A First Look at Identity Management Schemes on the Blockchain

The emergence of distributed ledger technology (DLT) based upon a blockchain data structure, has given rise to new approaches to identity management that aim to upend dominant approaches to providing and consuming digital identities. These new approaches to identity management (IdM) propose to enhance decentralisation, transparency and user control in transactions that involve identity information; but, given the historical challenge to design IdM, can these new DLT-based schemes deliver on their lofty goals? We introduce the emerging landscape of DLT-based IdM, and evaluate three representative proposals: uPort; ShoCard; and Sovrin; using the analytic lens of a seminal framework that characterises the nature of successful IdM schemes.

💡 Research Summary

The paper provides a systematic examination of blockchain‑based identity management (IdM) schemes, focusing on three representative projects—uPort, ShoCard, and Sovrin—and evaluates them against the “Laws of Identity,” a widely‑cited framework that defines seven principles for successful digital identity systems. The authors begin by outlining the shortcomings of today’s predominantly centralized IdM models, such as data breaches, loss of privacy, and limited user control. They then describe the perceived benefits of applying distributed ledger technology (DLT) to IdM: decentralization, tamper‑resistance, transparency, inclusiveness, cost savings, and enhanced user control.

To structure the analysis, the paper adopts the seven “laws”: (1) user control and consent, (2) minimal disclosure for a constrained use, (3) justifiable parties, (4) directed identity (public or discreet sharing), (5) design for a pluralism of operators and technology, (6) human integration (usable UX), and (7) consistent experience across contexts. Each of the three schemes is dissected with respect to these criteria.

uPort builds on Ethereum smart contracts. A user’s identity consists of a controller contract (holding the public key) and a proxy contract (the public identifier). Private keys reside only on the user’s mobile device, and a “social recovery” protocol allows a set of trusted trustees to replace a lost key. This design gives users strong control (law 1) but introduces a new attack surface: compromised trustees can collude to hijack an identity. The uPort registry stores only hashes of attribute JSON objects on‑chain, while the full data lives in IPFS. Although the hash hides raw values, the registry itself reveals which identifiers exist and can leak meta‑information, thereby weakening minimal disclosure (law 2) and justifiable parties (law 3). No public directory is offered, so directed identity (law 4) depends on users creating separate identifiers per relying party. The system does not perform any intrinsic identity proofing, leaving the “justifiable parties” principle (law 5) under‑addressed. The QR‑code based UI provides a consistent experience (law 7), yet the lack of user education about immutable, transparent storage undermines human integration (law 6).

ShoCard follows a “centralized trusted identity” model. A trusted authority verifies a user’s real‑world documents (passport, driver’s license) and writes a hash of the verification result to a blockchain. Users present a QR code or NFC token to relying parties. This approach satisfies minimal disclosure (law 2) and justifiable parties (law 3) because only the hash is on‑chain and the authority controls who can read it. However, the presence of a central verifier contradicts the decentralization promise and jeopardizes user control (law 1) if the verifier is compromised or malicious. Attributes remain off‑chain, so interoperability (law 5) and human‑centric design (law 6) are limited. The need for different QR codes per service and a cumbersome re‑issuance process break the consistency of user experience (law 7).

Sovrin implements a permissioned DLT (Hyperledger Indy) governed by “stewards” (banks, universities, governments). Identities are expressed as Decentralized Identifiers (DIDs) that contain a public key and metadata; multiple DIDs can be generated per user for context separation. The ledger records only transaction hashes, while encrypted attribute data resides off‑chain. Because only vetted stewards run consensus nodes, the system enjoys high throughput and low energy consumption, and the “web of trust” model aims to expand trust organically. Sovrin satisfies user control (law 1), pluralism (law 5), and consistent experience (law 7) through mobile agents and wallet software. Nevertheless, steward authority re‑introduces a centralization element that can violate minimal disclosure (law 2) and justifiable parties (law 3) if a steward abuses its privileges. The reliance on off‑chain encrypted storage makes security contingent on external systems, and insufficient user education may cause misunderstandings about the permanence and visibility of DIDs, affecting human integration (law 6).

Across all three schemes, none fully meets every law. uPort excels in decentralization but struggles with privacy leakage and trustee trust; ShoCard offers strong verification but sacrifices decentralization and user autonomy; Sovrin balances efficiency and governance but still depends on trusted stewards. The authors conclude that while blockchain‑based IdM shows promise, current implementations fall short of delivering a complete solution that simultaneously guarantees security, privacy, and a seamless user experience. Future work should explore trust‑less consensus mechanisms, robust off‑chain data protection, and comprehensive user‑centric recovery and education processes to bridge the gap between theoretical benefits and practical deployment.