We offer flexible APIs for building zero-knowledge proof based authentication and authorization, authenticated provenance, verifiable authenticity, and privacy preserving decentralized identity that scales to billions of people and devices.
Crytpid's APIs make possible a global scale solution for corroboration based identifying constructs; a.k.a. decentralized identity. By using trusted 3rd party sources of data such as know-your-customer (KYC) vendors, government institutions, and financial insitutions Cryptid's APIs are able to build up an identifying construct containing your identity and secure it with authenticated provenance without being linked directly to any given blockchain. The decentralized design enables scaling to billions of digital identities that are all independently verifiable and contain cryptographic material necessary for continuous authentication and authorization.
The identifying constructs are not limited to real world identity but may contain any information necessary for its intended use and context. An identifying construct could be built up proving you are an active contributor to open source projects or wikipedia, that you are a legally registered voter in a given location, or that you are the author of a specific paper. In many cases, your real-world identity is not required to accomplish proving ownership or authentication/authorization.
Cryptid's approach to decentralized identity eliminates the need for centralized databases and is a user-centric, privacy-first design with incredible scalability. If you need to provide decentralized identity to billions of people our APIs can get you there.
The Cryptid APIs and our corroboration approach to decentralized identity and key history management makes it possible to use decentralized version control software such as Git to create an air-tight regime for contributors and contributions. Projects may demand that the first contribution from any contributor be a patch that establishes the contributor's provenance log for tracking their key history. The provenance log must also contain their digital signature over the project's code of conduct, intellectual property rights rules, and any other project participation agreements. For projects that require contributors to identify themselves, the provenance logs must also contain proof of KYC from a vendor that the project accepts along with verifiably encrypted de-anonymization data that maybe decrypted by the KYC vendor to identify the contributor if the need ever arises.
Once this regime is in place, software projects may then automate Git with complex contribution validation rules such as multiple digital signatures from maintainers before merging. The PKI problem is solved by having the key histories in the repo as authenticated provenance logs. The most basic rule set is to simply require all contributions are digitally signed by a key that is already known to the project in one of the contributor provenance logs in the repo itself. This ensures that only contributions from known contributors are accepted. It also ensures that the repo and its entire history is self-certifying and verifiable.
One other nice advantage of the decentralized and corroboration based identity approach is that all non-coding contributions may also be cryptographically linked to the project by using our Oberon API security product. Activity on community functions like message boards, CI/CD, and chat platforms may now be linked to provenance logs in the repo and therefor enable a full measure of project activity by each contributor all without the need of a centralized platform.
By leveraging the decentralized identity capabilitiy described above and the authenticated provenance tracking for data, platforms that publish user generated content can now filter content based on the provenance of the data. This allows legitimate creators of content to prove the provenance on their content to get it published. Deep fakes can be filtered out simply because the creator cannot prove the content came from an authorized source.
Cryptid has the ability to ensure the legitimacy of any software or firmware updates using a combination of authenticated provenance and decentralized identity. The scalability of our approach makes it the ideal solution for managing software updates in large networks such as IoT sensor networks, ATM networks, fuel pump networks, smart meter networks and anywhere security and auditability is critical.
The corollary to the anti-deep fake filtering example above is that we now have the ability to free NFTs from blockchain walled gardens and implement a fully decentralized and automated IP licensing system with DRM that relies upon verifiable provenance and verifiable authorship and licensing terms. Using Cryptid's APIs it is possible to build self-serve IP licensing e-commerce platforms where the licensed IP can then be re-used in other platforms that enforce digital rights management by verifying the provenance.
To put it in simple terms, Cryptid's APIs open up the possiblity of licensing an avatar of a movie character from a movie studio and then use it on a gaming platform that verifies the provenance and licensing without any pre-arranged agreement between the movie studio and the gaming company.
Also known as "Log in as Human", the decentralized identity described above supports proving to any social networking platform that you are a human without ever telling them who you are. Oberon's private API access allows for accessing social networking platforms without sharing any private information. The scalability of our design allows for its use even on the largest of social networking platforms with billions of users.
Along with our three APIs for authentication, authenticated provenance and verifiable authenticity, we also offer an open source implementation of the Disco protocol. Disco solves the problem of instantly resumable and mutually authenticated confidential sessions. Disco with Oberon, Theseus, and Hippolyta serves as a next generation replacement for TLS, X.509 and OAuth 2.0. Not only are the three together more flexible and resilient but they can operate over any transport medium and take the form of any kind of communication. They represent a grand convergence solution that can be used for authenticated and confidential email, authenticated and confidential instant messaging, as well as authenticated and confidential file sharing. Our Disco implementation also supports out-of-order message delivery and the sessions are resumable no matter how much time has passed since the last message was sent and received.