Research Summary: Self-Sovereign, Decentralized Identity with CanDID and Chainlink Oracles


Can we agree upon a universal, secure and decentralized credential and identity system that preserves privacy? The authors of this paper claim that CanDID, a decentralized identity platform which will utilize Chainlink’s suite of oracle technologies such as Town Crier and DECO, can accomplish this in a user-friendly way that draws upon data from existing sources without server-side modifications. The authors emphasize that the CanDID platform has legacy compatibility, sybil-resistance, accountability and key recovery.


Maram, D., Malvai, H., Zhang, F., Jean-Louis, N., Frolov, A., Kell, T., Lobban, T., Moy, C., Juels, A. and Miller, A., 2020. CanDID: Can-Do Decentralized Identity with Legacy Compatibility, Sybil-Resistance, and Accountability. IACR Cryptol. ePrint Arch., 2020, p.934.



Can a universally accepted, privacy-preserving and secure self-sovereign decentralized identity system for Internet transactions be developed?

KEY TERMS (marked with [⬡])

Chainlink 2.0 Whitepaper: A roadmap describing the future development of Chainlink Decentralized Oracle Networks by adding support for secure off-chain computation in addition to existing data delivery capabilities.

Decentralized Identifiers (DIDs): “Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID refers to any subject (e.g., a person, organization, thing, data model, abstract entity, etc.) as determined by the controller of the DID. In contrast to typical, federated identifiers, DIDs have been designed so that they may be decoupled from centralized registries, identity providers, and certificate authorities.” (from

DECO: Decentralized oracle for proving facts about HTTPS/TLS web sessions which uses privacy preserving zero-knowledge proofs. Currently being developed further by Chainlink Labs.

Multi-Party Computation (MPC): In cryptography, multi-party computation refers to a suite of methods that allow for multiple users to compute a function privately and securely

Zero Knowledge Proofs (ZKPs): Zero knowledge proofs allow a Prover to verify private information to a Verifier without the Prover exposing that private information to the verifier.


Providing a set of standardized credentials for online transactions ranging from social media account use to voter registration has proved challenging due to skepticism about “big tech” handling something as important as an individual’s identity. This has sparked interested in so called “self-sovereign”, decentralized identity systems that allow users to gather and manage their own credentials through “decentralized identifiers” (DIDs) [⬡]. This has the potential to benefit users through allowing for more control over private keys associated with DIDs and to limit the liability of companies who would not have to hold sensitive user data.

The main function of CanDID would be to provide the ability for users to provide personal credentials from a user’s device for a website. In theory, the use cases are almost unlimited in scope and can include: verification of educational credentials, voter registration, KYC for banking and so on.
The authors argue that current decentralized identity schemes fail to address four main usability and technical goals that CanDID addresses. These include:

The authors argue that current decentralized identity schemes fail to address four main usability and technical goals that CanDID addresses. These include:

  • Legacy compatibility - ability to use existing user data for decentralized identity without server-side modifications.
  • Sybil-resistance - resistance against deduplication of user identity.
  • Accountability - ability to conceal users’ real-world identities and achieve compliance with regulations such as Know-Your-Customer (KYC).
  • Key recovery - users manage private keys and can easily lose them.

CanDID addresses each of these issues.

CanDID Architecture

Fig 1 Overview of CanDID architecture. Source.

CanDID consists of two subsystems: (1) an identity system for issuing and managing credentials and; (2) a key recovery system. The identity system uses an oracle to port data from existing social media and other websites. An oracle system such as Town Crier or DECO [⬡] which is currently being developed further by Chainlink Labs, would be used for this purpose. Using a decentralized committee of nodes, CanDID provides strong confidentiality for user keys, real-world identities, and data, while preventing users from spawning multiple identities and allows identification of sanctioned users.

Fig 2. Identity System overview through the lifecycle of a credential. Green indicates Sybil-resistant credentials, the final state. Source.

Selective credential privacy

CadDID allows users to create credentials that use zero knowledge arguments (⬡) to reveal as little information as possible to entities which they would like to verify their credential to. A unique feature of CanDID is the ability to create these so-called “pairwise credentials” which are unique credentials generated for validation for different applications. As a result, facts can be proven about a user’s identity without revealing the underlying information to a verifier.

Sybil resistance

CanDID deduplicates identities, ensuring that the identity used through CanDID is not a copy of an identity but is one that is unique to the user. This ensures that a single user cannot create multiple identities and that “blacklists” can be consistently maintained across multiple platforms.

Key recovery system

Fig 3. Overview of the CanDID key recovery system. Source.

CanDID has a key recovery system that allows users to manage currently existing authentication schemes, like passwords, to recover their private keys. This allows users to leverage their existing online accounts for recovery of lost keys.

Oracle based infrastructure

CanDID will use DECO and Town Crier [⬡] oracle technologies currently being developed by Chainlink Labs, which are discussed in the Chainlink 2.0 white paper. These were chosen because they are the only oracle protocols which provide strong privacy for user data and are simultaneously legacy compatible with existing unmodified web servers via Multi-Party Computation [⬡] and zero-knowledge proofs [⬡] to prove a predicate is satisfied in a private and integrity-preserving manner.

CanDID Use Case Examples

Some examples of use cases include:

  • Social Security number validation: generate a CanDID credential from the profile page of a Social Security Administration account to validate a SSN.
  • Provide proof of voter registration: generate a CanDID credential from a voter registration database to provide proof of voter registration.
  • Provide proof of identity for financial KYC: generate a CanDID credential from your local DMV to provide Know-Your-Customer validation for financial transactions.
  • Verify identity for social media platforms: in the future, social media platforms may require a unique identifier to ensure that someone is not “blacklisted” from a single, or even multiple, platforms. A CanDID credential can easily be created for use on social media platforms for this purpose.


CanDID is clearly poised to become an incredibly powerful identity tool which has an almost limitless number of use cases. It is private, secure and has the potential to make identity verification easy and seamless for the user and for parties requesting identification credentials. That being said, limitations include improving the ability of multiple platforms and governments to be able to blacklist individuals and increase censorship. This will be discussed in a subsequent ethics piece on CanDID and decentralized identity describing the good, the bad and the ugly of these incredibly powerful technologies.


Thank you for the beautiful summary. Privacy and security are some of the biggest challenges faced on internet platforms and in transactions done on the internet. The protection of a user’s identity is one that most platforms ultimately aim to achieve. The authors propose CanDID, a decentralized platform that promises to give users control over the management of their own credentials. I find it particularly interesting that it promotes accountability amongst the other capabilities of CanDID. CanDID can enforce accountability in a privacy-preserving manner by not revealing the users’ real-world identity to the person requesting and also ensuring compliance with regulatory requirements. Also, CanDID works towards preserving users’ credentials by using zero-knowledge arguments to reveal as little information as possible to the confirming entities. The paper acknowledges that supporting the revocation of real-world identities is a significant challenge faced in the design of CanDID due to the identification of deviant users by attributes and not unique identifiers. Also, according to the paper, an adversary can only glean information that a user explicitly states in their credential and not more than that. The ability of an adversary to glean information makes me wonder how CanDID fulfills the properties of untraceability. Also, what are the possibilities that a user can use their credentials through a third-party application utilized on an adversaries platform; ie. third-party scripts?