Implement identity management and policies
Blockchain identity systems manage digital identities, authentication, and authorization in decentralized networks.
Verify identity using cryptographic proofs
Control access to resources and operations
Link actions to specific identities
Different blockchain networks implement various identity models based on their requirements.
| Model | Description | Examples | Use Cases |
|---|---|---|---|
| Pseudonymous | Address-based identities without real-world links | Bitcoin, Ethereum | Public cryptocurrencies |
| Permissioned | Known identities with certificates | Hyperledger Fabric | Enterprise networks |
| Self-Sovereign | User-controlled identity without intermediaries | Sovrin, uPort | Digital identity platforms |
| Federated | Identity providers manage user identities | OAuth, SAML integration | Enterprise SSO |
SSI gives individuals control over their digital identities without relying on centralized authorities.
Blockchain networks implement various access control mechanisms to manage permissions and resources.
contract AccessControl {
mapping(bytes32 => mapping(address => bool)) roles;
bytes32 public constant ADMIN_ROLE = keccak256("ADMIN");
bytes32 public constant USER_ROLE = keccak256("USER");
modifier onlyRole(bytes32 role) {
require(hasRole(role, msg.sender), "Access denied");
_;
}
function grantRole(bytes32 role, address account)
external onlyRole(ADMIN_ROLE) {
roles[role][account] = true;
}
function hasRole(bytes32 role, address account)
public view returns (bool) {
return roles[role][account];
}
}
Organizations:
- &Org1
Name: Org1MSP
ID: Org1MSP
MSPDir: crypto-config/peerOrganizations/org1.example.com/msp
Policies:
Readers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Writers:
Type: Signature
Rule: "OR('Org1MSP.member')"
Admins:
Type: Signature
Rule: "OR('Org1MSP.admin')"
Advanced cryptographic techniques enable identity verification without revealing sensitive information.
Certificate Hierarchy: Root CA → Intermediate CAs → MSP (trusted CAs) → defines cert & revocation policies
Identity Management: Identities for Clients, Peers, Orderers → Channel MSP governs which orgs can transact and endorse
Key Functions: The MSP validates certificates, manages organizational membership, enforces access policies, and maintains certificate revocation lists to ensure only authorized participants can interact with the blockchain network.
MSP (Membership Service Provider) is the identity manager of Hyperledger Fabric. It ensures every action on the blockchain (transactions, endorsements, ordering) is tied to a verified, permissioned identity. MSP is the trust root of a Fabric network.
Successful blockchain identity systems follow established security and privacy principles.
Next, we'll explore Transaction Validation Lifecycle in blockchain networks.