Identity is tied to individual actors in the distributed ledger by Accounts. Accounts hold the associated data of the individual as metadata (optionally), but more importantly, there are a few cryptographic elements to associate and authenticate the individual to the account.
An account consists of the following elements:
- An elliptic Public key
- An address
- A node key of the screen hosting the account.
- An ISO timezone code
- An arbitrary key-value metadata store of personal information (name, company, geography, etc)
It is uniquely identified by its elliptic curve key pair (Public and Private key) as well as its address. The address itself is derived from the Public key of the account. The key pair is generated using elliptic curve secp256k1.
An elliptic curve private key is the private integer that generates the public key of elliptic curve multiplication with the chosen curve’s base point. All information for a user account can be derived from the private key.:
-----BEGIN EC PRIVATE KEY----- MHQCAQEEICbWyFXHqbJ4AkCroGfkkmtZmaxEtDHjIHgB9yi1VbzpoAcGBSuBBAAK oUQDQgAEHG2b0e5y/jZ/OhaALU509VtkNC49VE6/OZT8+/va0sxP+sHg+ZwOeaa4 9EmFUOIddlHVwjpeq9j8tX5glwToKw== -----END EC PRIVATE KEY-----
Private keys can also be layered with additional layer of protection in which the key body itself is encrypted with a passphrase and then EDE3 encrypted, requiring the user to supply the phrase before using the key.:
-----BEGIN EC PRIVATE KEY----- Proc-Type: 4,ENCRYPTED EK-Info: DES-EDE3-CBC,BE261F2652B3D42D MHQCAQEEIFzLhwiyvt76NlYgGbpzPlV3FQk8ZEnZ7loxmRYnzPKzoAcGBSuBBAAK oUQDQgAEBbEN3tve82UYi+UOI3JbDKHnbVyNq7SqCaTCHGgYodcBvp3eQEWcZdO/ XW2hfHV0XAcxVdgEBzgpwkBUpXoZIQ== -----END EC PRIVATE KEY-----
The public key is the compressed point stored as the binary representation of
y coordinates of the elliptic curve point compressed and
-----BEGIN EC PUBLIC KEY----- MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEHG2b0e5y/jZ/OhaALU509VtkNC49VE6/ OZT8+/va0sxP+sHg+ZwOeaa49EmFUOIddlHVwjpeq9j8tX5glwToKw== -----END EC PUBLIC KEY-----
Keys given through the SDK access are specified in hexadecimal form, in which a 128 character string encodes the public key, the first 64 bytes are the first coordinate:
pub = af0b33d9e8af2b771200a87012fc6aa07b391d8ac01b40975359a7d35d38f13b9d1d65b28a9a1a413436cf6dc5bafcb551a4953b8f30c751d111262ed07a13fd pub_x = af0b33d9e8af2b771200a87012fc6aa07b391d8ac01b40975359a7d35d38f13b pub_y = 9d1d65b28a9a1a413436cf6dc5bafcb551a4953b8f30c751d111262ed07a13fd
A given account in the system can be associated with an associating list / dictionary mapping small keys to small pieces of metadata that are relevant to application-specific uses of an account, allowing users to publicly specify data about their identity which is available to all participants.
An account within the Uplink network can be revoked via a Revoke Account transaction. Once accepted in a block, the Revoke Account transaction will remove an account from the ledger such that all future blocks or transactions issued by that account will be recognized as invalid by all nodes in the network.