What is Hyperledger Indy?
In the term Hyperledger Indy, Indy is an abbreviation for Independent Identity.
It is one of the most successful umbrella projects in the Hyperledger domain. Indy is an architecture that supports decentralized identities and distributed ledgers.
The original source code of the project was first donated to Sovrin Foundation by Evernym INC which then contributed to the Linux Foundation cap.
One can get lots of numerous libraries, tools, reusable components along with Indy architecture.
The most basic operation in Indy is the creation of Decentralised Identifiers (DID), also named Verinym which is done using NYC transactions.
Key Features of Hyperledger Indy
The basic key features of Hyperledger Indy which define and make it better in the Hyperledger domain are as follows:
1 Self-sovereignty
The Indy framework stores identities in the distributed ledger backed by special artifacts which include cryptographic accumulators, proof of existence, public keys, and etc.
Only the creator is allowed to alter or remove the identity from it. The self-sovereign player in the Indy platform is
- Identity Providers are the decentralized nodes that issue their identities based on rules that are pre-defined.
- Identity owner holds their verified identities in the ledger which provides them with public-private pair of keys for security.
Identity Validator: These are the nodes in the network with high intensity of trust in the validation process
2 Purpose-built:
This project is framed for decentralized identities only, where one can use the ready platform for the integration process to incorporate in the industries.
- Indy Consensus: The Hyperledger Consensus is basically an advanced format of the Plenum Byzantine Fault Tolerance model where the multiple parallel instances of BFT can be seen forming its primary replica. Only the master node in the platform is allowed to be an active role-player in the execution of it.
- Privacy: The platform provides privacy which is outlined, by default in the Hyperledger Indy documentation. It operates without any contradiction and involvement of any other third party. Thus, the privacy mechanism in Hyperledger remains similar to any other decentralized system.
- Nodes: Ideally the device that performs transactions on the blockchain is called a node. In the Hyperledger Indy SDK, there are nods such as full and master nodes.
- A client in the Indy SDK operates on the network and accordingly maintains its full copy in the ledger which is known as a full node. On the other hand, a master node is meant for decentralized governance in the platform.
- Verifiable claims: The identity claims are required for the initial transaction in the form of ideal documentation which proves powerful if combined together. Yet the identity to form a ledger can be proved with a single ID form, no repetitive submission is required for every transaction.
- Identity Correlation- resistant: According to the Hyperledger Indy documentation it is purely correlation-resistant where one can stop worrying about duplication or misuse of one ID to another. Inarguably the platform does not allow connective access to two IDs with similar credentials in the ledger.
- Decentralized Identifiers (DIDs): All the Decentralised Identifiers in the platform are globally resolvable and distinct where no central authority is required to be in the process. Thus, each identity in the platform belongs to each distinct individual resulting in data theft reduction.
- Peer-to-peer connection: This feature allows communication between two peers without the need for any intermediatory in between.
- Zero-knowledge Proofs: With the adherence to zero-knowledge proofs one can disclose only the required information when needed. This provides additional control of members over the information.
How Does the Process Work?
- The process starts with the users providing their name or any human memorable form for the ID.
- Further, the ID name will then be converted into a unique code or key which is referred to as Decentralised Identifiers (DID). The value attached to DID is known as DID descriptor Object (DDO). Thus forming a DID record.
- One can identify users with the help of DID records which are secured cryptographically in the form of private keys.
- Once the private key has been issues then the user will be assigned the corresponding public key to interact services with the identity holder.
- Consequently, the users will be able to access method specifications where they can register, update, revoke and resolve their respective IDs on the Indy ledger.
Hyperledger Indy Transaction
- Dest (base58-encoded string) target DID for 16 or 32-byte value which is different from the metadata field. Dest is a newly created DID.
- The NYM being created contains one of the following values: NONE for the common user, 0 for Trustee, 2 for Steward, and 101 for Trust Anchor. The trustee is allowed to alter NYM’s role to NONE thus halting it to make further writes.
- Varkey (base -58 encoded string) starts with the “~” and should be 16 bytes long when decoded, else would be called full Verkey containing 32 bytes. If nothing has been set or altered to NONE then the user is said to be under guardianship.
- NYM alias: If there already exists specified DID then it is considered as an update of it whereas in the absence of DID it is considered for the creation. Hence, if the key rotation is required to be performed, the owner needs to send an NYM request with Dest and Varkey, but Role and Alias remain the same.
Benefits of Hyperledger Indy
- It provides the users with full control over their identities.
- Since the ledger is visible to all authorized individuals as it is encrypted, therefore ensures transparency to the users.
- The mechanism of the Indy ledger is interoperable which means users can use their respective identities on allowed networks.
- The consent of the authorized party is required to access the information which makes it more secure.
- The users can enjoy full independent existence on the ledger after all required formalities are done.
- The process is highly flexible as the identities in the platform remain as long as the user intends to keep it active or else they are allowed to remove it whenever they want.
- The users are also provided with the option to transport their identities to other devices which makes it extremely portable.
- It allows users to have a password-less authentication process as it is easier to crack. Thus, to provide better security one can authenticate the ledgers using biometric mechanisms.
End of Spam
The improvement in the Hyperledger protocols has eliminated the spamming in the process owing to the following reasons:
- The more sorted and suited decentralized membership model provides the agents with the facility to use their issued membership card anywhere it is allowed.
- The strict age restriction protocols should be implemented to avoid unwanted traffic and misuse of the procedures.
- With the Hyperledger Indy, developers can officially sign software before releasing it in the market to ensure the legitimacy of the software. The absence of legitimacy will prompt a vulnerability alert.
- It is mandatory for the companies to verify the employees ensure the truthfulness and validation in the further mechanism.
- With the Hyperledger Indy in the role, companies can easily provide provenance to the customers creating a healthy environment for trading.
- The facility of using a single identity for innumerable uses and purposes can enhance the global reach.