Anonymous derived identities

[ryanpeach]

Let's say you were using this on a public platform to share your ideas. But you wanted anonymity. But you also wanted a subset of your stamps:

• Maybe a public email
• Your bachelors degree (without your name)
• Another private social media page

Some of these things people could probably backward search, but you get the idea, a credential like a bachelors degree they could not, lots of people have the same bachelors.

My idea is to do kinda like 4chan does: Create a hash of the identity, maybe the whole dag or maybe just an id on stampnet. Attach a subset of the stamps to the identity. Give a bot the authority to migrate new stamps to the derivative identity. Servers can know if you are logged into the original identity you have access to the derived identity, but not the other way around. If the server doesn't save your original identity, it wont be known.

Maybe you have a better idea.

What about sybill attacks? I'm glad you asked! A server simply needs to request you log in with your original account, then it can prevent malpractice from derived accounts.

[orthecreedence]

This is a cool idea, and one I've been putting some thought into. It almost falls into the ZKP space, because you need to prove something to someone without them knowing the details of what you're proving. "I'm an existing user" without them knowing which user you are. If you were to hash the original, and use that as the connection, given a set of existing identities it would be fairly trivial to brute force the original identity.

Admittedly, ZKP is an area where I have very little understanding. Not for lack of interest, but because I haven't had the time to properly invest in figuring it out.

Although anonymity is not a core goal of the protocol, I think having some ability to verify yourself with as little release of information as possible would be incredibly useful, so I want to leave this issue up as a means of discussion and gathering information.