Orange
  • Reputation in Web3
  • What Orange Does
  • Use Cases
  • Glossary
  • Characteristics
  • Data Diversity
  • Model Versatility
  • Configurable Reporting
  • Self-Sovereignty and Privacy
  • System Design
    • Architecture
    • Model Providers
    • Data Providers
  • Developers
    • Assess Reputation for Your dApp Users
    • How to Start
    • Become a Data Provider
    • Become a Model Provider
    • Issue Reputation NFTs
    • Get Campaign Info using API
  • User Guides
    • Reputation Studio Overview
    • Claim Orange NFTs
  • Case Studies
    • OScore
    • Reputation NFT Based Voting Mechanism
  • Future
    • Decentralized Collaboration Network
    • Secure Computing Paradigm
  • SUPPORT
    • FAQs
Powered by GitBook
On this page
  • Encrypted Data Transmission
  • Verifiable Credentials
  • User Authorization
  • Selective Disclosure
  • Non-custodial

Was this helpful?

Self-Sovereignty and Privacy

VCs and NFTs to represent reputation for later verification

PreviousConfigurable ReportingNextArchitecture

Last updated 3 years ago

Was this helpful?

Encrypted Data Transmission

In the Orange protocol, any data that is fetched from a (DP) is encrypted using an 's (MP) public key. This means the data remains secure as it enters the system and is sent to the MP to be processed.

In the , Orange will integrate zero-knowledge proofs and the private computation technology to enhance its security.

Verifiable Credentials

Verifiable credentials are an integral part of decentralized identity and reputation. They contain and carry any necessary data that needs to be shared between two parties, while also carrying with it any data that is necessary to prove that the contents:

  1. have been verified and signed by a certain issuer

  2. have not been tampered with

This logic is carried out using signature and cryptographic proof verification.

Reputation reports and scores are produced in the form of downloadable credentials. They are directly linked to a user's DID, and a record of the credential's status exists on-chain. That way, any entity within the ecosystem can verify the claims made by the user, and assess their credibility by verifying the party that issued the credential.

User Authorization

To establish the relationship between a subject and any associated data, the Orange protocol uses (DIDs) that link wallet addresses from multiple chains.

Each calculation request MUST carry signature data with it for it to be valid. This ensures no data can be used or associated with a user without their authorization.

A user uses their private key to sign messages when giving authorization for an action

Actions that require user authorization:

  • Sending calculation requests for a wallet address or DID

  • Accessing credential data

Selective Disclosure

Selective disclosure is an inherent property of verifiable credentials and can be implemented fairly easily in a system. This will become beneficial when in the future, Orange issued verifiable credential may contain multiple types of information, while not all fields are necessarily to be shared.

Say you need to prove your credibility in a particular situation, and you have a verifiable credential that was issued by an entity in the network using Orange. For example, 

{
  "iss": "did:ont:AXdmdzbyf3WZKQzRtrNQwAR91ZxMUfhXkt",
  "sub": "{\"data\":{\"provider_did\":\"did:ont:AS1QrBpgiPtPoggSU4YRyYNFBtCRnBMaDU\",\"method\":\"queryXdaysSumWithDefi\",\"data\":\"\"},\"algorithm\":{\"provider_did\":\"did:ont:testap\",\"method\":\"calc30xWithDefi\",\"score\":\"775\"}}",
  "exp": 1634537432,
  "nbf": 1633673433,
  "iat": 1633673433,
  "jti": "urn:uuid:af4599ed-eb8e-43e2-8fd5-1784cfe9c218",
  "vc": {
    "@context": [
      "https://www.w3.org/2018/credentials/v1",
      "https://ontid.ont.io/credentials/v1",
      "context1",
      "context2"
    ],
    "type": [
      "VerifiableCredential",
      "OscoreCredential"
    ],
    "credentialStatus": {
      "id": "4f7f159ac4b9913bb185fdf1895705f61b7d0cc6",
      "type": "AttestContract"
    },
    "proof": {
      "created": "2021-10-08T06:10:33Z",
      "proofPurpose": "assertionMethod"
    }
  }
}

In this case, it's possible that you take the proof from the credential, and the score field to generate a presentation that contains that single field only, while also including details regarding who it's meant for (a particular DID or wallet address) so it can not be tampered and re-used. These actions are recorded on-chain for future verification.

The flexibility that credentials provide, when combined with zero-knowledge proofs, is an important development as far as data interoperability and reputation management in P2P networks is concerned.

Non-custodial

The system doesn't store any data that can be identified and connected to a user, more formally referred to as Personally Identifiable Information (PII). A user may choose to download the result of their calculation as a file, generate a verifiable credential, or mint an NFT, but all of the data remains in their control. Without authorization, it cannot be reused for any other purpose. Thus, a user maintains complete control over how their data is processed and shared.

Refer to the on verifiable credentials and presentations for more details on implementation.

W3C recommendation
future
Data Provider
Model Provider
Decentralized Identifiers