Milestone Kickoff: Identity Team ๐Ÿ”–

Hi all, we are the identity team at cLabs: Eela, @isabelle, @Alec and me :wave:

As @yerdua mentioned below (:point_down:), next Monday (July 18) we are beginning a ~4.5 week milestone until Thursday, August 18.

With this post, weโ€™d like to share some of our current priorities and associated deliverables.

Overall, our main priority is rolling out the new federated attestations protocol (โ€ASv2โ€) in parallel to the existing validator-run attestation protocol (โ€ASv1โ€). You can read more about the new protocol design and motivation in our recently published CIP51: Federated Attestations Protocol.

Our goals for the coming 5 weeks are to:

  1. Complete the ASv2 smart contracts audit process (incl. responses from auditors)

    This matters because all Celo core contracts have to be audited according to the release process and both the FederatedAttestations.sol and updated Escrow.sol smart contracts are central to the value proposition of the new ASv2 protocol.

  2. Refactor ODIS to support CIP40: Extension to ODIS for Password Hashing

    This matters because the ODIS refactor is blocking

    (i) the ODIS updates for ASv2 (CIP51: Federated Attestations Protocol), and

    (ii) the launch of PEAR :pear: (Pin Encrypted Account Recovery)

  3. Design a new rate limit for ODIS to support a more intuitive ASv2 onboarding experience

    This matters because an intuitive rate limit when querying ODIS peppers, is a core user experience promise we are making to adopters of the new ASv2.

  4. Circulate protocol design docs specifying user flows (such as onboarding and contact discovery for ASv2)

    This matters because intuitive user onboarding and contact discovery experiences are key requirements shared with us by prospective ASv2 issuers. By circulating these user flows, we aim to ensure our vision for these features aligns with the needs of prospective ASv2 issuers.

What next?

Weโ€™d love to hear from you. If this sounds interesting or you have any questions, we greatly appreciate any feedback you might provide, whether good or bad. We are here to listen to you. Feel free to respond below however small or big your message might be! Thank you :pray:

Also feel free to respond below if you are interested in participating in our ASv2 private beta release :rocket:


hi arthur!

Having neurons collapsing here trying to understand ODIS - Oblivious Decentralized Identifier Service,

  • Can you enlight us examples of usages for this Phone-number Privacy Protocol?
  • Could we โ€œchainโ€ our phone-number to a wallet-address (pubkey)?


1 Like

Thanks for your questions @DonaFlorinda!

I agree with you, we need to do a lot better explaining how our products work and how they can be used :+1: Thank you for reminding us, this is definitely on our mind.

Can you enlight us examples of usages for this Phone-number Privacy Protocol?

Iโ€™m not sure I can enlighten you (:smile:), but Iโ€™m happy to give you some TLDRs and illustrative use cases.

Concept 1: Adding a salt to a phone number* to better store it.

Concept 2: Using ODIS to generate peppers to better store phone numbers* on the blockchain

  • We use ODIS as a product to generate peppers so we can encrypt phone numbers* and store them on the blockchain (among other use cases)

  • ODIS also serves as a rate-limit to stop malicious actors from requesting too many peppers (which would make peppers pointless to start with)

    Rate limiting is a strategy for limiting network traffic. It puts a cap on how often someone can repeat an action within a certain timeframe [โ€ฆ]. Rate limiting can help stop certain kinds of malicious [โ€ฆ] activity.

    Source: What is rate limiting?

Concept 3: Using a registry to map encrypted phone numbers* to Celo addresses

  • We use a smart contract (Attestations.sol) to store mappings from phone numbers* (encrypted with peppers generated by ODIS) to Celo addresses.

To answer your question:

Could we โ€œchainโ€ our phone-number to a wallet-address (pubkey)?

Yes, you can create a pointer from your phone number to your Celo address on the blockchain, so anyone whoโ€™d like to know which Celo address belongs to you, can check that in the registry linked above. You can think of this like a pointer, but it is not capable of signing transactions on your behalf. Signing and submitting transactions is still performed using private keys under the hood.

Footnote: *Any string, for that matter.