# Metamask Grant Proposal 1. What is your/the team's legal status and vendor information? i.e. is the company incorporated; who will be receiving the grant money (name, address)? - Identikey Inc, Delaware C-corp; 258 Colgate Ave, Kensington, CA 2. Project Description / Executive Summary - How do we verify information and ensure data integrity without using centralized systems that concentrate power in the hands of corporations and professional data silos? Being able to publish verifiable data online should not rely on any particular authority, but should allow for recognizing relative authority in its design. It should not be stored in a particular corporation’s data center, but should be designed around open protocols that allow optionality with storage provider (including the option to store it yourself), while retaining composability of the data in aggregate. - The proposed root primitive to accomplish these design goals is a signed attestation. Self-made statements can be self-signed; we are each an authority unto ourselves, about our own statements. We can define schemas so that programs can be written that utilize specific kinds of published attestations. We will include the ability to publish encrypted attestations and do fine-grained selective disclosure. By publishing self-attested identity information, and then others referencing those identities, a collaborative, co-owned social graph is created. Reputation networks can arise from these root composable data structures; importantly, it’s not the “one true network”, leaving space for other implementations and for forking off if a protocol vulnerability causes a misinformation takeover. (To be clear, we’re not asking for a grant to create a reputation network protocol, but to create the open source primitives needed to enable the set of open reputation networks.) - Similar to how smart contracts opened up a collaborative design space of possibilities, the universal attestation network proposed here enables a whole new class of applications. This technology is not dependent on a particular blockchain or consensus-based data store, but it is highly compatible with smart contract-based systems. 3. Project Goals If the project succeeds, what goals will it accomplish? Please also include responsibilities from the project team and from the MetaMask team. - Create the foundations for enabling a universal attestation network. - Data integrity - using signed data in the context of social media, provide data provenance and user authenticity to enable a transparent and trustable source of information - Self-sovereign identity framework - implementation and set of open protocols for self-publishing and selectively disclosing identity information. - Use an open data storage system that’s not dependent on a particular blockchain system, and create signed claims of identity and personal data. - Create composable data structures across signed attestations from different users: social graphs, reputation networks. 4. Target Milestones Does the project have one step, or are there intermediate milestones that need to be met? If there are milestones, please list them below. - Encryption/Decryption via a self-owned Keypair. - Construct Attestations and Sign them. - Define starting data schemas, i.e. formats for attested statements that are machine-parsable for different purposes; e.g. a simple statement that is signed; a statement about another attestation; attesting to identity data, etc. - Be able to store encrypted data in a verifiable data vault. Use content-based addressing to allow optionality and mobility across storage providers. - Delegate access to encrypted information via capability tokens. 5. Timeline/Path to Production - Implement encryption/decryption using our preferred cipher (ed25519). Work to utilize a standard Private Key holder (wallet) such as Metamask for this purpose. (1.5 weeks) - Design a standard format for Attestations. Reference and use where appropriate existing formats, including DIDs, UCAN Capability Tokens, Trustgraph data format, IPFS Multi-format encoding, Verifiable Credentials, etc. Optimize for ease of use, readability, forward-compatibility. (2.5 weeks) - Define and choose initial schemas that enable vital functionality. Single signed statement. Be able to reference another statement with a statement. Self-attest to identity information. Make a reputational statement about another key. (2 weeks) - Use content-based addressing storage system (IPFS) to create a data vault system. Define requirements for the open protocol spec: mean retrieval time, erasure encoding, redundancy, etc. (2 weeks) - Implement basic system for selective disclosure of signed, encrypted attestations. (2.5 weeks) - Create homomorphic recryption proxy code and use it for dynamic data access delegation. (6 weeks) - Make reference implementation and interface that uses these technologies for the most vital use cases: publishing identity data; publishing private data according to schema; delegating access to private data; finding contacts by their public identity data and connecting to them; visualizing the resulting open social graph. (5 weeks) 6. About Team Tell us about the team (prior experience, past projects, affiliations, or education for each team member) - Duke Jones: This idea’s first form was in 2011, when I bought [truthkeeper.org](http://truthkeeper.org) (I let it go, it’s not a good name) and set out to fix sensemaking. Turns out finding out what’s real and what’s not is pretty hard, especially when there are incentives to promulgate false narratives. I’ve been refining an architecture for a multi-perspectival peer-to-peer reputation and sensemaking platform since then. This design for an attestation network is the base enabling technology to allow a demonstrably neutral system for collective sensemaking to be built in the open. - Zachary Larson: With a deep epistemological outlook and an intention to create open systems that enable self-sovereignty online, Zachary has engaged Duke to collaborate on building, designing, spec’ing, and socializing an open source implementation of a universal attestation network that is blockchain-agnostic and enables greater freedom online. - Tigran Avakyan (Part-time): Tigran is a Rust engineer with extensive experience with cryptography and blockchain engineering, including recent work on an L1 and also an L2 blockchain solution. 7. Team Size & Funding Status Full team stack of those involved in this project and capital/grant raise history, if applicable. Please indicate N/A for the second part of this question if this will be your first grant. - Duke, Zachary, and other part-time engineering contributors including Tigran Avakyan for Rust-based backend services, and work with contractors as needed for front-end web design etc. 8. Funding Request Please list the total funding being requested (denominated in USD, numbers only). You will be asked for a breakdown of how these funds will be allocated in the next question. - $150,000 9. Budget Breakdown Please include a breakdown of how these funds will be allocated. - 98% of funds will go to software development cost. - Cost for cloud hosting, including IPFS service and/or implementing an object store to do initial deployment and infrastructure, is a relatively small amount, around 2% of the proposed budget. 10. What specific software license does the grantee intend to publish under? - Dual License Apache 2 / MIT; but if some of the encryption libraries are GPL’d we might have to do GPL for some of it; still looking for permissively licensed proxy-re-encryption libs. 11. What is your/the team's legal status and vendor information? i.e. is the company incorporated; who will be receiving the grant money (name, address)? - Identikey Inc, Delaware C-Corp, 12. Does the team agree to open source all code produced as a result of a successful grant application? Note that all grant applications will be immediately rejected if "No" is answered here. - Yes 13. Other Information/Relevant Links/Supporting Documents Anything else you'd like to include to help the review process? 14. Have you been referred to apply by a MetaMask team member/worked with us in the past? Please feel free to share your experience