;

b.    confirmation that the user has had an online presence for at least 2 years ;

c.     confirmation that the user is over 18 years of age ;

d.    confirmation that the user has a first-degree social network of at least 200 users. 

 

AiForGood accept a list of accredited VC issuers which they disclose on their registration page. This includes LinkedIn. The registration page could look like this:

 

3.    Sue sees on the AiForGood registration page that she could share ALL her private credentials with AiForGood via a Social Login, or that she could share only minimal credentials via the option of authenticating using her Digital Passport.  

 

She also sees that AiForGood accept LinkedIn as proof for completing the “minimal credential” registration process. 

 

Sue uses her Digital Passport app to automatically connect to LinkedIn with one of her multiple Digital Identities. She requests the issuance of a LinkedIn Social VC. She receives the Verified Credential, associated with her chosen Digital Identity, for free in her wallet within less than a minute. 

 

4.    Still with her Digital Passport app, Sue scans the QR Code that is presented to her on the AiForGood’s registration page. This QR code initiates a secure connection between Sue and AiForGood. It also embeds the requirements set by the developers at AiForGood. 

 

Sue accepts the connection, and for the first time, she sees that she is required to produce the four conditions as described above. She is pleased that she does not even need to share her surname, a picture of herself, nor her email address, which a direct “Sign-in with LinkedIn” into AiForGood would have shared automatically if she had taken such option, in addition to the constant tracking by LinkedIn of her activity in AiForGood, which does not sit well with her exasperation of being tracked everywhere online. 

 

5.    With her newfound Self Sovereign Identity, Sue has the choice to share any accepted VC with AiForGood. But she also has the choice to select which data she accepts to share. 

 

Sue wants to share the strict minimum requirements. She will share her pre-selected DID, in the form of an pseudo-anonymous value such as “did:prism:12345…”. In addition to that, in the AiForGood database, she will be known as Sue, over 18, more than 2 years of online presence, and more than 200 connections on LinkedIn. Nothing more. She purposely removes the sharing of most private data embedded in the LinkedIn VC, and click the share button on her mobile app.

 

6.    Sharing the VC from the app triggered an API call into the backend of the Digital Passport, which acts as a PRISM Mediator (identity) and an Authenticator (login), with all the required input for validating or invalidating Sue’s pre-registration into AiForGood. 

 

The Digital Passport’s backend validates within a few seconds that Sue can be registered as a user in AiForGood. It automatically sends a notification into AiForGood’s backend.

 

7.    The AiForGood’s backend receives the notification that a new user meets their requirements for login. It automatically triggers the issuing of two Verified Credentials that the AiForGood service issues with their own DID, for the benefit of Sue’s shared DID: 

 

a.    an Authentication VC into AiForGood’s website

b.    a “Level one” Authorization VC

 

Less than a minute after having shared a LinkedIn VC with AiForGood, Sue receives in her Digital Passport app the two VCs issued by AiForGood.

 

From this moment, neither Sue nor AiForGood need a third-party in the middle to prove authentication between them. They become direct trust parties through the issuing of AiForGood’s authentication VC for the exclusive benefit of Sue.

 

8.    Since all pre-registration requirements were met and the Authentication VC was issued in the background, AiForGood’s website automatically redirects Sue to the Login page, where a new QR code appears. Still within her Digital Passport mobile app, Sue scans this new QRCode.

 

9.    A notification message is sent to Sue’s mobile to accept the login into AiForGood and proposes that in addition to the Authentication VC, she uses her Authorization “level one” credentials. Sue accepts and she is automatically redirected to the AiForGood’s secure area, post authentication. She is also automatically granted the “level one” authorization level, which allows here to participate into the AiForGood discussion forums. 

 

10. After a few weeks of participation into AiForGood’s forums, Sue received automatically a “Level two” Authorization VC from AiForGood. This authorization level will give her moderator rights on the forum. She is thrilled of having received an automatic upgrade which reflects her contribution into AiForGood’s community of users.

 

 

The significance of the use case above is important to understand. It shows that a web3 identity, whilst improving the end-user’s data privacy, can also improve the onboarding process and the access to a web2 application.

Extending the use-case: towards secure & regulated access to web3 assets

 

Building upon this use case, we can extend the above solution to encompass a web3 scenario. In this case, users would be granted access to a dApp or a Smart Contract through the authorization provided by their Digital Passport.

 

Specifically, we can enable regulated authentication (e.g., "KYC") for accessing web3 assets like Marlowe smart contracts. The presentation of a relevant VC for authentication (e.g., a KYC-recognized VC in this new example, as opposed to the LinkedIn VC in the previous example) would trigger the automatic creation of a unique NFT. This NFT would be immediately delivered on-chain to the owner of the digital identity. The NFT would then serve as the key to access and execute a dedicated Marlowe contract, which would also be generated "immediately" for executing a specific web3 transaction, such as a loan application.

 

By expanding the scope to include such a web3 use cases, we enhance the value and versatility of the Digital Passport, enabling seamless integration with decentralized applications and unlocking new opportunities for Cardano eco-system participants.

 

Solution

 

To enable the two use-cases listed above, the proposed solution is made of several components, covering the entire scope of the functional requirements for both web2 (authentication and authorisation) and web3 (regulated authentication and sole execution of a smart contract). 

 

-      A “Digital Identity” backend: we will deliver a REST API backend, which interacts with Atala PRISM nodes. 

 

This backend will be secured behind proper authenticated access and will offer APIs for the three important roles: Holders, Issuers, and Verifiers. It will act as a both a PRISM agent / mediator and an oAuth 2.0 secure authenticator.

 

-      A “Digital Passport” app: our goal is to deliver it as a mobile app, although pending on some technology and security risks which have not been fully evaluated at this time, a fallback solution could be to deliver it first as a browser plugin.

 

The Digital Passport app will make use of our Digital Identity backend and will also be able to connect to other PRISM mediators. Ultimately, this is a complete web3 wallet, although it puts the focus on Digital Identity and Verified Credentials, rather than on Coins and NFTs.

 

-      A “Web3 Gateway”: we will deliver a second backend with associated website, which interacts with the Digital Passport solution (app and backend) for authenticating and authorizing users into web3 assets. 

 

This web3 Gateway will allow users to access Marlowe smart contract dApps with proof of authentication via Verified Credentials, leveraging the entire Digital Passport solution. 

 

-      Leading and/or contributing to the creation of a Cardano Problem Statement (CPS)

 

The implementation of the Digital Passport App will undoubtedly have encountered functional or technical challenges in integrating Digital Identity into a Cardano web3 wallet. This implementation process will provide valuable insights and serve as a foundation for defining the specific problems that other projects may encounter when integrating digital identity into wallets. By documenting and detailing these challenges, we aim to contribute to the creation of a CPS that outlines the key motivations, obstacles and potential solutions for integrating digital identity in Cardano wallets. 

[IMPACT] How does your proposed solution address the challenge and what benefits will this bring to the Cardano ecosystem?

Recognizing the critical role of digital identity in driving blockchain mass adoption, the Digital Passport project directly addresses this challenge and offers substantial benefits to the Cardano eco-system. Its core objective is to deliver a robust and production-ready solution for the essential use-case of authentication via proof of ownership, enabling access to both web2 Apps and web3 dApps (smart contracts).

 

The requested funding will primarily support the comprehensive development of an end-to-end solution, incorporating valuable input from prominent working groups such as the Atala PRISM Pioneers, the ToIP's Governance Framework Working Group, and community of Marlowe developers.

 

The final product will provide multiple integration entry points, ensuring seamless adoption by any App or dApp built on Cardano. Through oAuth integration, authentication and authorization can be effortlessly achieved, typically within an hour of integration. Additionally, the availability of API integration will empower verifiers to directly verify Verified Credentials (VCs) within their applications, facilitating real-time credential notifications.

 

One notable benefit of the Digital Passport is its ability to enable authorized access to web3 assets. Users can leverage their Self-Sovereign Identity to execute regulated smart contracts, subsequently transferring control over the same smart contract by transferring the NFT executor role to another party.

 

In summary, the implementation of the web3 Digital Passport will bring significant advantages to the Cardano eco-system. It will serve as a gateway for integrating Digital Identity seamlessly into any application (web2) and any dApp or smart contract built on the Cardano Blockchain. This integration will improve user experience, increase security, lower the risk and cost of data theft, promote interoperability, offer compliance solutions to current and future web3 financial regulations, and ultimately foster wider adoption of blockchain technology throughout the eco-system.

[IMPACT] How do you intend to measure the success of your project?

The success of the Digital Passport project will be measured by reaching specific milestones and achieving the ultimate goal of delivering and adopting a production-ready solution for authenticating users with their Digital Identity and Verified Credentials.

 

To assess progress and success, I have established key checkpoints:

1/ Robust design of a v1 solution

Validation of the solution's design and usefulness through feedback from small working groups is crucial. This design stage is currently well in progress, thanks to the various participations into workshops and exposure to many use-cases. Success will ultimately be determined by validating the capability to support most Authentication and Authorization use-cases, ensuring compliance with non-functional requirements, and confirming the effectiveness of multiple integration points, including integration with Marlowe contracts.

2/ Generating growing interest in the solution

Since the project's introduction within the Atala PRISM Pioneer program in April and May 2023 (under the codename "Login with DID"), I have received significant interest from other Digital Identity projects seeking an Authentication use-case solution. Additionally, there is growing interest in using this solution for KYC-authorized access to web3 financial assets and/or smart contracts. Continued success will be demonstrated by ongoing interest and securing at least one third-party project integration per month, resulting in approximately 10 integration use-cases by the time our project is production-ready.

3/ Delivery of a "Digital Identity" backend solution with documented REST APIs

Successful completion of this milestone entails delivering fully functional APIs that meet their functional and non-functional requirements, accompanied by comprehensive documentation. Client Apps should be able to seamlessly integrate with the backend, the Digital Passport app serving as the primary client application.

4/ Delivery of a Digital Passport App for end-users

Success will be achieved by launching a digital wallet mobile app on the AppStore (and later on Google Play) that enables users to create their own DiDs, receive VCs, authenticate into third party apps, and leverage their level of authorization to execute transactions (particularly web3 ones). This milestone will involve fulfilling the main functional and non-functional requirements outlined in the Capabilities section.

5/ Delivery of a "web3 Gateway"

Successful completion of this milestone will occur when we deliver a fully functioning integrated solution for executing simple Marlowe programs, such as coin swap contracts, via the approval of a user's Verified Credential.

6/ Establishing a Cardano Problem Statement (CPS)

Building upon the project's learnings and the successful implementation of the Digital Passport wallet, I intend to deliver or contribute into a CPS in which I will document the motivations, obstacles, as well as the functional and technical problems for integrating Digital Identity into Cardano wallets. Success at this stage involves establishing the CPS which would act a good base for upcoming CIPs. Note that the final community-driven validation of the CPS and any subsequent participation into CIPs are beyond the scope of this project.

Ultimately, the adoption of the Digital Passport by third-party projects will serve as a great measure of success. I am actively engaged in discussions with several projects that stand to benefit from this solution, and their adoption will signify the effectiveness and value of this project within the Cardano eco-system.

[IMPACT] Please describe your plans to share the outputs and results of your project?

Community engagement (PRISM & Digital Identity partners)

To effectively spread the outputs of the Digital Passport project, over a reasonable timescale, I have first actively engaged in the Atala Prism Beta Program from March to May 2023. This participation has allowed me to establish valuable connections within the Cardano eco-system's Digital Identity community. Through the beta program, I gained crucial insights into market needs, available solutions, and the potential benefits my project can bring to the community.

Notably, my project was selected as one of the top 3 projects within the Atala Prism Beta program, affording me the opportunity to present a 4-minute pitch to Charles Hoskinson in May 2023. You can access the extract here, although the private discussion which followed the presentation is not included.

https://youtu.be/MG6QZMnRUZY

What was originally known as project "Login with DID" has undergone thorough preparation and refinement within the Atala Prism community, ensuring its alignment with the needs and expectations of developers within Atala Prism and the broader Cardano community.

This approach ultimately led to addressing a broader scope, and a new project name: the Web3 Digital Passport. With its milestones-based approach, the project is well-suited to deliver an effective decentralised authentication solution to both web2 and web3 projects. It has so far generated significant interest from several identified teams seeking similar solutions. 

Close cooperation (Marlowe Smart Contract)

Note that this project could also feature as a reference implementation in the nascent Marlowe eco-system, which was only released live in June 2023. I intend to collaborate very closely with the Marlowe team and share with them all design, development, and findings. 

Contribution to CPS/CIP (Cardano Problem Statement / Improvement Proposal)

Furthermore, this project lays the technological groundwork for the creation of a Cardano Problem Statement (CPS), which will serve as a valuable resource for future CIPs, guiding the development of standards, protocols, and best practices for seamless and secure Digital Identity integration within the Cardano eco-system.  

I am committed to either lead or actively contribute to this CPS, with the aim of aligning its delivery with the completion of the Digital Passport project. This approach ensures that the CPS is firmly rooted in a tangible use-case, supported by a fully functional digital wallet implementation, rather than being based on hypothetical scenarios. 

By sharing the outcomes and impact of my project far beyond the smaller circle of PRISM, I aim to foster collaboration and opportunities for further Research and Development activities in the Cardano eco-system.

[CAPABILITY/ FEASIBILITY] What is your capability to deliver your project with high levels of trust and accountability?

Credentials

My previous project, "Sign-in with Cardano," funded through Catalyst Fund 8 (https://cardano.ideascale.com/c/idea/62330). It exemplifies my capability to deliver projects with trust and accountability. It was completed on schedule and encompassed monthly progress videos, demonstrating transparency and milestones achieved. Milestones and reports can be publicly checked here : https://www.lidonation.com/en/proposals/sign-in-with-cardano-f8

Notably, I delivered more than the original specs, since the solution was enhanced mid-project to support multiple chains and wallets, expanding its scope beyond Cardano. You can find the final release at https://SignWithWallet.com. These accomplishments illustrate my ability to effectively manage funds and deliver projects reliably.

Open source deliveries

Since a lot of the deliveries were made open source, they can be publicly verified. I add here a few links where my work can be checked:

-      Open Source code:

o  https://www.npmjs.com/package/@incubiq/siww 

o  https://www.npmjs.com/package/@incubiq/passport-wallet 

o  https://github.com/incubiq/sign_in_with_wallet/tree/main 

-      Doc: https://incubiq.gitbook.io/siww/

-      Website: https://SignWithWallet.com

https://youtu.be/PYerg9GjCfM

Best suited to deliver this project

Finally, note that the Web3 Digital Passport project could be considered as a continuation of the "Sign-in With Cardano" project which I delivered in production early 2023. Indeed, the goal is to move the data privacy at time of authentication even further: from Authenticating with a crypto wallet towards Authenticating with a Digital Identity wallet.

In this respect, I am uniquely placed to deliver on this project, and I believe that I have gained sufficient trust and shown continuous transparency and accountability within the Cardano eco-system since 2022.

[CAPABILITY/ FEASIBILITY] What are the main goals for the project and how will you validate if your approach is feasible?

Main objective:

 

The main objective of the project is to deliver a fully functional Digital Passport solution that enables the authentication of end-users into linked applications using their Verified Credentials. In the specific context of web3, it aims to provide secure and regulated access to assets, such as executing financial transactions through Marlowe smart contracts. In addition, the knowledge gained while implementing the project will be used to contribute to the establishment of a Cardano Problem Statement (CPS) for integrating Digital Identity and Verified Credentials into Cardano-based wallets.

 

Goals and Feasibility Study: 

The project has been divided into four distinct goals, or sub-projects. We will review each goal and its feasibility.

 

Digital Identity Backend

 

This backend will connect to an Atala Prism node and expose APIs for Digital Identity clients. It will facilitate interactions with DIDs and Verified Credentials for the three different roles: Issuer, Holder, and Verifier.

 

The feasibility of this sub-project is well-established, as it builds upon the workshops conducted within the Atala PRISM Pioneer program. The Digital Identity Backend will act as a PRISM Agent, with the ability to act as a Mediator for its offline clients. 

 

Digital Passport Wallet

The Digital Passport Wallet mobile app will utilize the backend's APIs to manage a user's Authentication and Authorization levels for various linked applications, either app or dApp. This mobile app will capture and maintain an end-user’s set of DiDs and VCs

 

The implementation of authentication and authorization levels, particularly using on-chain assets, has already been validated in the previous project "sign-in with Cardano." However, there may be some uncertainty regarding the amount of work required to deliver a mobile wallet with all the expected functionalities , including on-chain transaction execution going beyond the restricted remit of "Digital Identity". As a contingency plan, if needed, the app could either be initially delivered as a browser plugin and later as a mobile app, or could deal only with Digital Identity assets and later with Fungible and Non Fungible tokens. At this stage, both backup scenarios are not anticipated, and a full-feature mobile wallet solution is the expected outcome.

 

Web3 Gateway

This backend will allow a user to present a regulated verified credential (KYC) to any available smart contract for executing such smart contract automatically on their behalf. A list of Marlowe smart contracts will be accessible from the Gateway’s UI.

 

The integration of Marlowe contracts, which were officially launched in June 2023, poses a slight integration risk but also presents an opportunity to receive support from the Marlowe team. Sufficient support has been secured to assist with this aspect of the project. The remaining implementation tasks in this sub-project, such as issuing NFTs and validating NFTs on-chain for policies and access rights, are considered routine based on past prototypes and projects.

 

CPS

 

If not already issued by then, a CPS will be issued at a stage where most expected learnings from this project have been gathered. Those learnings will be transcribed into either the existing or the newly created CPS for helping drive adequate future Implementation Proposals.

 

Delivering and/or participating into the CPS is not much more than drawing upon the experience of the implementation of the Digital Passport Wallet itself. It requires documenting the reasons for wanting such Digital Passport and the challenges for delivering all the expected benefits.

Final assessment

Overall, the feasibility of the project is high, with well-defined sub-projects leveraging previous project experience and ad’hoc support from relevant teams.

[CAPABILITY/ FEASIBILITY] Please provide a detailed breakdown of your project’s milestones and each of the main tasks or activities to reach the milestone plus the expected timeline for the delivery.

Project breakdown into 9 milestones

The entire project has been decomposed into 9 milestones. The project duration is set to 220 working days, which is 10 months. It is split in various components. Most of those contain a 12.5% risk and management extra buffer. 

 

Looking into the overall picture, we have this high-level Gantt chart.

On the left of the table below is the list of each milestone. They are listed again in the next table with their respective duration, start date, and end date:

Note that milestones 1 and 2 are for delivering the Digital Identity backend, milestones 3 and 4 are for delivering the Digital Passport app, milestones 5, 6 and 7 are for delivering the Web3 Gateway backend, milestone 8 is for the participation into the CPS, and milestone 9 is for the final delivery of all packages in official release mode. 

 

Detailed list of all milestones with associated tasks and acceptance criteria

Each milestone is split into tasks, which are also mapped with colours representing various roles (cybersec, dev, test, design). Let’s review all milestones in more details, with a particular deep detailed focus on the first one. Note that in the following section, only the first milestone is detailed on a day-by-day list of activities.

Milestone 1: identity backend and PRISM Nodes

 

Here we have the detailed activity chart for the Digital Identity Backend. It shows how the 37 days are allocated in sub tasks and roles.

Duration: 37 days

Object: delivery of a backend acting as a PRISM Mediator and oAuth 2.0 authenticator

Tasks: 

-      Design APIs and create Postman project

-      DiD, VC and registry design

-      Backend security (oAuth) and authenticated user roles

-      Connecting to AtPrism nodes (acting as agent / mediator)

-      Implement DiD and VC APIs

-      Automated testing and doc

Acceptance: A client can authenticate into the backend, can create DiD, can issue, preview, and verify a VC ; proof video is provided

 

Milestone 2: Social VC and Portable KYC

 

Duration: 31 days

Object: Adding social VC and KYC capabilities to the PRISM Mediator backend

Tasks: 

-      Design of a generic Social VC

-      Implement Social VC for LinkedIn, Facebook, Google

-      Design of a generic Portable KYC VC

-      Implement capturing a KYC as VC

-      Issuing VCs (social / portable)

-      Automated testing and doc

Acceptance: A client can self-issue a Social VC (either LinkedIn, Facebook or Google) ; a client can encapsulate a KYC into a VC and use it as a repeat KYC ; proof video is provided

  

Milestone 3: Client Identity Lib

Duration: 14 days 

Object: An open-source JS library for accessing the Digital Identity backend 

Tasks: 

-      Design a wapper library on top of the Identity backend

-      Implement all roles APIs

-      Implement notifications and mediator APIs

-      Implement oAuth APIs

-      Test and doc

Acceptance: Operations that were available in milestone 1 via Postman calls are now available via JS calls ; proof video is provided

 

Milestone 4: Mobile App

 

Duration: 36 days 

Object: A mobile app on iOS and Android, which can be used by an end-user for managing their Digital Identity, and authenticating into apps and authorizing access, based on Verified Credentials.

Tasks: 

-      Build a generic app (various components and UI)

-      Authenticate into app (login / logout / delete)

-      Make App use the Client Identity Lib for all DiD Holder related calls

-      Ability to create one/several DiD, and browse though them

-      Ability to browse through VCs and select one

-      Ability to select attributes inside a VC

-      Get notification from linked app or dApp

-      Send Notification to user

-      Ability to scan a QR code +establish did-pair connection

-      Provide final authentication and authorization into apps / dApps

-      Test and upload to test env

-      Collect user feedback

-      Debug / improve / release to Beta stage

Acceptance: app is available on TestFlight (or Google Test platform) ; users can login into app, issue a DiD, receive credentials, select attributes in credentials, use app to login into third party App or dApp; proof video is provided

 

Milestone 5: web3 Gateway Backend

 

Duration: 35 days 

Object: implement the Web3 gateway backbone 

Tasks:

-      Design APIs and create Postman project

-      Create backbone NodeJS app

-      Registry of validated issuers

-      Integrate with real world KYC

-      Implement CRUD APIs for listing/using smart contracts

-      Implement graded quality of issuer

-      Automated testing and doc

Acceptance: Postman test can log into the Web3 gateway (no UI, need to use Postman at this stage) ; a Repeat KYC can be accepted or rejected based on graded levels of quality of issuer (private company, government…); proof video is provided

 

Milestone 6: gateway Dashboard

 

Duration: 21 days 

Object: implement the Web3 gateway UI for end user access 

Tasks:

-      Design UI

-      Create backbone ReactJS app

-      Manage User login

-      Present Marlow contracts in UI (possibly a fake demo one at this stage)

-      UI can request a user’s VC (KYC) + manage accept / reject credentials

-      User can interact with a (demo) smart-contract

-      User can access list of smart contracts he interacted with (possibly none at this stage)

Acceptance: a user can login into the Web3 gateway with the Digital Passport App ; the user can see the list of smart contracts he executed or participated into ; the user can see the list of smart contracts available for use (at least one dummy demo at this stage) ; proof video is provided

 

Milestone 7: Marlowe integration

Duration: 23 days 

Object: integrate Marlowe smart contract and their execution

Tasks:

-      Scan Marlowe contracts on chain

-      Design and Implement protocol for automatically accepting smart contracts into Web3 Gateway

-      Generate Role as NFT (or any other token)

-      Execute the smart contract via User DiD and/or via NFT Role

-      Retrieve list of all smart contracts user has participated in (as executor or as third-party)

-      Automated testing and doc

Acceptance: user can see real Marlowe contracts available on-chain; user can execute at least one contract using his/her own DiD and VCs ; proof video is provided

 

Milestone 8: CPS

 

Duration: 5 days 

Object: Delivery and/or participation into a CPS for integration of Digital Identity into Wallets

Tasks:

-      Log the CPS

-      Document goals

-      Document various benefits sought by user

-      Document expected challenges (functional, technical)

Acceptance: CPS is logged, and some initial input is provided ; proof video is provided

Milestone 9: Packaging and security

Duration: 18 days 

Object: Final packaging and delivery of the entire solution

Tasks:

-      Deliver a secure production cloud infra for the 2 backends

-      Full security reviews

-      Full solution is available online (websites on dedicated domain, Apps in AppStore / GooglePlay)

-      Upload of all open source code to github

-      Finalize all documentations and make then available online

-      Produce final showcase marketing video

Acceptance: The entire project is available in a production ready-state ; proof video is provided

Note that for each milestone, a proof video will be provided alongside the various output resources.

[CAPABILITY/ FEASIBILITY] Please describe the deliverables, outputs and intended outcomes of each milestone.

The deliverables of each milestones in the project are listed here, alongside their intended outcome.

 

Milestone 1: Digital Identity backend > Identity backend & PRISM Nodes

 

Deliverables:

-      Backend in Alpha release

-      Test scripts and doc

 

Intended outcome:

-      A Client can log securely into the Backend via REST API 

-      An authenticated client, with the appropriate rights, can:

o  create DIDs

o  manage Holder’s VCs

o  Issue VCs

o  Verify VCs

 

Milestone 2: Digital Identity backend > Social VCs and Portable KYC

 

Deliverables:

-      Identity backend in Beta release

-      Useable by Client App (or Postman)

 

Intended outcome:

-      An authenticated client can:

o  Issue Social VCs from mainstream Social Networks (Facebook, LinkedIn, Google…)

o  Manage portable repeat KYCs (avoid multiple cost)

Milestone 3: Digital Passport App > Client Identity Lib

Deliverables:

-      A documented open-source JS Lib

Intended outcome:

-      An open-source library for accessing the Digital Identity backend, and potentially also PRISM light nodes from a client (simplifying ultimate client calls to the backend) 

 

Milestone 4: Digital Passport App > Mobile App

 

Deliverables:

-      A working mobile App on iOS TestFlight

 

Intended outcome:

-      An end-user can register into the app and gets issued a Cardano address

-      The authenticated end-user can:

o  create multiple DIDs on their Cardano address

o  receive VCs on a selected DID

o  view the content of the received VC 

o  Accept / reject VC requests from integrated systems 

o  Scan a QR code emitted by the backend (for authentication purposes)

o  Get granted authentication into integrated systems

 

Milestone 5: Web3 Gateway > Backend 

 

Deliverables:

-      An alpha release of the web3 gateway, only useable via Postman

 

Intended outcome:

-      The backend can:

o  Authenticate user via the Digital Passport App

o  Request KYC types of VCs

o  Create roles based on VCs

o  Interact with the Digital Passport App to execute the on-chain creation of NFT roles 

Milestone 6: Web3 Gateway > Dashboard 

Deliverables:

-      A beta release of the web3 gateway which a user can access via the UI

 

Intended outcome:

-      An end-user can:

o  Log into the Web3 gateway website

o  Access a list of Marlow smart-contracts (dummy ones at this stage)

o  Access a UI to Execute a Marlow smart-contract (dummy one at this stage)

 

Milestone 7: Web3 Gateway > Marlowe integration

Deliverables:

-      A release of the web3 gateway allowing an authenticated user to execute a Marlowe contract

 

Intended outcome:

-      The backend can:

o  Instantiate a Marlowe contract with the proper authenticated role

o  Allow the execution of the Marlowe contract

o  Check on-chain data after having executed the transaction

 

Milestone 8: CPS

Deliverables:

-      A CPS is registered for the question of “Integrating Digital Identity into wallets”

 

Intended outcome:

-      A CPS process is initiated for the purpose of defining the problems faced by developers willing to integrate Digital Identities and Verified Credentials into Cardano wallets.

Milestone 9: Packaging and Security

Deliverables:

-      Final release of the Digital Passport App (iOS / Android) and backend (cloud)

-      Final release of the Web3 Gateway and integration with at least one Marlowe smart contract

-      All code intended to be open-source are uploaded on GitHub

 

Intended outcome:

-      Users can use the Digital Passport for their needs

-      Developers can integrate the Digital Passport in their Apps and dApps

-      Marlowe developers can integrate their smart-contract in the Web3 Gateway

-      Developers can access the open source libraries (JS Lib, Web3 Marlowe libs, …)

-      API Documentation is produced and reflects the various release delivered

[RESOURCES & VALUE FOR MONEY] Please provide a detailed budget breakdown of the proposed work and resources.

How the budget was calculated 

The project cost was calculated as shown in the table below, with exchange rate from ADA to USD at $0.2775, and with hourly cost varying by the role taken during the project, ranging from $42.50 per hour for testing to $100 per hour for the Cloud Architect role. On average across the project, the daily rate is $633, or $79 per hour.

Discount

The initial price of the entire project came at 498,637 ADA. In a view to deliver improved value for money, the final total budget was set with a discount of 49,637 or around 10%.

Final project cost and cost per milestone

The total budget for this project is set at 449,000 ADA. 

The table below shows the pricing of the entire project per milestone. The final funding requested per each milestone is set in the column "Final cost (ADA)", whereas the column "Real cost (ADA)" is only shown for reference of "real cost".

A fair proportion of cost was deducted from each "big milestones" and added back to the last milestone, to make a last delivery package of at least 15% of the total funding request.

 

The variability of the ADA/USD exchange rate is a risk factor, but this project does not have any subcontracting party. Therefore, this risk is taken and fully accepted by Eric himself. Ultimately, this particular project setup, where there is no additional third-party risk, removes all risks that the project may not be delivered for lack of funding due to unexpected currency variation or high inflation. 

[RESOURCES & VALUE FOR MONEY] How does the cost of the project represent value for money for the Cardano ecosystem?

The value for money can be evaluated by considering the cost in relation to the high impact and high value of the deliverables, as well as the low execution risk. Furthermore, the project's open-source nature provides an additional benefit that will undoubtedly be leveraged upon its delivery.

High-impact / high-value deliveries

This project encompasses three significant and high-value deliveries that are currently missing in the Cardano / PRISM eco-system, representing a substantial value for the Cardano eco-system:

1/ Digital Passport

The project aims to create a Digital Passport that can be utilized by both web2 and web3 applications for end-user authentication and authorization. This will enhance user experience and security across a wide range of applications, fostering the adoption of Cardano-based solutions.

2/ Web3 Gateway

The development of a Web3 Gateway will enable regulated access to web3 assets, including Marlowe financial smart-contracts. By providing a KYC'ed pathway for users to engage with web3 assets securely, this project addresses a critical need for compliance and trust in decentralized finance (DeFi) applications, ultimately contributing to the growth and maturity of the Cardano eco-system.

3/ Defining Digital Identity Standards

This project will play a pivotal role in defining the standards for integrating Digital Identity into all Cardano wallets. Establishing clear and consistent standards for identity management will promote interoperability, enhance security, and facilitate the seamless integration of identity solutions across the eco-system.

Excellent value for money

Eric is the main designer, developer, and architect of the solution. He comes with 30 years of software development expertise, having delivered large mission critical software for over 20% of the Fortune 500 companies as well as governmental organizations of over 1m users. Eric is based in the UK, where he generally commands a rate far in excess of the $79 per hour agreed for this project.

In terms of cost, the project budget represents less than 15% of the total allocated budget for the funds available in Atala PRISM Launch Eco-system. This allocation has been carefully determined to provide excellent value for money while considering the magnitude of the benefits that the successful delivery of this project will offer to the entire Cardano community. 

Low risk

The project carries minimal risk in terms of financing, as it does not rely on paying a third-party nor involve currency exchange risks. Additionally, it is not exposed to high technological risk as it leverages technologies either delivered in previous projects or made available by the Cardano eco-system. Finally, in terms of execution, the funding ensures the full commitment and dedication from the critical resource responsible for delivering the entire project.

Gaining foundational open-source components

Moreover, all the source code associated with the web3 components developed in this project will be open-sourced. This decision ensures that the Cardano eco-system can leverage and build upon these valuable assets, fostering collaboration, innovation, and community-driven development.

 

By making a strategic investment in this project, the Cardano eco-system stands to gain foundational components that will drive adoption, expand use cases, and establish Cardano as a leading blockchain platform for identity solutions and their application to regulated access to web3 financial assets.

[IMPORTANT NOTE] The Applicant agreed to Fund10 rules and also that data in the Submission Form and other data provided by the project team during the course of the project will be publicly available.

I Accept