Microsoft Uses Decentralized Tool On Bitcoin Blockchain
Microsoft is launching the first decentralized infrastructure implementation by a major tech company that is built directly on the bitcoin blockchain. Microsoft Uses Decentralized Tool On Bitcoin Blockchain
The open source project, called Ion, deals with the underlying mechanics of how networks talk to each other. For example, if you log onto Airbnb using Facebook, a protocol deals with the software that sends the personal information from your social profile to that external service provider. In this case, Ion handles the decentralized identifiers, which control the ability to prove you own the keys to this data.
Christopher Allen, a crypto veteran and the co-founder of the World Wide Web Consortium (W3C) working group for decentralized identity (DID) solutions, told CoinDesk that Microsoft’s move could impact the entire tech industry.
“A lot of enterprise infrastructures use Microsoft products,” Allen said. “So if they integrate this into any of their infrastructure products, they’ll have access to DID.”
Indeed, Yorke Rhodes, a program manager on Microsoft’s blockchain engineering team, told CoinDesk that Microsoft’s team has been working for a year on a key signing and validation software that relies on public networks, like bitcoin or ethereum, yet can handle far greater throughput than the underlying blockchain itself.
Underscoring the fact that Microsoft was a founding member of the Decentralized Identity Foundation, Rhodes said:
“There are systems that we have at Microsoft that give you permissions in an enterprise context, a product called Active Directory, that we think need to be able to recognize these DIDs as well.”
He added such infrastructure products and services related to Azure are among the Microsoft’s most popular offerings. This tiny piece in a giant machine, then, could have far-reaching impacts.
Meanwhile, an anonymous source with knowledge of Microsoft’s project told CoinDesk that Ion will shift from using bitcoin’s testnet to the bitcoin mainnet later this year. As such, any tech-savvy observer could run a node and contribute to this project.
Said W3C’s Allen:
“To have Microsoft say they are not scared of bitcoin, and in fact, it has some very good properties and we are willing to take advantage of those properties, is, I think, a step in the right direction.”
Stepping back, the difference between a DID under the hood, versus current infrastructure, speaks to the heart of users owning their own content and access. In the example of Facebook and Airbnb, with a DID, Facebook might be able to shut down your social media account but could not revoke access to all the tools that relied on the Facebook ID to log in. Plus, all those personal photos on Facebook would belong to the user, the holder of the DID.
Yet Facebook, in particular, may not align with Microsoft’s approach.
Another anonymous source told CoinDesk that although Facebook has been invited to participate in Microsoft’s DID projects and community efforts, so far the social media company has declined and instead continued to follow its historic approach to user data.
“They’re going in a different direction that’s not as decentralized,” the source said of Facebook.
The Wall Street Journal and others have reported that Facebook is looking to build a stablecoin-based payments platform for the social network. Yet Allen said he hasn’t seen any effort from Facebook to support DID standards or community efforts such as W3C, which may create a rift with corporations like Microsoft that are making such standards a core pillar of their business model.
Rouven Heck, head of DID at ConsenSys and active member of the W3C, told CoinDesk that Facebook is noticeably absent from community discussions across the tech industry about DIDs.
And although Rhodes said he was not aware of any dealings with Facebook, there was clearly a misalignment between the two company’s goals for using blockchain technology.
“Facebook is the complete antithesis of consumer privacy,” he said. “Their business model is based on the fact they can monetize data about you.”
What’s more, U.S. Senate Banking Committee last week wrote a letter to Facebook that voiced concerns about how the social media company will handle financial data with its crypto project, which is codenamed Libra. Few details about Libra have been shared to date outside of press reports.
In the past, Allen said that Facebook only implemented parts of protocols that enabled data sharing “in a proprietary way that only benefited” Facebook.
With regards to what approach the social media giant will take to blockchain systems, a Facebook spokesperson told CoinDesk:
“Like many other companies, Facebook is exploring ways to leverage the power of blockchain technology. This new small team is exploring many different applications. We don’t have anything further to share.”
In contrast to the allegations that Facebook is taking a different direction with its project, both ConsenSys and Microsoft are opting to make open source initiatives core pillars of their respective business models.
“If we can create certain standards it will help the system to build up faster, and that’s good for all of us,” Heck said. “The different products we have are all useful across the space and not built into some proprietary niche.”
Rhodes agrees with this approach, saying that engaging with the open source ecosystem serves Microsoft’s business objectives. He said the “philosophy of consumer ownership and consumer centricity” are core principles for designing Microsoft’s software going forward.
Allen said he hopes a sense of public responsibility will continue to be viewed as a competitive advantage – especially as Microsoft Azure goes head-to-head with Amazon Web Services for cloud market share.
“You could have a service that is in the cloud hosted by Microsoft Azure, but is absolutely secure because everything in it is encrypted with your keys that you control and everything that run under your authority, even though it’s in the cloud,” Allen said.
In Rhodes’ opinion, current experiments with blockchain technology are comparable to Microsoft releasing Windows 95 in decades past, which helped boost mainstream internet usage through a consumer-oriented operating system.
“Networking stacks were very tied to logins to existing networks,” Rhodes said of the pre-Windows 95 internet. “Like that, I think [Ion] is pretty significant.”
Decentralized Identity: How Microsoft (And Others) Plan To Empower Users To Own And Control Personal Data
Microsoft, one of the world’s largest software makers by revenue, is currently on a blockchain streak. This time, Microsoft presented a vast blockchain-related plan: a decentralized identity(DID) network built atop of the bitcoin network, which can potentially empower users all over the internet to take control over their personal data and content.
Earlier in May 2019, the United States tech giant announced its brand new Azure Blockchain Service along with Azure Blockchain Development Kit for the Ethereum blockchain. It also teamed up with Starbucks to present the first use case for its technology — tracking coffee production, from farm all the way to paper cups.
Decentralized Identity: From Helping Refugees To Fighting Data Centralization
The initiative could be traced back to the summer of 2017, when Microsoft collaborated with Accenture and Avanade to create a blockchain-powered database system that would enable multiple parties to share access to the same data with an “extremely high level” of confidentiality and security.
The prototype — running on Microsoft Azure, the tech corporation’s cloud platform — was presented to support ID2020. The group is a nonprofit, public-private partnership that has set out to deal with identity related challenges that plague over 1.1 billion people around the world. In particular those people come from less privileged social backgrounds and so the lack of documents excludes them from participating in cultural, political, economic and social life.
The concept of digital identity has been widely discussed as the key to solving those issues. For instance, the United Nations has proposed to use it to aid refugees, who form a substantial part of the undocumented population. “We want every refugee to have a unique digital identity,” Filippo Grandi, the U.N.’s high commissioner for refugees, declared in October 2017. “This will enhance accountability and facilitate two-way communication between refugees and service providers. It will also help prevent and reduce statelessness.”
Around the same time, Microsoft presented its prototype aimed at narrowing the identity gap, while the tech juggernaut also became a founding member of the Decentralized Identity Foundation (DIF). The company subsequently continued its research on how a digital identity can be decentralized, and therefore benefit not only those who don’t have an officially recognized identity, but average internet users as well — meaning practically everyone.
Fast forward to February 2018 and Microsoft unveiled more details regarding its distributed ledger technology (DLT)-based plan. Specifically, the company reported that blockchain technology allows hosting decentralized IDs (DID) on top of the distributed ledgers, and hence can grant users more control over their personal data, as opposed to having it remotely processed by “countless apps and services.” Ankur Patel, principal program manager at Microsoft Identity Division, wrote at the time:
“With data breaches and identity theft becoming more sophisticated and frequent, users need a way to take ownership of their identity. After examining decentralized storage systems, consensus protocols, blockchains, and a variety of emerging standards we believe blockchain technology and protocols are well suited for enabling Decentralized IDs. […] We need a secure encrypted digital hub (ID Hubs) that can interact with user’s data while honoring user privacy and control.”
Now, Microsoft has presented a new and an even more concrete concept: a DID network built on top of the bitcoin blockchain. Titled the Identity Overlay Network (ION), the infrastructure has been reportedly developed in conjunction with other DIF members to accommodate “tens-of-thousands of operations per second.”
Essentially, ION lets users obtain control over their own data via the management of their Public Key Infrastructure (PKI). “Today, the most common digital identifiers we use are email addresses and usernames, provided to us by apps, services, and organizations,” Daniel Buchner, senior program manager at Microsoft Identity Division, explained:
“This puts identity providers in a place of control, between us and every digital interaction in our lives. Our goal is to create a decentralized identity ecosystem where millions of organizations, billions of people, and countless devices can securely interact over an interoperable system built on standards and open source components.”
In other words, having a DID allows users to control their own data and content — including login details and photos, which is not currently possible on most social media platforms that store such data on their private, centralized servers. Consequently, some platforms might be quite skeptical about the concept of a DID. According to a CoinDesk report, Facebook, which had allegedly been invited to partake in Microsoft’s DID project, has rejected the offer and “instead continued to follow its historic approach to user data,” which involves monetization, as per various press reports.
Moreover, DIDs are supposed to be immune to hacking and data leaks, says Charlie Smith, an analyst at asset management firm Blockforce Capital. “The risk associated with security breaches and hacks could be largely reduced when considering that public blockchains are largely decentralized,” he told Cointelegraph exclusively. “Currently, large platforms control vast amounts of personal data and are suspect to centralized attacks in which bad actors can gain access to sensitive information.” According to Smith, the bitcoin network, which has never been hacked (in the conventional sense, at least) could serve as an effective public blockchain to hold private data.
Moreover, the analyst continued, public blockchains can track users who wants to access their data while keeping it safe:
“Another benefit stems from the ability for public blockchains to act as ledgers. Public blockchains, like bitcoin and ethereum, hold extensive records of every transaction that has occurred on each respective network and at the same time, cannot be altered. However, a blockchain could easily be implemented to track who accesses personal information and when. In both scenarios, a transaction of some kind is taking place. The underlying technology doesn’t need to change, just the implementation.”
Bitcoin’s Bane: Why Scalability Isn’t An Issue For Microsoft — And Other Did Networks
Notably, the tech corporation had to overcome bitcoin’s infamous scalability issue in order to make the infrastructure ready for mass consumption.
In the blog post, Microsoft explained that “the most robust, decentralized, public blockchains” operate at just tens of transactions per second, which is “nowhere near the volume a world full of DIDs would demand.” Since the company aimed to inherit the attributes of decentralization — and hence use slower, but time-proven blockchains — it had to address the throughput issue. As a result, Microsoft’s new solution reportedly ensures that as many as “tens of thousands of operations” per second can be achieved. That echoes the concept of the Lightning Network, which adds another layer to the bitcoin blockchain and performs large amounts of transactions off-chain, thus unburdening the main network.
“Critics have always been quick to compare the transaction processing abilities of the Bitcoin network with that of Visa or Paypal,” Smith told Cointelegraph. “It wasn’t until the lightning network was established that those arguments became far less valid. The ION network will face very similar critiques and will need to back up its lofty expectations with results.”
Also, Microsoft plans to collaborate with open-source contributors so that ION can publicly launch on the bitcoin mainnet “in the coming months” — meanwhile, the code has already been published on GitHub for everyone to review.
The U.S. tech giant’s plan isn’t the only DID initiative out there. Microsoft’s allies from the DIF community seem to be working on their own decentralized data solutions as well.
“As part of DIF we regularly review and give feedback to each other’s DID methods, to make sure they are interoperable,” Pelle Braendgaard, the co-founder of ConsenSys’ Self Sovereign Identity (SSI) solution uPort commented exclusively to Cointelegraph. “At ConsenSys, we’ve developed multiple DID methods. Our primary method is known as Ethr-DID.”
According to Braendgaard, although both Ethr-DID and SideTree — the blockchain agnostic protocol used by Microsoft for ION — are “very scalable,” there are some differences between the two. Specifically, he argued, SideTree DIDs “have to be created by a centralized server, currently hosted by Microsoft.”
When asked whether ION can be considered a fully decentralized project, Smith argued that it is “debatable, but all the main benefits of a decentralized network are present.” Particularly, he specified that “two major components of the ION network make it highly decentralized”:
“The system is set up so that no person or entity can control users’ identifying information and the public key infrastructure is decentralized. This means that the private and public key pairings aren’t managed by one central authority, essentially giving each user secure access to their identifying data. Even though Microsoft has spearheaded this project, they have formed it in a way that allows individuals to remain in charge of their information.”
Further, according to Braendgaard, SideTree DIDs are only useable off-chain in traditional applications, while some other DIDs — including its own — are fully usable both on blockchains and Layer 2 protocols.
Other major companies pursuing DID solutions include global online payments firm PayPal, which has recently invested in Cambridge Blockchain startup. Also a DIF member, Cambridge Blockchain is reportedly leveraging blockchain to give users more control over their digital identities.
“We envision a future where users have a lot more direct control over their personal data, and we also believe in open, interoperable architectures,” the startup’s CEO, Matthew Commons, told Forbes.
There is also Telegram, an encrypted messenger that is widely popular among the crypto community. Last year, it released a personal identification authorization tool dubbed Telegram Passport, which reportedly encrypts user’s personal ID information and allows them to securely share their data with third parties like “finance organizations, ICOs, etc.”
As per the announcement, users’ ID data is currently stored on the Telegram cloud, but “in the future, all Telegram Passport data will move to a decentralized cloud.” Indeed, that could help the messenger to boost its data tool’s security — just a few days after Telegram Passport was announced, cryptographic software and services developer Virgil Security reported that it is vulnerable to brute force attacks.
Will Microsoft’s Solution Become The Go-To One?
Microsoft’s DID-related plans seem to be highly ambitious. Specifically, the company aims to create an ecosystem where “billions of people and countless devices can securely interact over an interoperable system built on standards and open-source components.”
So, what are the chances of us seeing this come to be true?
“I can see how the ION network could potentially remove the control that apps and platforms have over digital identifiers and I believe that it could even become a worldwide-used phenomenon,” Blockforce’s Smith told Cointelegraph. “However, for that to happen, the technology powering the network would have to consistently prove that it can successfully scale.”
Once Microsoft manages to show that its network can handle thousands of transactions and operate on an industrial-scale, the data industry might be disrupted. This means that large social media platforms may have to adjust to the new rules and stop handling data in a centralized, opaque way — or else share the fate of Facebook and become infamous for regularly dealing with privacy concerns.