Keyoxide
Self-hostable identity proofs with bidirectional linking verification
How do you discover which other online accounts across different services and service providers actually belong to the same person? Keyoxide is a secure, privacy-friendly and decentralized platform to manage online identities, uncompromisingly driven by what the user herself wants to share.
Keyoxide is a new type of service to allow proving linked account ownership on a variety of platforms. Keyoxide levers existing and battle-tested cryptographic primitives. The goal is to give users more control over their online presence, independent from dominant internet actors - without in fact having to depend on any centralised services or third parties. The project will improve the usability of the current Keyoxide, and its emerging underlying technology (Decentralized OpenPGP Identity Proofs). More service providers will be added and additional tools to provide proofs will be developed, to create a smooth and easy onboarding process for less tech-savvy people.
- The project's own website: https://keyoxide.org
Why does this actually matter to end users?
Our identities are scattered across the internet and the web: we have accounts on all kinds of services, from social media to knitting communities, from music websites to video portals, instant messaging services and code hosting. And every time a new service is launched or we join some new community, we run the chance that someone has beaten us to it and has picked up 'our' name. Many of our given names are chosen for traditional reasons, for instance by naming a child after a grandparent or uncle. Other given names happen to be in fashion. And there are just so many family names, meaning that names are not so unique as we need them to be. So how are people to know which Bob Jones, Maria Bernard or Jing Lǐ they are looking at? And with billions of people making up names simultaneously, even fantasy names are not safe. Not to mention that some people take existing names on purpose for malicious reasons ... and all they have to do for people to believe them is to copy a photo and a bit of text.
Keyoxide is a solution to this pressing issue. It functions a bit like a notary, by allowing you to prove in an automated way it is you behind these different accounts and names (only the ones you feel comfortable combining, of course) And you can leave additional secrets there for people to automatically pick up, like for instance a public key to encrypt messages to you or a private messaging channel. That way, people that want to get in touch with you can contact you confidentially without hassle or additional setup for either side.
You can of course run Keyoxide on your own domain, but you can also use a Keyoxide instance you trust - an educational institution, an NGO or a friend. That way there is an independent authoritative source of information about you that people can verify, providing additional resilience against identity theft.
This project was funded through the NGI0 Discovery Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825322.
