Wohoo!!! ADR-001 has been released!!

An Architecture Decision Record (ADR) documents the choices our engineers made while building our software and product. This blog post will summarize ADR-001 and explain it in a more digestible format than the full version.

Your drivers license for the internet

We are rebuilding the internet so that you, a user of the internet, will have full control over your digital identity and all the data you generate from your online interactions. ADR-001 describes how this digital identity, or ‘drivers license’ is architected, including how one goes about registering or modifying it.

On the Sonr internet, you will use this drivers license to sign into applications and to to grant applications access to your data (ex. for populating a form or creating a profile). So instead of handing over your data and giving the platform ownership over it, your drivers license enables you to own your data and bring it with you from application to application. Through this drivers license, you are able to grant applications access to utilizing it, but not owning it.

Registering Your Sonr Domain

Given that our mission is to put the power in the hands of the users, we have designed the drivers license (ADR-001) with sovereignty in mind. We are utilizing decentralized identifiers (DIDs) so that your driver's license can be issued and verified without relying on a third party, but more on DIDs later. Now onto the user’s journey.

How to register your driver's license

Step 1: Choose your domain

  • We have built-in the step of choosing an alias into the process of registering the DID itself. Kind of like if the first step in setting up an Ethereum wallet was asking you to choose an ENS domain
  • Your domains is structured as an alias suffixed with “.snr” (ex. yourname.snr)
  • Your domain is one of the ways that other people in the network can discover you and exchange information or transact with you (kind of like a username or email address)

Step 2: Complete Verification

  • After you input an available Sonr domain name, you will be prompted to provide a credential that can be used to verify yourself in the future
  • The verification mechanism used in our DIDs is called WebAuthn, a FIDO specification for authentication that works by using your device’s built-in biometric authenticator system such as Apple’s TouchID or a FaceID

Step 3: Drivers license is issued

  • One you complete the WebAuthn verification, your driver's license will be created!
  • At that time, it will only contain information relating to the device you used to register it such as the credential key for that device and it’s corresponding public key
  • Now that your drivers license is created, you will be able to it to seamlessly access any applications on the Sonr network! No more passwords, just your biometrics!

Where does the driver’s license information get stored?

When you are issued a DID (drivers license), a public key and a corresponding private key are created. The public key is stored on the device you’re using to register the account (iPhone, laptop, Tablet, etc.) in a DID Document. This document displays which devices are associated with your account and allows you to make any changes to your DID such as adding devices to your domain, purchasing additional domains, etc. While the public keys are stored in this DID document, the matching private key is stored cryptographically on the Sonr blockchain network.

Whenever you want to access an application, you will need to present both keys - the application or service will look at the public key you are presenting and will search through its registry to see if it has a matching private key. When both keys match, you are granted access!

Why Does Sonr use decentralized identifiers?

DIDs enable users to have full control over the data they share. When you use centralized identifiers like email addresses, facebook accounts, or phone numbers, those identifiers are given to you by an intermediary. These intermediaries have full access to the data you create through digital interactions and are able to use that data without your consent for targeted marketing, search engine optimization, or selling it to third-parties.

With DIDs there is no central authority, they are issued and verified in a completely decentralized fashion. Our system exists only to register you with a DID that corresponds to your domain and then connects your domain to the public blockchain. After registration, all your digital interactions are encrypted and stored on the blockchain, making your data virtually inaccessible to bad actors.

DIDs are the first step in giving users control over their digital identity and are an integral component of how we at Sonr are rebuilding the internet for you!

Further Reading

If you’d like to know more about ADR-001, Decentralized Identifiers here are some links for further explanation!

ADR-001: https://docs.sonr.io/posts/architecture/adr-001

Decentralized Identifiers: https://www.w3.org/TR/did-core/#did-url-syntax