Trusted endorsements for the web

[IMPACT]

The Problem

To determine if websites, service providers, or projects of any kind can be trusted, in the Web 2.0 world we use review systems, trust badges or simply the search rank on the results page of a search engine. Often, however, these signs of trust are manipulated, paid for and fabricated by fake reviewers. Projects put endorsements of well-known companies or people on the website that never existed or use company logos of trusted companies as advertisements without their consent or knowledge.

A solution

Web 3.0 offers the possibility of making statements by companies or people about other companies or people cryptographically verifiable. Trusted entities (e.g. domain experts) can delegate their hard earned trust to others by endorsing their work. A few examples:

• IOHK/IOG has confidence in a Catalyst project and makes a positive statement about them: instead of a mere HTML text on a project web page, the project can cryptographically prove the statement and trace it to a DID of IOHK/IOG.
• A startup is sponsored (e.g. by Microsoft) and would like to embed the Microsoft logo on the website to establish trust with new customers. Instead of simply embedding a JPG, the permission issued to use their badge, which may be time-limited, can be checked. As soon as the permission expires, the logo/badge of certification also disappears from the website.
• Charles Hoskinson makes a positive comment about a open source project in an AMA. The project founders would like to include the quote on their website or Github page and use DIDs to have this quote cryptographically countersigned by Charles in order to make it verifiable for others.

The use cases are manifold and come to light most notably when previously unknown persons/market participants emerge on the scene, whose trustworthiness cannot be assessed by traditional means (research, sufficiently large number of reviews). The crypto space itself is the best example of this dilemma: nowhere is one more reliance on third party testimonies about trustworthy and quality projects, and nowhere is the misuse of false credentials greater than in the crypto space. The proposal is by no means limited to web3, and instead should allow everyone to verify third-party statements on websites.

Technically, the project is based on Atala PRSIM and uses DIDs to identify both the identity of the person making the statement (Issuer) and the recipient of the statement (Holder). The statement itself is called Verified Credential and could be just a short note, a lengthy review, or a picture (logo or badge representing some kind of achievement). The core of the project consists of a web service that periodically checks statements that have already been made for their validity and provides a customizable JavaScript snippet to display the given statement on a website or online-shop.

For a visitor of the website the statement is initially a piece of JavaScript code which gets evaluated and rendered. By clicking on the statement, the visitor is able to cryptographically track the statement and verify its authenticity. The revocation of statements by their respective issuers is intentionally possible and an essential feature. In contrast to Web 2.0, statements that are no longer valid do not have a technically unlimited lifespan, by just sitting unchanged on a website forever.

A technical overview of the implementation can be found in the attachment.

The service consists of three web portals, each tailored to the respective use cases of the 3 user groups (Holders, Issuers and Verifiers):

Components of the service

Management Portal (Holder)

In the management portal, website owners can use a DID to register and provide proof of domain ownership (document upload/nameserver entries). If no DID exists, private DIDs can be created which are managed by the web service. With the proof of the domain, an API token and the JavaScript snippet is generated, which can be placed on the page by the domain owner. Basic customizations (color scheme, number of statements to be displayed) can be made. In the next step, invite links can be created for issuers whose statements are to be sought or countersigned.

Certifier Portal (Issuer)

Logging into the Certifier Portal is done by receiving an Invite-Link and authenticating via a DID wallet (this is implemented via one of the DID-based web authentication projects and Wallets already under development in the Catalyst Community). After logging in, it is possible to proceed with the authoring of one's own statement or the signing of a statement crafted beforehand by the future holder. Different templates for endorsements, reviews or the embedding of logos are available.

With the completion of this process, the statement is cryptographically signed by the issuer via the DID and is now available as a Verified Credential Document both on the database of the web service and also hashed on the Cardano blockchain. The assertion can now be rendered in a viewer's browser (verifiers) via the JavaScript snippet created earlier.

Verifier API and Portal

As the statement appears in the viewer's browser, it is automatically cryptographically verified in the background. This is necessary because statements, once made, can be revoked or become invalid. The power to withdraw statements is always completely in the hands of the issuer. By means of different caching procedures and regular verification, the statement remains always up-to-date and represents the data found on the blockchain. For performance reasons a array of optimization techniques can be used to make the rendering of the statement on the website as fast as possible.

Clicking on an verifiable statement/logo/badge on the websites takes the user to the service's verifier portal to obtain detailed cryptographic evidence of the statement's origin to ensure that the statement was actually made by the expected entity.

Aligned with the goals of Cardano & Atala PRISM

In the initial step, the project adds immediate value within the Cardano ecosystem:

• Existing and newly founded projects can get trust delegated to their project on the basis of statements made by trustworthy and known entities. The willingness to try out new scripts or projects increases significantly if it is evident that a project is verifiably supported.
• The use of DIDs is a prerequisite of these cryptographically signed statements. Thus, the proposal promotes not only the direct adoption of DIDs and the use of Atala PRISM but also the entire DID ecosystem as a whole: such as Wallets, DIDComm mediators, authentication solutions and more.
• Through the publicly visible use of the verified credentials on websites, the project also creates a multiplier that generates a much stronger growth effect than verified credentials that are private in nature and have no external visibility (e.g. credentials in a user's wallet that rarely need to be presented).

In the second step, the project helps to build trust beyond Cardano:

• In addition to endorsements, acquired credentials from other areas of life can also be presented publicly, e.g. university degrees or certificates from courses. At first on a private website, later perhaps also on LinkedIn or Twitter profiles.
• Cryptographically verifiable endorsements can also be used in online-stores to promote sales. The cryptographically verifiable way of testifying is superior to the often expensive and very questionable trust badges of existing providers in the Web 2.0 world.
• Other parties, like politicians, well-known personalities, magazine and journalists or product testers can use the system to support trustworthy projects o. products. This includes not only companies, but also social institutions and NGOs, which often depend on trusted recommendations.

Trust is not only the technological basis of blockchains and SSI, but also of Cardano as an ecosystem and unique selling point within the crypto space. The project contributes to strengthening this trust even further.

Growth, Communication and Marketing

Based on the very nature of the project, marketing will benefit significantly from network effects that can lead to self-propelling marketing effort once a critical mass is reached: If projects within the community receive endorsements from IOHK/IOG, EMURGO, Catalyst Circle Members, Charles Hoskinson, or other well-known individuals or influencers, this will support their growth and as a result drive other projects to seek endorsements as well. A snowball effect can start within the Cardano ecosystem and continue beyond: cryptographically verifiable endorsements can be a hallmark for any project.

However, marketing is not a no-brainer: for the first time after the completion of the MVP, the project has to seek endorsements itself: on the one hand to demonstrate its functionality, on the other hand to make the project known. Networks and partnerships are essential, especially in the beginning, to reach critical mass. Besides communication of the project, and the creation of educational material, technical support is also essential to make the integration for onboarding projects/websites easy. The technical hurdle should be as low as possible. The unique advantage within the crypto space and Cardano in particular is the high proportion of people with technical expertise, which certainly increases the probability of successful integration on one's own website compared to traditional business areas.

Technical risks

From a technical point of view, the risks are negligible, since technically comparable projects have already been implemented by the team members.

However, detailed information about the launch of Atala PRISM is still unclear. The SDK should be available as a release version in Q2 2022, probably at the same time as the PRISIM node. So far, experiments could only be performed in the Testnet without having direct control over the node. The capabilities of the PRISM development stack demonstrated so far are sufficient to realize the project. However, detailed information about the business model behind Atala PRISM is still lacking: How expensive are the underlying transactions (independent of the necessary interactions on the base Cardano layer)? Based on the information available so far, however, we consider these risks to be minor.

Like other SSI projects, this project is dependent on other participants in the ecosystem to realize their promises. This primarily relates to the implementation of SSI wallets, which the issuer needs to sign credentials. As this is an essential building block in the overall ecosystem around Atala PRISM, we are confident that working solutions will be operational in time. The positive trend towards adhering to the existing W3C specifications supports our hope that an ecosystem is being built that is dedicated to be technical compatible not only within Atala PRISM but also with the entire SSI movement.

Adoption and marketing challenges

As stated before, there are compelling reasons for a strong adoption inside and outside the Cardano ecosystem. However, with a technical background, it is always easy to run the risk of focusing solely on the technical implementation and treating the marketing as a side issue that will take care of itself. We recognize that this is a risk, and we are aware of the necessity of a great network and good marketing material. For this purpose, a portion of the budget is dedicated to making the non-technical aspects understandable to the public and paying networkers within the community to nurture social media contacts and make eligible Pioneer Projects aware of this project and potential benefits for their idea or business endeavor.

[FEASIBILITY]

Roadmap

We are estimating a launch of the project within 9 months.

Q2 2022

May/June: Funding Results & Project launch. Evaluation of the released PRSIM SDK.

Q3 2022

July: Infrastructure setup, and developing of the PRSIM verification microservice in Kotlin

(The PRISM Microservice will be part of the open-source deliverables)

August: Bootstrapping of the management, certifier and verifier API and portals. Most likely with C# on Azure and Vue or React on the frontend.

September: Proof of concept showcase of the full pipeline including simple JS-snippets for websites.

Q4 2022

October: Working on fleshing out all three portals and APIs to a production-level quality with basic functionality. Integration of third-party wallets and authentication using DIDs.

November: Developing of basic customization features for the JavaScript-snippets in the Portal.

December: Testing and with the end of 2022: Launch of a MVP for selected participants.

Q1 2023

January: Starting of the integration of payment-mechanism using smart-contracts. Fixing Bugs and polishing for release.

February: Stable and tested release of version 1.0; open to the public

Beyond the 9-month plan

The project is aimed to be a sustainable long-term business, adding value in the Cardano ecosystem and beyond for crypto nerds as well for the public. However, the approval of the proposal is only the first step for such a venture. With the completion of version 1.0 and the simultaneous development of a business model, the issue of follow-up financing also arises: The team prefers subsequent financing via Catalyst but is open to alternative concepts.

The further development beyond version 1.0 is still difficult to estimate and may take different paths, e.g.:

• To compete with established trust providers in Web 2.0 (e.g. trustedshops.com) and expand the range from endorsements to a decentralized review system. (As a sidenote: a review system is at first glance very similar to the proposed endorsement-system but requires the cryptographic guarantee that bad reviews are also always displayed to the customers. Atala PRISM and the existing SSI ecosystem is not setup for such a use case, which would require a different approach than VCs when holding on to the paradigm of decentralization)
• Focusing on developing plugins for existing cms/shop-systems like Shopify, Magento, Shopware, Wix, Jimdo or squarespace.
• Increasing the customer range by integrating SSI System outside of Atala PRISM like Hyperledger.

Deliverables

A mostly polished and production ready solution, hosted at http://blocktrust.dev

Core features:

• Management-Portal for websites owners to register their site, proof their ownership, connect their Wallet (DID + ADA), manage existing endorsements and send invites for others to issue new ones. Generate a JS-Snippet with configuration options to use on their website.
• Certifier-Portal for organizations or people to connect their DID and issue endorsement to registered websites or DIDs. Manage existing endorsements and revoke them if necessary. Use custom images, badges or logos to represent an endorsement instead of written text e.g. a 'Catalyst Funded Project'-badge.
• Customized JS-Snippet gets rendered on the Holders-Websites with a cryptographic guarantee, that the statement is indeed from the specified holder. Clicking on the text/badge links to the verifier portal in which the details of the Verified Credential are shown, as well as existing metadata provided by the Issuer to reinforce the credibility of the statement made.

Additional Feature which cannot be guaranteed now and are depending on third party developments:

• To make a sustainable business model out of the proposed idea, revenue must be generated. Making statements on the Mainnet-blockchain will cost ADA, additionally running/using a PRISM Node will not be completely free and will likely cost a comparable ADA fee. Issuers who are willing to give out their endorsement for free are unlikely to pay the fees for their own endorsements. Instead, the Holder will have to pay at least the fees for the Issuer. The business model would then add an additional commission here on top of the transaction and Atala PRISM fee to arrange the transaction and compensate for the services provided. The version to be released in Q1 2023 will unlikely have these business-features at the time - ultimately a plus for the community for yet not having the feature in place 😉(everything will be free).
• Integration with third party SSI-Wallets outside the Cardano-Ecosystem is possible, but will unlikely be realised within 9 months.
• Also, plugins for different cms/shop-systems may be present but are not guaranteed.
• Open-source software: Parts of the presented components, but at least the PRISM-verification microservice will be open sourced and free to use for everyone (licence tbd). Other parts may also be open source depending on the usefulness to a wider developer community. We believe in open source and are happy to contribute to whatever makes sense.
• Documentation & technical support: It is in our own interest to onboard as many trustful companies and persons. We'll therefore supply necessary documentation and technical support until at least one year after completion of the presented proposal.

Core Team:

Backend-Engineer (Björn Sandmann) working for 100 h/month over 9 months: 900 hours total. With a rate of 80 USD this would amount to 72,000 USD, which is not feasible for a community funded project. Consequently, I (the main proposer) would invest my own time/money into the project and therefor would reduce the cost to 40 USD for myself. In Total 36,000 USD.

Frontend-Developer (John Grabenmeier) will develop the the JS-Snippets, which are loaded into the websites, as well as additional work on the different web portals. Costs: 240h of work also at a massively reduced rate with 40 USD/h for a total of 9,600 USD.

Supporters:

Designer: Concept and design of the project website, marketing material and endorsement icons/badges. Estimated 120 h of work at a rate of 60 USD/h. Totaling 7,200 USD.

Marketing: As outlined before a marketing position starting with the MVP in Q4 2022 should be created. Estimated 120 h of work over a time span of 3-4 month at a rate of 60 USD/h. Totaling 7,200 USD.

Infrastructure Costs: Servers and Infrastructure for 12 month with a budget of 200 USD/month for Webservice infrastructure on Microsoft Azure. 2,400 USD.

Totaling 62,400 USD

Remarks:

For a software project of the outlined scoped of 9 month this estimate is rather conversative and normally would require additional funds. In estimating projects cost, especially in software development there is always a tendency to underestimate the effort and therefore the costs. We are well aware of the problem, but don't see a realistic way in splitting the proposal in two or more parts to secure a higher chance of funding. We believe in our case that this would result in a half-cooked solution, showcasing only a rough POC. Should the funding be running out at a later stage of the project, we can ensure the community that the project would still finish in the defined scoped by paying further development of our own pocket, at least until the release of version 1.0.

Nonetheless additional funding in later rounds would be welcome, but should in our opinion only be required if the scope of the project will broaden and more features will be delivered by us on top of the outlined initial scope. 

Core Team:

Björn Sandmann

9+ years of full stack development with the .net Stack. Focused on identity and privacy solutions. PRISM Pioneer, Atala Astros, Plutus Pioneer, already funded Proposals.

LinkedIn: https://www.linkedin.com/in/codedata/

Project history and technical skills: https://www.gulp.de/gulp2/g/spezialisten/profil/bsandmann

John Grabenmeier

17+ years of frontend development. Proven Track record of from small online shops to high-profile enterprise systems.

LinkedIn: https://www.linkedin.com/in/johngrabenmeier/

Project history and technical skills: https://www.johngrabenmeier.com/

Supporters:

As defined above we would require a designer and marketing support mainly in the later stages of the project. Due to our work in software development and taking part in an uncounted number of the product and company launches we have a wide network of both. Not being essential at the proposal phase we are committed to onboard these persons after funding to participate as early as possible in the development phase with their respective experience and input. 

[AUDITABILITY]

Progress in the initial phase of the project will be observable through Github commits for the “Atala PRISM verification microservice”, which will be a public open source contribution. Other parts of the project will be made only open source if useful to a broader community of developers. Therefor most of the project will not be trackable through Github commits.

To compensate for this fact, we are happy to write biweekly development updates on our blog: http://blocktrust.dev/blog as well as reporting to the catalyst community in person on a regular basis. If needed, we are open to any kind of review and will be transparent on every step of the way.

We are well aware of the trust put into a funded project like this by the community and are happy to be as transparent as possible. In the end the proposal is all about trust.

The project can be considered done (in terms of the proposal funding) when all Core-Features of the deliverables (see above) are completed.

Success should be measured in three categories:

• Completeness and degree of polishment: The proposal is not just about 'presenting verified credentials on a webpage', but the workflow and easiness to complete that feat. Is everything well-presented and can be understood by someone with no deeper technical understanding of Atala PRISM and Cardano? Does the process result in the expected presentation of the VCs? Are the presented credentials indeed correct and up to date?
• Usage inside the community: Are there enough projects onboarding and using the project? Is there talk in the community about the benefits and is there a steadily growing number of Holders and Issuers? How is the trajectory looking for projects outside from Cardano?
• Does it benefit someone? Are there metrics that show increased trust and therefore growth for their projects that are using the cryptographically signed endorsements. It's definitely hard to track on a general basis, but a good indicator is surely the usage of the project itself and reviews of participating users.

This project is entirely new.

But to be as transparent as possible: the concept and the business model is based on the research and developing currently ongoing for a F7 Project by the proposer. The project has an overlapping from the research point of view (both regarding trust models on a blockchain), but no technical overlap. There is also no conflict of interest regarding available resources, money or time invested.

SDG Rating

Not really fitting for the proposal.