Blockchain enables a variety of use cases in different sectors of industry. As research thrives, the technology becomes more mature in terms of security, scalability, and privacy. However, options for identifying entities and addresses in Blockchains impede the adoption of many use cases or Smart Contract based applications or systems. Companies are eager to offer Blockchain-based applications or services; however, they want to prove that they are the entity providing a specific application or Smart Contract. Users, who are uncertain about the actual company behind such contracts will likely not further engage with them. Ultimately, due to this hesitation, such applications lack adoption.
Private and consortia-based Blockchains, e.g., Hyperledger}, solve the problem of identity management with a centralized instance. By design, such centralized instances cannot be used with public permissionless Blockchains. Public permissionless Blockchains are designed such that their on-chain identities are pseudonymous, thus any person is able to create an infinite amount of entities on the Blockchain without the possibility to prove a connection with their real-world identity on-chain (entities can prove their ownership of an on-chain identity to a third party by performing a challenge-response. In an on-chain environment, it is unclear which real-world identity is responsible for an address or contract offering a service.
The chair researches utilizing Public Key Infrastructures (PKI) commonly deployed in a Web 2.0 context for Blockchain-based systems. With that, advantages such as the broad availability, usage, and legal infrastructure recognized names are available in Blockchains such as Ethereum.
We utilize TLS-endorsed Smart Contracts in consortia-blockchains.
Consortia blockchain networks face the issue of expanding their systems to new members. These onboarding processes are often cumbersome, as they require identifying the new participant, manually setting up rights, exchanging key material, and adding information about the new member to the consensus smart contract. Besides the high costs and bad scalability of these processes, identifying the members might be faulty as the pre-existing members might be deceived by malicious parties claiming to be someone else. This paper proposes a novel methodology to allow the onboarding of new parties without costly processes. We establish identities of new consortia members by utilizing TLS certificates that are bound to publicly known domain names. With this identity scheme in place, the network operators can define rules such as only parties that can fulfill certain properties are allowed to join the network, e.g., only owners of *.edu domains might become new members. This methodology scales well, allows for extensive ruling and monitoring, and helps consortia blockchains to grow faster.
- Abstract of Paper "Efficient Onboarding and Management of Members in Permissioned blockchain Networks Utilizing TLS Certificates" by Gallersdörfer, Ulrich, Jan-Niklas Strugala, and Florian Matthes, under review.