Scott Brady discusses the challenges and lessons learned from integrating with blockchain identity providers, focusing on the initial research and findings from available identity projects. He highlights issues such as inadequate documentation, integration difficulties, and the lack of standard practices in the blockchain identity field. Despite these challenges, he remains optimistic about the future due to the emergence of open standards and collaborative working groups.

1. Lessons Learned from
Integrating with Blockchain
Identity Providers
Scott Brady – Rock Solid Knowledge
@scottbrady91 – Rock Solid Knowledge

2. Introductions – Scott Brady
• Background in OAuth, OpenID Connect, SAML, & WS-Federation
• Identity & Access Control Lead at Rock Solid Knowledge
@scottbrady91 – Rock Solid Knowledge

3. Introductions – The what & why
• Why: Woo, Blockchain!
• What: A blockchain project that I could use as an external Identity
Provider
• Start: First Google search
• Finish: Why I am still searching
@scottbrady91 – Rock Solid Knowledge

4. I will not be naming names
Unless you buy me a beer first...

5. First Google Search
icoalert.com?q=identity

6. Blockchain Identity
projects
91
(taken from github.com/peacekeeper/blockchain-identity)
@scottbrady91 – Rock Solid Knowledge

7. Blockchain Identity
projects with product pages
17
@scottbrady91 – Rock Solid Knowledge

8. Blockchain Identity
projects with products available to the public
3
@scottbrady91 – Rock Solid Knowledge

9. Initial Impressions
• One page developer documentation
• One integration library
• A developer portal for registering apps
• Token was the community focus
@scottbrady91 – Rock Solid Knowledge

10. The Typical Authentication Flow
BlockchainBlockchain Identity ProductUser
Identity Requestor
Mobile Device

11. The Typical Authentication Flow
BlockchainBlockchain Identity ProductUser
Identity Requestor
Mobile Device
Resource Owner Identity Provider
Client/Relying Party

12. Dig a Little Deeper…
• Trademarked reinventions
• Call for integration libraries
• No evidence of blockchain usage
• Single points of failure
@scottbrady91 – Rock Solid Knowledge

13. The Code
• Custom JWTs
• Non-standard signing
• Non-standard encryption
• Usage all over the place
• Hidden public keys
• Private keys that aren’t private
• Integration issues that are already solved
@scottbrady91 – Rock Solid Knowledge

14. Relationships
Identities
Attributes
Attribute Metadata
Authentication Data
Deeper Network Layers
Stephen Wilson’s “Proposed Digitial Identity Stack”

15. Relationships
Identities
Attributes
Attribute Metadata
Authentication Data
Deeper Network Layers
Stephen Wilson’s “Proposed Digitial Identity Stack”

16. There’s Still Hope
• Open standards are on the way
• Distributed Identity Foundation
• Sovrin
• Authentication/Integration Working Groups still last…
@scottbrady91 – Rock Solid Knowledge

17. We Cannot Work in Silos
@scottbrady91 – Rock Solid Knowledge

18. Thanks!
@scottbrady91
www.identityserver.com