kvnyu24/awesome-identity

A curated list of resources related to identity, privacy, and reputation

Awesome Identity

This is a curated list of academic, engineering, and educational resources related to identity, privacy, and reputation. It's audience includes researchers, developers, enterprises, investors, students, and anyone who's interested in these topics.

The highly interoperable, composable, and user-owned future of the Internet, around which "web3" is termed, is far away from maturity, despite large amounts of capital being poured into the space. In the meantime, identity, aside from blockchain tech, is emerging as a crucial new primitive that may eventually unlock the massive adoption of web3 applications (or as Jack Dorsey would like to term it, web5). Since identities are centered around user behaviors, their privacy naturally becomes important. Similarly, a wide array of identity-based applications are built around user reputation, which measures and (sometimes) quantifies vanilla user behavior data.

With the above in mind, this repo keeps track of the latest academic research, project and framework development, and educational resources related to the field. We attempt to keep all the resources as approachable as possible by providing more context for them. For academic papers, it's recommended for additional explanatory resources like slides and videos to be added. In addition, I will gradually add in paper reading sections for listed papers for further explanation.

For contributions, please refer to the contribution guidelines.

Identity

IAM (Traditional)

Papers

• HIR-CP-ABE: Hierarchical Identity Revocable Ciphertext-Policy Attribute-Based Encryption for Secure and Flexible Data Sharing
  Q. Dong, D. Huang, J. Luo
  Preprint, eprint
• Privacy-preserving Identity Management System
  J. Lee, J. Choi, H. Oh, et al.
  Preprint, eprint
• Identity-Based Authenticated Asymmetric Group Key Agreement Protocol
  L. Zhang, Q. Wu, B. Qin, et al.
  COCOON 2010, eprint
• Holistic Privacy-Preserving Identity Management System for the Internet of Things
  J. Bernabe, J. Ramos, A. Gomez
  Mob. Inf. Syst. 2017, hindawi
• Efficient Access Control of Sensitive Data Service in Outsourcing Scenarios
  Y. Zhang and J. Chen
  Preprint, eprint
• A Framework for Secure Single Sign-On
  B. David, A. Nascimento, R. Tonicelli
  Preprint, eprint
• Secure Decentralized Access Control Policy for Data Sharing in Smart Grid
  Y. Ye, L. Zhang, Y. Mu, et al.
  INFOCOM 2021, eprint
• Cross-Domain Identity-based Matchmaking Encryption
  A. Wu, J. Weng, W. Luo, et al.
  Preprint, eprint

Projects

• OpenId allows user authentication based on relying parties (RP) with third-party identity provider services.

Decentralized Identity | Self-sovereign Identity

Papers

• Methods for Decentralized Identities: Evaluation and Insights
  W. Fdhila, N. Stifter, K. Kostal, et al.
  BPM 2021, eprint
• SIMS : Self Sovereign Identity Management System with Preserving Privacy in Blockchain
  J. Lee, J. Hwang, J. Choi, et al.
  Preprint, eprint
• CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability
  D. Maram, H. Malvai, F. Zhang, et al.
  SP 2021, eprint
• Decentralized Multi-authority Anonymous Authentication for Global Identities with Non-interactive Proofs
  H. Anada
  BITS 2019, eprint
• A Decentralized Public Key Infrastructure with Identity Retention
  C. Fromknecht, D. Velicanu, S. Yakoubov
  Preprint, eprint
• A Privacy-Preserving Distributed Identity Offline-First PoCP Blockchain Paradigm
  A. Nassief
  Preprint, eprint
• Decentralized Anonymous Credentials
  C. Garman, M. Green, I. Miers
  NDSS 2014, eprint
• Studying Bitcoin Privacy Attacks and Their Impact on Bitcoin-Based Identity Methods
  S. Ghesmati, W. Fdhila, Ed. Weippl
  BPM 2021, Springer
  • Research Summary

Frameworks

• Sidetree Protocol is a protocol for creating scalable Decentralized Identifier networks that can run atop any existing decentralized anchoring system (e.g. Bitcoin, Ethereum, distributed ledgers, witness-based approaches).
  • GitHub
  • REST API
  • Ion is a permissionless DID network that implements Sidetree on top of Bitcoin
  • Sidetree Ethereuem is a REST API that supports anchoring of Sidetree Transactions to the Ethereum Blockchain

Account-bound Tokens | Soulbound Tokens

Interfaces

EIP4973

A standard interface for non-transferrable NFTs binding to an Ethereum account like a legendary World of Warcraft item binds to a character.

• Discussion on Ethereum Forum
• GitHub Submission
• Offical EIP Specification Document
• Reference Implementation by Proposers
• Blog Post That Summarizes The Account-bound vs Soulbound Debates
• Core Contract Design Update Commit

Other Interfaces

• ERC: Proxy standard #121
• ERC: Claim Holder #735
• ERC1238: Non-transferrable Non-Fungible Tokens (NTT) #1238
• Creates EIP-5114: Soulbound Token
• Add EIP-5192 - Minimal Soulbound NFTs #5192

Implementations

• Sismo Protocol: a modular Attestations Protocol focused on decentralization, privacy and usability.
  • Sismo Protocol Contracts
  • Docs

On-chain Key Management

Social Recovery Wallets

• Vitalik's Basic Explainer of Social Recovery Wallets

Implementations

• Argent
  • Argent Recovery with Guardians
• Loopring Wallet
  • Loopring Interface to Assign Guardian

---

Privacy

MPC-based Solutions

• DECO: Liberating Web Data Using Decentralized Oracles for TLS
  F. Zhang, D. Maram, H. Malvai
  CCS 2020, arxiv
  • Official Website
  • Ari Juels Presentation
  • Chainlink Mixicles

Basic MPC

• The Awesome MPC Repo by rdragos
• The Awesome Secure Computation Repo y Jamie-Cui

General MPC Frameworks

• Multi-Protocol SPDZ: Software to benchmark various SMPC protocols such as SPDZ, SPDZ2k, MASCOT, Overdrive, BMR garbled circuits, Yao's garbled circuits, and computation based on three-party replicated secret sharing as well as Shamir's secret sharing (with an honest majority).
• Secretflow: SecretFlow is a unified framework for privacy-preserving data intelligence and machine learning

ZKP-based Solutions

• zkKYC in DeFi: An approach for implementing the zkKYC solution concept in Decentralized Finance
  P. Pauwels, J. Pirovich, P. Braunz, et al.
  Preprint, eprint

Basic Zero-knowledge Proofs

• The Awesome ZKP Repo by matter-labs
• The Awesome ZK Repo by ventali
• The Awesome ZKP Repo by mattgstevens
• The Awesome ZKEVM Repo by LuozhuZhang
• The Awesome ZKP Starter Pack Repo by paulrberg
• The Awesome Plonk Repo by fluidex

PSI-based Solutions

PSI Frameworks

• OpenMined's PSI Implementation in Multiple Languages
• encryptogroup's PSI Implementation in C++
• Microsoft's Asymmetric PSI Implementation in C++
• Google's Private Join and Compute Library in C

TEE-based Solutions

• Town Crier: An Authenticated Data Feed for Smart Contracts
  F. Zhang, E. Cecchetti, K. Croman, et al.
  CCS 2016, eprint
  • Website
  • GitHub

Secret Handshake

• Match Me if You Can: Matchmaking Encryption and its Applications
  G. Ateniese, D. Francati, D. Nuñez, et al.
  JOC 2021, eprint

---

Reputation

• A Decentralized Anonymity-Preserving Reputation System with Constant-time Score Retrieval
  R. Bazin, A. Schaub, O. Hasan et al.
  Preprint, eprint

Mechanism Design

Quadratic Voting

• Nash Equilbria for Quadratic Voting
  S. Lalley, G. Weyl
  Preprint, arXiv
• Liberal Radicalism: A Flexible Design For Philanthropic Matching Funds
  V. Buterin, Z.Hitzig, G. Weyl
  Preprint, SSRN
• Implementation by Vote-Buying Mechanisms
  J. Eguia, D. Xefteris
  Preprint, SSRN

Negative Reputation

Social Network Analysis

Game System Design

---

Other Educational Resources

Cryptography

• Awesome Cryptography by sobolevn
• Collected Libraries & Packages about Cryptography in Rust
• The Python cryptography Library
• The Javascript crypto-js Library
• Supplementary Crypto Libraries in Go
• Crypto++

Compliance

• Compliance Rank

GDPR

• Official Website
  • What is GDPR
  • Checklist
• GDPR Enforcement Tracker
• GDPR Developer Guide

CCPA

• Official Legislation Document
• Technical Specifications to Support US Privacy Initiatives