Do you control your identity?

Today identity is heavily centralized. As a result, users often have no control over how their data is being (ab)used as evident by the countless data breaches leaking sensitive personallly identifiable information.

DID: A user-centric vision for identity

Backlash against handling of personal data by large tech firms has recently given rise to a new method of identity management, known as self-sovereign identity (or) decentralized identity.

The key idea is simple: give users complete control of their own data. In a decentralized identity (DID) system, each user maintains a set of credentials or DIDs. In such a system, an online job applicant might release a digitally signed credential from her university showing that she has received a bachelor’s degree.

A lot of work is going on right now to create the neccessary infrastructure to be able to issue and manage these credentials. The organizations include, but are not limited to W3C, ERC 725 , various organizations under Hyperledger and ID2020.

But existing DID proposals suffer from various problems

Most systems presume the existence of a community of issuers of digitally signed credentials. But such issuers may not arise until decentralized identity infrastructure sees use. The result is a bootstrapping problem. A big impediment to DID adoption is the inability of proposed systems to leverage the rich data on users available in existing web services that do not issue signed attestations. Other challenges DID systems face include:

Key management: In DID systems, users bear the burden of managing their own private keys. Key recovery is potentially the Achilles’ heel of such systems, as it is well known that users regularly lose valuable keys.
Sybil-resitance: An important requirement for many real-world systems is Sybil-resistance, i.e., how to issue one credential per user?
Accountability: It is challenging both to provide user privacy, i.e., conceal users’ real-world identities, and achieve compliance with regulations such as Know-Your-Customer (KYC).

Say hello to CanDID!

CanDID achieves all the above goals. In a nutshell, CanDID leverages our previous work, DECO, to turn almost any legacy provider into a DID issuer right now! Read more about it in the ePrint version. For a quick overview, read our blog post. We are excited to work with J.P. Morgan in building an initial CanDID Proof-of-Concept. Please get in touch with us if you have an interesting use case for CanDID or if you any questions.

CanDID features

Legacy Compatibility

Key Management




Deepak Maram
Deepak Maram is a fourth-year PhD student at Cornell Tech whose research interests lie in applied cryptography. Common themes include enriching blockchains with new functionality and building user-centric systems.
Harjasleen Malvai
Harjasleen Malvai is a PhD student at Cornell University with research interests in theoretical and applied cryptography as well as their applications to blockchains, she also maintains an interest in run-on sentences.
Fan Zhang
Fan Zhang is an incoming Assistant Professor in Computer Science at Duke University starting 2021 Fall. He is currently a security researcher at Chainlink Labs. His research primarily focuses on security/privacy/scalability problems in decentralized systems, especially those enabled by blockchain protocols and trusted execution environments (TEEs). He recently received his Ph.D. in Computer Science from Cornell University.
Nerla Jean-Louis
Nerla Jean-Louis is a PhD student at UIUC.
Alexander Frolov
Alex is a master's student at Cornell University. He is interested in cryptography and applied cryptography
Tyler Kell
Tyler Kell is a research engineer at IC3. In a previous life, Tyler was a penetration tester, and enjoys an extensive history of breaking security assumptions.
Tyrone Lobban
Tyrone leads J.P. Morgan’s firm-wide Blockchain & Crypto Program and is responsible for identifying and creating innovative blockchain-based products and solutions for J.P. Morgan’s businesses and clients, and for engaging with the industry at large in order to provide a holistic blockchain strategy for the firm.
Christine Moy
Christine is a Managing Director at Onyx by J.P. Morgan and leads the Liink network. As one of the founding members of J.P. Morgan’s blockchain program, Christine created its key initiatives in digital assets, tokenized payments, internet-of-things and digital identity, and continues to be driven by a mission to make the impossible possible..
Ari Juels
Ari Juels is the Weill Family Foundation and Joan and Sanford I. Weill Professor in the Jacobs Technion-Cornell Institute at Cornell Tech and the Technion and a Computer Science faculty member at Cornell University. He is a Co-Director of the Initiative for CryptoCurrencies and Contracts (IC3). He is also Chief Scientist at Chainlink.
Andrew Miller
Andrew Miller is an Assistant Professor at the University of Illinois, Urbana-Champaign, in Electrical and Computer Engineering and affiliate in Computer Science. He is an Associate Director of the Initiative for Cryptocurrencies and Contracts (IC3) and a board member of the Zcash Foundation and Ethereum Enterprise Alliance. He is also Director of the Decentralized Systems Lab at UIUC!