Pillar is generally associated with the variety of other wallet applications available, however, it’s often overlooked that the project aims to achieve much more. Originally coined the ‘personal data locker’ by Pillar Project Chairman, David Siegel, our core goal is to develop a personal data management platform allowing users to easily control what, when and with who their personal information is shared. Pillar anticipates that the emergence of self-sovereign identity solutions will also have a dramatic impact on consumer market behavior and reshape how users interact with brands, stores and service providers. The Pillar Project aims to design and develop one of the most intuitive platforms to contextually manage your identity and transact with the new services of the emerging web3 digital economy.
Before getting started, if you’re unfamiliar with the project or what is planned in the coming months, please check out the ‘The Pillar Wallet — Current State and Vision for 2019’ article that I published earlier this year. There are many features and enhanced functionality planned, but the following lay the core foundation for the evolution of Pillar beyond a simple wallet.
At present, all Pillar wallets are key-based. This means that all assets are stored in a private key with the user as the sole owner. This is great from a control standpoint as no third party has access to your account, but it also comes with some serious security implications. If you lose your device or key (and your back up phrase is not written down/stored properly), your assets are lost with no option for recovery.
A good analogy is a pre-paid debit card. If the card is misplaced or lost, there is no mechanism for recovery of the pre-loaded funds.
The Pillar team and its partners are currently implementing smart contract accounts for our wallet users. Pillar will provide users with smart contracts to store their assets and an intuitive key management system that allows users to manage access. It anticipates that users will have tens, if not hundreds, of app-specific and/or persona designated access keys with varying permissions. These keys will be managed independently by each user, providing easy control over how personal information is shared and funds are exchanged with contacts, dapps and other services. Open application sessions will be shown directly in wallet with the ability to revoke access at any time. This functionality also provides users with a way to manage keys from other blockchains setting the stage for cross chain support.
Different keys for different uses is a design pattern that will enable greater security, privacy and an overall better user experience.
Smart contracts provide our wallet users with the ability to enable multi-signature access, set spending limits, restrict access by persona/key, and more. They also provide a secure way to enable account recovery. Users will be able to assign recovery agents (wallet contacts, hardware wallets, third-party providers, etc.) to assist in the case of a lost device while assets remain safe and secure.
While existing users will need to upgrade their accounts and migrate funds to utilize the new Smart Wallet, as a result of the recent Constantinople hard fork and the inclusion of CREATE2, future Pillar users will start natively with Smart Wallet accounts. CREATE2 allows developers to reserve smart contract addresses before they are actually deployed on chain. The addresses interact with the blockchain through a secondary relayer network that is incentivized to post signed meta-transactions on-chain. Users will be able to create a wallet and manage crypto assets with a similar user experience to familiar web2 applications. No need to worry about mnemonic phrases, private keys or other confusing cryptographic concepts before understanding wallet functionality or its value.
On-chain smart contract deployment can be delayed until users accrue enough value in their wallet, understand the risks involved in private key management and have set up their account accordingly (security parameters, recovery agents, etc).
Each Smart Wallet will also be able to create separate, independent personas to manage social contacts, related chats and personal information. Users can organize these personas however they see fit (i.e. Friends, Family, Coworkers, etc.) providing for contextualized identity. Each persona will be represented by a distinct address (and associated key pair), specified permissions, security settings and social contacts.
This is analogous to a bank account where funds are stored in the account and different debit cards are issued for each associated user. Access permissions can be independently set and in the case a card is lost, access can be revoked and a new card can be re-issued. Personas would be equivalent to the name or label of each card with each card number equivalent to a different address and related key pair.
Beyond social connections and transaction management, users also need the ability to make claims against their real world identity and associated credentials. They need to store and transmit verifiable claims for a variety of use cases including education, financial records, location, accomplishments and more. In order to enable this, Pillar is adopting the W3C DID specification which defines the concept of Decentralized Identifiers or DIDs as “a new type of identifier for verifiable, ‘self-sovereign’ digital identity.” The decentralized applications of the emerging web3 economy will authorize access based on a user’s verifiable credentials.
“Credentials are a part of our daily lives; driver’s licenses are used to assert that we are capable of operating a motor vehicle, university degrees can be used to assert our level of education, and government-issued passports enable us to travel between countries. This specification provides a mechanism to express these sorts of credentials on the Web in a way that is cryptographically secure, privacy respecting, and machine-verifiable.” — W3C Verifiable Claims Working Group
More specifically, DIDs are URLs or addresses that point to DID documents describing how to make use of that particular identifier with a focus on three major aspects: purpose, verification method(s) and service endpoints. Using this information, a user is able to verify a real world credential by authenticating a proof via public key signature.
Digital signatures increase the tamper-resistance and overall trust of physical claims.
However, as digital claims become easier to verify and more common, it is important to reduce data correlation in order to maintain user privacy. As such, Pillar will adopt zero-knowledge proofs and privacy-enhancing protocols like Aztec to directly address these concerns. This approach will allow for the verification of personal details (over 18?) without directly sharing specific information (actual birthdate).
With the integration of a decentralized, off-chain storage solution, users will be able to verify specific claims and credentials in real time. Combined with personas, this functionality will provide the utmost flexibility in organizing and sharing information allowing for both contextualized identity, as well as efficient management of real world verified identity claims.
The Pillar team has already developed a working smart contract account prototype and anticipates the release of this feature shortly. Personas, off chain storage and DID document / verifiable claims support will quickly follow. Altogether, this functionality sets the stage for the evolution of the Pillar platform beyond a simple cryptocurrency and token wallet. The combination of smart contracts, multiple persona support, decentralized storage and verifiable claims work together to empower easy, secure management of funds and personal information.
Please click here to read Part II of the “Understanding PLR Utility” article series.
Follow our Medium publication and stay tuned in the coming days as we unveil Part III of the ‘Understanding PLR Utility’ article series outlining the future of the Pillar platform.