# Lonesome No More - a Generative Identity Instance - paper outline > *'Lonesome No More' is the campaign slogan of the protagonist of Kurt Vonnegut's book 'Slapstick' as he runs to become President of the USA. He passes a law which gives every US Citizen a new middle name, comprising a flower name and a number (such as 'Daffodil-8'). In this way, every citizen acquires a set of ~10k brothers and sisters, and 100k cousins (Daffodils with other number suffixes). since these families are assigned at random, these new families cut across all divides.* ##### Last edited June 2023 (significant changes from Jun 2020 version) ## Intent Set out the scope and themes of a paper proposing the mvp for a generative identity scheme in which asserted membership of a variety of groups is the core mechanism for establishing trust in a message provenance address as being controlled by a specific Agent. [TOC] ## Context The next phase of civilisation requires a relocalisation - an emphasis on Agents (mostly humans, but possibly bots, too) as members of several more-or-less well-defined groups, rather than rootless, atomised individuals, only defined by nation-states. However, it must be accepted that reversion to historical group modalities cannot succeed. Capitalism is not the sole driver of atomisation - it has also resulted from people 'voting with their feet' - deliberately relinquishing the prescribed sociality of historical in-groups in order to be able to express themselves more fluidly, with more variety. Far from seeing this fluidity and variety as symptoms of 'social breakdown', this paper is based in the assertion that it is through the increased diversity that they support that civilisation can evolve to the required next stage, where with and through increasingly purposive consciousness, we increasingly take charge of our own evolutionary path (for good or ill). New grouping modalities are required, in order to support this transcendence, which can provide dynamic, productive and rewarding sociality without requiring the sort of permanent and unreasoning/immutable restrictions on choice imposed by public moralities, governments, monotheistic religions, corporations, inherited cultures or abstracted ideologies. These modalities must offer value propositions that will provide a return on investment to Agents in the form of notably improved social experience. The fundamental code of such groupings must include some version of "*I'm here because two conditions are true: I want to be here, and the group hasn't ejected me*". This is the social version of 'continuous consent'. This code requires two types of condition - '***I***' (identity as experienced by a path-dependent conscious continuity - as far as we know, this means being a human) and '***association***' (identity recognised as an inside/outside/across condition - about a membrane - created by and through characterised relationships between a number of 'I's across time). This paper will explore the minimally viable set of Identity requirements for implementation of such a setting. NB: supportive Identity functionality is a neccessary, but not considered a sufficient requirement for the viability of such group modalities in digital contexts - also required (and the subject of parallel needed work) are tools for secure messaging, [endogenous economics](https://creditcommons.net), right governance, [open collaboration](https://gitlab.com/the-sentient-commons/sentient-commons-outline/-/blob/master/README.md) and a new approach to wisdom - aka contextual knowledge - for which [Pattern Language is the best candidate known to this author](https://patternlanguage.institute). ### Digital Identity as Provenance It has not been explicitly stated so far that the context for this work is digital space - not experiential reality. The 'conditions' defined so far - 'I' and 'association' obviously have their origin and whole history as experiential, life-like conditions. Consequently, the structures that 'understand', 'replicate' and 'mediate' these conditions in 'meatspace' are evolved (not designed), whether encoded as DNA or as culture - genes or memes. It seems clear that the conditions around 'I' and 'association' in digital space are not - cannot be - 'experiential' in the ways that genetic and memetic spaces are - where 'I's and 'associations' are lived conditions. Within digital space, these conditions can be modelled, given affordances, embedded, but such efforts are lifeless constructs, only ever meaningful in the context of lived intent, experience and engagement. Further, such intent and engagement translates into digital space essentially as signals - 'messages' of one kind or another. The interface of an 'I' or an 'association' with digital space is always one of digitally mediated messaging - signals emitted and received. It follows, then, that the only concern of identity in the digital space is the 'provenance' of the message - not its content, which is only ever meaningful in the context of lived experience, intent and engagement. 'Digital Identity' is thus a significantly misleading term. The proper term, it is contended here, should be something like 'Digital Provenance': within the digital space, what matters about a message in terms of 'identity' is first and foremost our level of clarity about its origin, or its destination - and this is what we should concentrate upon around identity in digital contexts. The lived meaning of 'identity' lies elsewhere - in the experience of a human, meaningless outside the context of life-like processes. ## Patterning Approach As the domain of Identity - called Digital Provenance hereforward - is a complex and recursive socio-technical one, it is considered appropriate to develop the arguments of this paper as discrete but interlinked 'patterns' (ref [Pattern Language](http://patternlanguage.institute/Pattern_Languages.html)). This approach requires robust analysis of the systemic character of the domain to identify and map those aspects of it which have the character of 'wholes' or 'centres' - loci where recurrent patterns of forces are resolved by some structure to which 'agency' can be attributed. Pattern mapping allows validation and testing of the models proposed through analysis of each node as a relatively bounded system, which may exhibit complication, but is not formally complex. Patterns can be arranged according to '[Hierarchy of Scope](http://patternlanguage.institute/Hierarchy_of_Scope.html)' - so that those of broad scope, which may form the setting for instances of many patterns of narrower scope, can be considered as abstractions across those, and thus allow application of validation techniques without requiring recursion. In this outline context, we will treat the patterns as 'Propositions', In such a model of a system, the patterns-as-agents must be channeling energy of some type (or types), and this energy must be transmitted via some medium. Transmitted energy can manifest as force, and one way of seeing patterns is as settings within which disparate forces may brought into a generative relationship (for example, an eddy is a pattern which brings disturbed fluid dynamics into coherence downstream of an obstruction - the resulting recurrent condition is at once a self-optimising resolution of the forces in play and a self-sustaining system). It is admitted, from the start, that the 'pattern' structure of this text is inconsistent. Pattern writing is hard. ## Propositions Here we outline some Propositions which could structure the argument of the paper. 1. The principal energy for the domain of Digital Provenance is the deep human need for social validation (premise: humans need other humans to survive: validation is the emotion that signifies security as regards this need - ref Maslow). This need now extends broadly across and through digital space, whether we like it or not. [Evolved human emotion pathways are immediately and directly engaged as we interact with digital tools](https://www.psychologytoday.com/us/blog/vitality/201205/facebook-and-your-brain). 2. The principal carrier waves for Digital Provenance validation are no longer fit for purpose - being variously seen as sub-optimal, systems of oppression and/or alientation, technically superseded, and at worst systemic drivers towards civilisational extinction. 3. A cryptographic digital message provenance protocol can perhaps be a carrier wave, but needs to clearly be designed in the context of Generative Identity. 4. In order for a Digital Provenance protocol to support Generative Identity, it must give the condition of 'association' first-class, protocol-primitive status. 5. For a Digital Provenance protocol to underpin settings which are both viable and attractive, it must not be the case that making zero 'association' claims (voluntarily atomising) denies basic access to the setting. 6. A base layer framework for such an identity system (called genr.id from now on) could consist of: 1. A free, anonymous instantion tool is available to Agents. This tool generates new cryptographic keys which uniquely give access to a Digital Provenance primitive - a Self Sovereign Provenance (SSP), in effect - all but useless, by itself. 3. Each SSP is automatically associated with a randomly assigned 'clade' (following Neal Stephenson's usage of the term in '[Snow Crash](https://en.wikipedia.org/wiki/Snow_Crash)'). Genr.id clade names are generated such that there are appropriate numbers for the population addressed (ideally, this is a global system - 32 species x 32 colours would give 1024 'families' of appx 10m people each. In a smaller initial population, colours would be ignored). Thus base Provenance would be "*ScreenName*∈*Colour*∈*Species*∈*genr.id*" (using the set theory symbol `'∈': is a member of`). 4. Condition 1 implies that any number of signups may be made by an agent. 5. The SSP is unique, but the overt address could be a duplicate. This is a feature, not a bug. There are many Alices, and if they want to be called Alice, then that must be OK. No name squatting, no need for *Alice#4389*. Anonymising nicknames are fine, of course. 6. This 'unassociated' SSP is only really useful for servicesand groups permitting anonymous signup, and for validation as a clade member ( this requires something like physical co-presence with other clade members who verify their identities). Clades are the vehicle for distribution of basic welfare ([such as any UBI equivalent](https://en.wikipedia.org/wiki/Social_credit)). Such Associations can be created in 'meatspace' - this is an important mode, but beyond the scope of this paper. 7. Individuals can, if they wish, associate KYC type information (issued by bodies outside genr.id) - through some zero knowledge proof protocol. 11. All messages in genr.id must have a (non spoofable) originator identified by: "*screen name*∈*groupname*∈*genr.id*". If an entity has no second order groups (see next item), their messages can only come from the base ID: "*ScreenName*∈*Colour*∈*Species*∈*genr.id*". Note that "∈*genr.id*" will normally not be used - it is the context for everything here. *(NB: at this point, this draft makes a big mistake, I think - it begins to directly associate 'messaging' with 'provenance' - the genr.id protocol needs to be distinct from a messaging protocol, so that it can be used by many messaging protocols... what was I thinking?)* 6. Entities with base Provenance can agree to form Groupings with opportunity costs only (in other words their own time). Any base Provenance can propose a Group entity, and make it open to membership by other Agents on any basis whatsoever (from '*open-to-all-comers*' to something horrible like '*verified-ku-klux-klanners*'). There can be no 'should' in genr.id, only 'is'. Such a Group entity has an *Group-name* that is either unique, or unspoofably related to some UUID (*governance issue alert - this is 'out of scope/band' as far as the protocol is concerned*). 1. Validation of Group membership is similarly unconstrained - whatever the Group membership process is, goes (*detail here also out of scope/band*). The protocol will allow only for an admin key associated with the base group ID - it is up to each group to administer this in whatever way they wish. It is assumed that reference implementations at higher stack layers will be developed that offer standard administration and governance models. 1. A Group with less than three members has no capabilities beyond admission of new members. 3. A Group with three or more members can provide a validated Group Provenance "*ScreenName*∈*Group-name*" - but these are only contexts for individual IDs. Groupings are not agents themselves: genr.id is deliberately designed *not* to support corporate personhood. There is no such thing as a message whose author is "*Group-name*∈*genr.id*". Groupings can, of course associate 'roles' with SSPs to allow eg, "*role-name*∈*Group-name*∈*genr.id*". 4. Groupings may have sub-domains - in other words, the protocol is recursive. A message could originate from: "*ScreenName*∈*SubGroup*∈*Group-name*". 5. A Group may elect to be 'private'. In this case members may not message from it. Thus secret groups are possible, but are not considered valid message origins (*NB: this looks too brittle - it may be important to consider more granular permissions, covering who can trace whose memberships and so on*). 13. The Provenance claim of an SSP can be 'generated' - and thus made stronger, more meaningful - by associating the base Provenance with any number of Groupings. Clearly, the more Groupings a Provenance is identified with, and the more reputational weight those Groupings carry, the more trusted/acceptable will the Provenance be in more settings. 15. It will be non trivial to relate base Provenances to the Agents that have created them except through two means - one - explicit assertion by the agent controlling the SSP, or - two - by social graph surveillance. The latter is considered ultimately impossible to prevent, but should be made as computationally and reputationally expensive as practical (*idk what this really means, but the intent is that it should be annoying and culturally frowned on to do detective work to unciover *. 16. PROVENANCE CLAIMS 1. Messages will be sent with a claim as to a specific Provenance as the origin of the message. Additionally, the sender can make claims as to membership of any number of Associations. 2. Recipients must be able to make enquiries which will help them decide for themselves as to the validity of the claim. This will involve: 1. **A digital validation**: checking the Provenance against the signing key - validating the originating SSI (*note: I am not a cryptographer {ianac}, and have probably mangled detail: in functional terms, what is needed is that a recipient can check that the message was originated by an entity which has access to the SSI*). 2. If the SSI has previously been granted 'trusted' status by the Recipient, this may be all that is needed, but in all cases, it must be possibly to proceed to the next stage.. 4. **A social validation**: the Recipient can review any membership claims associated with the message. 1. Ideally, one at least of the membership claims made is for an Association which the Recipient has already identified as 'trusted'. If so, then requesting confirmation of membership from this Association (perhaps status of that membership - possibly metadata, too), may be sufficient. 1. If confidence in Provenance rests on claimed membership of an Association which is not already 'trusted', then a validation of the Association's affiliation claims can also be requested. 18. ASSOCIATIONS 1. A variety of Association types will exist: - Public, civil Associations: these are intentionally, broad, welcoming, open to all. They are designed to provide 'base-layer' Provenance strength; their Membership Agreements will specify adherence to some set of basic social norms. Social network platforms are likely to require membership of one of these . - Claim validation Associations (official and unofficial, public and private) - for qualifications/licenses, age, citizenship, medical conditions and the like. These are where zk/SSID tools will be useful - but rather than individuals assembling all their validations into an aggregated data structure, they will become validated members of a range of Associations. - Community Associations of all kinds (place, interest, expertise, industry, affinity, productive) - Service Associations (platforms) 3. Association will need a minimal viable protocol. 1. This should be designed on the assumption of voluntarist collaboration, but allow for the building of arbitrarily complex superstructures. **The design aim should be for the Association protocol to support this mode of social grouping to offer an alternative to both incorporated orgs and platform apps.** 3. Perhaps this could be achieved through an extensible suite of composable protocols, covering, for instance: 1. Member Agreements 6. Membership claim validation 7. Some RSS-like 'feed' to provide access to information about the Association (must allow for layering - so that different information is accessible to different groups public, members, sub-groups, etc). 8. Membership claim validation needs some detail for our purpose here. This is how an Association becomes useful to its Members. 1. Provenances may assert Membership of Associations to strengthen the confidence of message recipients as to origin. 2. Associations may assert Affiliation with other Associations to increase their provenance value to their Members 3. Associations will make decisions about: 1. Whether/how they respond to enquiries - a range of responses is possible: 1. no response 2. response: 1. 'no confirmation' 4. binary (yes/no) 5. binary plus additional data 6. response to additional requests: 1. 'Is this OK?' questions: '*This message Provenance sent this message; would you like to comment on it in respect of your publisehd Membership Agreement?*' 2. Arbitrary/structured requests - this would allow for Associations to provide rich responses, enabling broad functionality through messaging - distributed apps. ## Exegesis It is intended that the above makes possible the following conditions: - A typical entity - a human - may have many base Provenances - as many as they like. - That these can be wholly distinct. - That for an entity to develop social heft, it will need to link publicly acknowledged Associations together. - That, since all messaging that will carry weight will come from Provenances associated with Associations, both senders and receivers will have regard to the reputations of the group origin, not just the sender ID, many of the weaknesses of the atomised social network world should be mitigated. - That for the purposes of welfare, no entity is excluded from any UBI/ Social Credit type safety net - but must validate a base identity by human co-presence. ## Scenario - Alice can simply type something like this into a terminal: ```genr -n alice <colour> <species>``` - There is no 'uniqueness' check on the name. This is a feature, not a bug. There are many Alices, and if they want to be called Alice, then that must be OK. - Alice gets back her Provenance (SSI): - a key pair, and - ```alice∈<colour>∈<species>∈genr.id``` - Obviously, infrastructure is needed (*where to store the association between the key and the address? pass-phrase? an IPV6 address?*), but this is the basic requirement. - Note that Alice can optionally specify *colour* and/or *species*, if she does not want these to be randomly assigned. The social meaning of these two can only be activated outside digital space. - *Practical note. People wanting to communicate with Alice may well have several friends called Alice. Obviously Alice can use her family name or other identifier in the name of her account, and the colour/species combination offers another identifier mnemonic, but these could be deliberately used by someone wanting to be mistaken for her. Contacts software may need to encourage users to add a descriptor word or two for rapid, confident address selection (AI could help?).* - At this point, the key is unique, but the overt address could be a duplicate. - a message sent with the Provenance at this point will have no Associations, and will be identified as such by any 'responsible' client (*there is a space here for a whole world of intentionally anonymous genr messaging which uses secondary means for provenance claims - probably using 'burner' identities - but that's for others to build; this is intended, and must be built from the outset - as a system for 'normies'*). - Alice will need to build the usefulness - the claim strength - of this Provenance, in one of two ways: - prove her personal control of the Provenance to others through some person-to-person means (Web-of-Trust style). In this way the Provenance approach can be used to build a trusted Provenance without overt association with any public Association. - or, more easily, - build a Generative Identity by becoming a member of one or more Associations - Alice could form an Association, but that takes some effort (*see below*). For now, Alice just wants to be able to send messages, and for people receiving those messages to be able to believe that those messages originate with her. ## Reference Material --- Generative Identity original source material: https://medium.com/@sheldrake/generative-identity-beyond-self-sovereignty-6fb987edcda1 'Slapstick' by Kurt Vonnegut https://en.wikipedia.org/wiki/Slapstick_%28novel%29 https://www.youtube.com/watch?v=wA_hL89wMPo Agreement basics https://gitlab.com/the-sentient-commons/sentient-commons-outline/blob/master/README.md Pattern Language Culture http://patternlanguage.institute/