Our Own Decentralized, Heterogeneous Identity Network

What does that mean?
Why might we want it?
How would we do it?

IRL: a world of people.
Online: accounts, spam, bots, or worse

Demo

Empty Nerdster

No content
No people
(You don't ever have to use Nerdster, but atm it's the only thing that can show and leverage our decentralized identity network.)

ONE-OF-US.NET phone app

No key, Create, ..
Congrats! Got crypto (cryptographic public/private key pair)

Sign in to Nerdster (no delegate key)

Click "QR Sign in"
Click QR Scan icon on phone, show it Nerdster "Sign-in Parameters"
Identity key sent / received
No content
"Me" exists now
(Warning: You're invisible)

Vouch for Tom

Click QR Scan icon on phone, show it Tom's phone
Name "Tom"
(dismiss but mention)

That's all you have to do to build our decentralized identity network.

Refresh Nerdster (from tree pane)

Witness Tom
Witness content in content pane

Check recommended movies

Filter movies, Sort by recommended
Check Andrew's and Tom's ratings
Click Andrew
Park on Andrew's smiley to see vouch chain

Like

Sign in with delegate (dismiss notifications but mention)
Like (dismiss notifications but mention)

What happened?

2 apps

ONE-OF-US.NET phone app: Builds identity network
Nerdster web app: Leverages identity network

Both apps go to extreme lengths to demonstrate and highlight the crypto behind the scenes.

to convince you that it's legit
because it's way different from username/password sign-in at a service
(The 2 apps are not connected, have no special access.)

Why even crypto?

Public Key Cryptography allows someone with a public/private key pair to sign content (create a digital signature) that anyone who knows the public key can verify.
No authority involved.

Show 3 Crypto boxes

Signing works. Keys are cryptic.
Nothing fancy or devious
Signing any content, even keys.
We could all be signing stuff, but we wouldn't know whose keys are whose.
Identity.. Tada!
Marge scanned her kids' phones and distributed their keys.
Lisa can tell that this was done by Bart and references Millhouse.

Distributing keys is the crux

Must be done authentically (and by us)

When you scan phones, you:

author a statement vouching for another person's identity and humanity
reference their identity, a crypto public key
cryptographically sign that statement (requires your private crypto identity key, can be verified by anyone who knows your public key)
publish it to a location where everything signed by that key can be found.

In order to:

distribute their identity key
in a way that is verifiable as having been done by you

Why even delegates?

100's of services we enjoy (Nerdster not among them)
- social (Facebook / Insta, 4 Twitters, ...)
- shopping (eBay, Craigslist, Amazon, Marketface, ...)
- reviews (Yelp, Maps, etc..)
- video (YouTube, TikTok, Twitch, ...)
- dating (Tinder, Grindr, Bumble, ...)
- services (Uber, Lyft, Airbnb, VRBO, ...)
- texting (Messenger, SnapChat, WhatsApp, Signal, ...)
- news (NYT, WSJ, etc.)
Wouldn't work out well to give our private key to every one of those
But we do want to have people on them
(Anonymity can be offered by trusted services)

When you create a delegate, you:

create a new, disposable public/private key pair
sign that this key represents you on that service
securely transmit that key pair to the service
(Your identity private key stays on your phone)

When you do something on the Nerdster, it:

signs a statement using its delegate key
publishes it where everything signed by that key can be found

Show statements and keys on the Nerdster.

Statements: raw or interpreted, for every activity
Keys: QR and text, token, too (double click)
Open link to published statements
public, signed, portable.
This is the place (and only place) where both apps get their data

Whitelisted, Authentic

Complete Cryptographic Digital Signature Chain Starting from your identity to all the content you see.

Any activity on either app signs and publishes a statement

Portable, verifiable by anything regardless of where it was found.

Signed content can be replicated all over the place
Trusted because crypto, not origin or authority

Nerdster and ONE-OF-US.NET are not connected, have no special access.

Ready!

Show last Crypto box

Sign-in with or without delegate keys is available for any service.

Heterogeneous

Read page
Show Heterogeneous boxes

The Paradigm

Your identity online is your crypto key. (Heterogeneous, simple, open, portable)
It's on us to state whose key is whose. (Decentralized)
Sign if you care to, and we'll know it was you. (Authentic)

The Internet can evolve, take it from there, wherever that may go..

Competing algorithms over our signed content
Can't do that with our siloed content.

Nerdster Sample Features

Change PoV

Demo phone not in network
names change, decentralized
content changes
Any other service could do or otherwise leverage all of this using the published ONE-OF-US.NET and Nerdster signed statements

Block Tom, Follow Andrew

Block Tom for <nerdster> context - no content other than demo phone's like
Follow Andrew, now we see Andrew and his son's content
leverages the identity layer
like all the other actions, this can be verified and leveraged by your network on other services you use. Portable

Demo or mention..

Submit
Relate (equate, not related, ...)
Tag
Censor
Toggle censorship
Network degrees and paths..

Show nerdy Nerdster homepage: https://nerdster.org/home

Simpsons Bot Farm
Conflicts, fraud, censorship, and worse...

What we didn't do

Pick a username
Pick a password or sign in traditionally
But we did name Tom
(Tom didn't name the Demo phone)

Demo Close Account

No accounts - you hold the keys

The demo phone sort of gave the Nerdster an account, not the other way around.

Show account / delegate key on Nerdster

Turn on Show Crypto
Locate demo phone's delegate key

The phone app holds your identity key, manages these things...

Show phone app menus

Share: Email QR, ...
Settings: Import/export keys (they're yours), ...
Sign:

Trusts / Blocks: Your network
Replace: Your former identity keys (you'll lose them, have them compromised, ...)
Delegate: Your authorized services (Nerdster, ...)

Clear the Nerdster's delegate key

Could revoke (since always, or at any time in the past)
Just clear (remove / erase)

Show account gone (no delegate key) on Nerdster

Refresh, delegate key gone
Likes and everything else is gone, too (block Tom, follow Andrew)

I don't have an identity account with ONE-OF-US.NET or any other service.

If anything, I have an account with the folks who've vouched for me.
(demo will not get an account with me)

Identity

I am not my Facebook account, my email address, shopping history, prescription medications, ...
That's how the Internet knows me but not how people do.

We're not trying to build a new network, the IRL network already exists

We're just publishing it authentically so we can use it online.

How would having our authentic identities online affect us?

More open to learning? growth?
The folks forming your news feed would be there because you invited them, not because an algorithm figured out which accounts or content trigger you.
PoVs.. Even if you don't want to openly news follow me and have it affect those who news follow you, you could still visit, maybe understand, comment, connect..
Pseudonymous haters in digital backwaters... Would they grow less relevant were authenticity to stage a comeback? Would they be kinder? gentler? How about the rest of us? less confused? less angry?
Will we recognize them as cowards?

Decentralized Organization

Not a hierarchy, silo, gov't, or editorial board...
Robust and resistant to corruption, censorship, and control

Click Possibilities box...

Recap

"Our Own Decentralized, Heterogeneous Identity Network". If you came into this not clear on what we mean by that, I hope you do now.
Not my network, not the ONE-OF-US.NET network, not the Nerdster network... our decentralized network.
Both apps can be considered demos, but this could be how this starts.
Services can consume and produce authentic content that can play nice with other authentic content from other services.

Open for competition and evolution. Anyone can build better services leveraging our authentic identities and content. (All your likes are belong to us;)
How will they know who's who? We'll tell them. We build network and let them use it.

Thanks!

Get your key
Scan phones
See you on our own decentralized, heterogeneous network