Want to help me upgrade digital identity?

Usernames and passwords are ancient. 2FA is ancient. Passkeys are better, but you can't safely share or delegate them. There is a better way...

Feb 01, 2025

A futuristic digital identity concept featuring a holographic ID card floating above a person's hand. The ID card displays biometric data such as a fingerprint scan, facial recognition, and cryptographic keys. The background showcases a high-tech, cyber-secure environment with digital circuits and blockchain elements, symbolizing next-generation identity verification.

I’ve been spending a lot of time in the background thinking about how to advance digital identity so that your identity can’t be shut down by the government, by Google, your money can’t be locked up (like what happened to my Coinbase account), and to make it easier and safer for people to authenticate, authorize transactions, and assert claims (such as proof of a minimum age), as well as give people unprecedented control over their identity such as being able to share passkeys yet limit how they are used.

To sign up with this system, all you need is to pick an alias which is the only thing you have to remember. No password, no master password, no PIN, no email, no phone number, no 24 word seed phrase you have to securely store, etc. We basically do not know who you are (and we don’t want to know). If you lose all your devices, you don’t have to remember anything to get your identity back.

I have a design that I’m liking a lot and want to collaborate with an experienced Applied Cryptography Engineer or Cloud Security Architect on getting feedback on the idea and potentially joining a startup to help architect and implement it.

Right now my focus is making sure we have the right architecture.

The ideal person would be familiar with concepts such as:

HSMs (we’d have to create a custom software HSM)
Key induction ceremony
KDFs
Curve25519 asymmetric encryption
ECDH
EdDSA
ECDSA
Solana
MPC protocols
FROST
WebAuthn
EU Digital wallet
WalletConnect
Self-sovereign identity
ZKP

and you think the world would be a better place if we eliminated shared secrets, then we’d likely have a nice chat.

If you are interested and qualified,
drop me a note here
and tell me a bit about your experience and background and I’ll reach out to you.

Now back to our regularly scheduled programming…. :)

Volker Birk

Feb 1Edited

Hi, Steve

Actually, I'm a person matching to your requirements. But I'm not applying for a job. If you want to we can discuss your idea. I don't want payment for it.

You can expect me to try to explain to you why:

- HSMs are a bad idea per se

- “software HSM” is likely another word for crypto container

- the EU digital wallet fortunately is expected to fail, if not then we're in trouble in the EU, because it is the same project, which introduces the CBDC

In case you're interested to get critics just reach out: vb@dingens.org.

BTW, the problem is solved how to authenticate with a self-induced digital signature. We have a working solution for this problem. However, the solution is based on privacy ideas, which are quite unwanted by the people in power.

Yours

VB.

Software Architect

Expand full comment

1 reply

Liz

Feb 1

Digital currency = death. Cash backed by precious metals is the only way to go if we want to still have a country and not be controlled by our digital overlords behind the curtain. Steve, I support what you are doing on the vax issue, but I have to draw the line here...I'm surprised you are promoting this.

14 replies

117 more comments...

Steve Kirsch's newsletter

Discussion about this post