Please describe your proposed solution.

Identity on Cardano

Atala PRISM, a digital identity project by IOG, opened its doors to the first set of PRISM Pioneers about 1.5 years ago. DID PRISM, the DID method developed by the Atala team, is anchored on the Cardano Blockchain - that mean that the DIDs are encoded and saved on-chain. Though the specification has only undergone minor changes over the years, it has only recently been made public (<https://github.com/input-output-hk/prism-did-method-spec/blob/main/w3c-spec/PRISM-method.md>), officially enabling the community to create their own node implementation.

Open-Source PRISM Node

The blocktrust team, actively participating in the PRISM community for over a year and a half, consistently builds projects on Atala PRISM, such as the blocktrust identity wallet, the analytics platform, the credential builder, a DIDComm Mediator and more. Last year, we developed a prototype of a PRISM Node based on our research and deductions from what we gathered from the on-chain metadata. Since the Atala team had not officially published the DID PRISM method specification at the time, we limited our Node prototype to reading from the blockchain, avoiding writing to the chain so as not to create a conflict of interest with the Atala team. The outcome is the blocktrust analytics platform, currently the only way to track PRISM operations on the chain.

Now, the Atala team has chosen to publish the specification while keeping their implementation closed-source (for allowing future revenue streams), paving the way for an open-source PRISM Node implementation based on the latest specifications. Finally having an open-source community driven PRISM Node would obviously be a massive step for the ecosystem.

Capabilities

To achieve this goal, we will leverage our previous experience with the prototype, revise it, and add the ability to not only read but also publish DIDs to the blockchain. To see our current implementation in action, visit Blocktrust Analytics (<https://analytics.blocktrust.dev/>), a platform to explore all PRISM transactions on the blockchain and see the live updates of all PRISM related transactions.

Our Node will have the following features and be fully compatible with the current specification:

• The Node will offer a REST API for common DID operations: Publish DID, Update DID, Deactivate DID, Resolve DID and GetOperationStatus
• All these operations will also be available via gRPC
• An Admin UI will allow creating tenants with Cardano wallet addresses
• Store the private keys for the tenants
• Provide the ability to fund those addresses and unlock the funds. This funding will cover the necessary ADA for uTXO transactions to the blockchain, with the encoded DID operations as metadata payload
• The node will have a UI, offering a graphical overview of the state of processing PRISM operations
• An alternative approach to submit an already serialized transaction will be provided, eliminating the need for funding through the integrated wallet

However, a PRISM Node does not function independently; it requires access to a database with all past and new incoming PRISM operations. In our prototype, we used the Cardano-node and dbsync. For this proposal's rewrite, we'll additionally offer the ability to use TxPiper.io Oura, as well as Blockfrost for streams of new incoming blocks.

In the future (not included in this proposal to keep the scope manageable), we may also consider implementing the Universal DID Resolver and Universal DID Registrar definitions, further promoting the adoption of the PRISM DID specification beyond the Cardano ecosystem.

How does your proposed solution address the challenge and what benefits will this bring to the Cardano ecosystem?

The DID PRISM method specification by the Atala team stands as a well-thought-out blueprint for DID methods, notably when compared to some others registered with the W3C. Given the uncertainty surrounding Atala PRISM's business model (as they must generate revenue) and the project's future direction, having a single, closed-source node implementation controlled by IOG may seem like a reasonable business decision. However, it does not align with the best interests of the Cardano or SSI community in general.

Furthermore, introducing an additional node would incite competition, stimulate development, and encourage more community members to use, integrate, and be involved in the digital identity ecosystem. This could potentially open an additional revenue stream for StakePool operators, allowing them to utilize their existing infrastructure to run a lightweight PRISM Node on their servers.

It would be reasonable to expect that, after a few months, multiple independent PRISM Nodes (3-5) will be set up. The specific numbers are difficult to estimate as they largely depend on the general adoption of the PRISM identity solution.

How do you intend to measure the success of your project?

The Node will be freely available for community use: We'll be providing the node in an open and accessible format that allows any member of the community to download and run it independently. This offers the chance for more widespread usage and the technology. The adoption of the Node and the creation of additional service-offerings can be measured, either in the interaction with the GitHub repository as well as on chain, as different nodes leave their own fingerprint (through the staking-address) on the chain when writing transactions.

Opportunity for extension and innovation: Other developers and technology enthusiasts are welcome to take our Node, enhance it, and integrate additional protocols on top of it. This opens a myriad of possibilities for future use-cases and extensions. The accessibility and openness of our node allows for ongoing growth and innovation, paving the way for fresh ideas and solutions that we may not have envisioned yet.

Please describe your plans to share the outputs and results of your project?

Blocktrust will keep the Cardano community informed about our progress by providing updates as we achieve each of our milestones, typically on a monthly basis. We'll be communicating through Catalyst progress reports, our dedicated Discord channel (<https://discord.gg/6UXrUY2HUk>), and videos showcasing the latest features of our product.

Occasionally, we may interact with the community in real-time during the Catalyst After Town Hall sessions. These sessions will give us an opportunity to show our progress and collect immediate feedback. We already did that several times in the past.

When it comes to releases, updates can of course found on our GitHub (<https://github.com/bsandmann>) as well on a dedicated website for this proposal under https://blocktrust.dev and our blog.

What is your capability to deliver your project with high levels of trust and accountability?

Blocktrust has been an active participant in the Cardano ecosystem since early 2022, developing SSI solutions using Atala PRISM from the start. Over the last year and a half, we have been building projects and libraries based on PRISM. Many of these are open-source and all of them provide value. Some notable ones include:

• Identity Wallet for the Browser (<https://blocktrust.dev/identitywallet>)
• Analytics Platform (<https://analytics.blocktrust.dev>)
• Credential Builder (<https://credentialbuilder.blocktrust.dev>)
• DIDComm Mediator (<https://mediator.blocktrust.dev>)
• Plus a collection of open-source libraries for use with PRISM, which can be found here (<https://github.com/bsandmann>)

Several of these projects, such as the wallet and the analytics platform, have been funded via Catalyst and are either nearing completion or awaiting the close-out report. Other projects have been completed due to ongoing interest in the ecosystem.

Looking at our reports or our blog, you'll see we're constantly sharing videos, posts, new projects, and code. We plan not only to continue doing that, but even to scale up our effort by hiring at least one additional developer.

What are the main goals for the project and how will you validate if your approach is feasible?

• The main goal is to provide an open-source implementation of the PRISM Node.
• This all should lead to more active users of Atala PRISM and its ecosystem
• And lastly this could lead to grow of Cardano as the whole, since SSI enables many new use-cases, which haven’t been possible before.

The validation of our approach will be gauged through feedback from the community and other projects hosting their own node and offering services on top of that.

Please provide a detailed breakdown of your project’s milestones and each of the main tasks or activities to reach the milestone plus the expected timeline for the delivery.

Milestone 1: Analyze learnings from prototype, architecture of new node, project setup (1 month)

Planned Finishes: 2023-11-01

Acceptance Criteria: Progress report, defined roadmap, providing links to the repository and project website

Cost: 51,000 ada

Milestone 2-5: Development (4 months)

Planned Finishes: 2023-034-01

Acceptance Criteria: Progress report, different coding milestones according to the roadmap. At the end of milestone 5 a video with a technical walkthrough and a hosted demo-node.

Cost: 204,000 ada

Milestone 7: Development, integration testing, and UI finalization (1 month)

Planned Finishes: 2023-04-01

Acceptance Criteria: Progress report, Report on the integration testing on all existing DIDs

Cost: 51,000 ada

Milestone 8: Finalization and documentation (1 month)

Planned Finishes: 2023-05-01

Acceptance Criteria: Progress report, Bug fixing and documentation

Cost: 51,000 ada

Please describe the deliverables, outputs and intended outcomes of each milestone.

Milestone 1: Analyze learnings from prototype, architecture of new node, project setup (1 month)

• Project setup
• Analyzing the shortcomings and performance metrics of our current implementation. Plan for rewrite.
• Local setup of Cardano node and dbsync for all current networks. Evaluation and comparison of blockfrost.io, txpipe Oura and other solutions to stream new block to the node. Evaluation of rollback handling.

Milestone 2: Transaction ingestion (1 month)

• Basic implementation of the DID PRISM specification
• Developing a method of parsing blocks and transactions data
• Ingestion and classification of Atala operations

Milestone 3: Transaction Parsing (1 month)

• Parsing the different DID PRISM operations (Create DID, Update DID, Deactivate DID)
• Writing the DID PRISM operation into a database (MS SQL / PostgreSQL)
• Providing additional metadata to the PRISM transactions (Cardano addresses, staking addresses, payment information, etc.)
• Parsing Protocol-Version-update operations
• Verification of operations

Milestone 4: Endpoint and DID Resolver (1 month)

• Implement the code to correctly resolve DIDs
• Initial testsuite to compare and validate resolve-results
• Adding Http and gRPC endpoints to the node
• Testing rollback handling

Milestone 5: Adding write capabilities (1 month)

• Developing support for different tenants, each to setup and generate private keys
• Implementing a basic wallet inside the node for each tenant to pay for the transactions
• Adding a tenant UI using a Sign-in with DID implementation like PRISM onboard & authenticate

Milestone 6: Initial syncing and test run (1 month)

• Provide software to run through the initial syncing procedure for the node (read all operations from the past and process them)
• Integrate all streaming providers with decided on based on our roadmap (e.g. blockfrost, TxPipe Ouros, etc.)
• Testing of the currently not used (state July 2023) verification and signing algos based on Curve25519/Ed25519

Milestone 7: Development, integration testing, and UI finalization (1 month)

• Continue testing the node in production like setting and comparing results to the PRISM implemenation
• Intrumentalisation of the node
• Reviewing security considerations for the node and implementing safe-guards

Milestone 8: Finalization and documentation (1 month)

• Fixing the last open bugs
• providing documentation for developers, and potential service providers for setup
• providing an easy to use docker images with all tools included to run a PRISM node on Azure / AWS or an custom environment.

Please provide a detailed budget breakdown of the proposed work and resources.

Developer cost breakdown: 50 hr/week with 70 USD = 14,000 USD per month = 112,000 USD

Hosting costs for Milestone 1 to 8 while developing: with 300 USD per month = 2,400 USD

Total: 114,400 USD =<u> 410,000 ADA </u>(~0.28 USD/ADA exchage rate)

Project team: (architecture, design, software development, testing, DevOps, community, project management, documentation):

• Björn Sandmann (Lead developer)
• Ed Eykholt (Development support)
• New Team Member (Development support)

The total workload is estimated at about 50 hrs/week. Divided among three developers, this leaves plenty of room to also push forward other Blocktrust projects, community work, marketing, and the ongoing technical support and maintenance of our digital identity infrastructure.

Who is in the project team and what are their roles?

Björn Sandmann

10+ years of full-stack development with the .net Stack. Focused on identity and privacy solutions. PRISM Pioneer, Atala ASTRO, Plutus Pioneer, already funded proposals. Implemented all technical core functionality of products like the blocktrust analytics platform, the blocktrust mediator and the blocktrust identity wallet. Founder of blocktrust.

LinkedIn: <https://www.linkedin.com/in/codedata/>

Github: <https://github.com/bsandmann>

Ed Eykholt

20+ years of software product and engineering team leadership. C# developer. Focused on blockchain and identity projects and products since 2015. Atala ASTRO. Working on PRISM related project with blocktrust over a year.

LinkedIn: <https://www.linkedin.com/in/edeykholt/>

Github: <https://github.com/edeykholt>

New Team Member

Blocktrust might hire or contract with an experienced full-stack C# developer to augment Ed and Björn's contributions. The project can still be successful without this additional person.

How does the cost of the project represent value for money for the Cardano ecosystem?

Developing a reliable PRISM Node is a relatively complex process. Given our extensive experience in this domain and having already coded an initial version of the Node, it is likely that no one else could accomplish this task more efficiently. We don't need to spend time testing and understanding the specifications and the on-chain transactions; we can directly start with the development process.

The same applies to running a Node. The complexities involved in updating, adapting to underlying Cardano-node and dbSync changes, as well as adjusting to specification changes for the PRISM DID itself, are all challenges we're familiar with. We have proven our ability to manage these hurdles for over a year now.