STC-DPKI

The decentralized authentication model based on the blockchain structure and compatible with traditional PKI digital identity standards solves the problem of traditional PKI single-point failures and vulnerabilities, and manages the life cycle of digital certificates through smart contracts, including the storage, revocation, and verification of certificate VC information, etc. Operation, and through the verifiable registry structure to replace the traditional certificate chain and trust chain verification, it solves the mutual trust problem of CA and improves the verification efficiency.

more: https://docs.google.com/presentation/d/1ew-AeCWaafybc2FOjgwCq1mqErAqyWqxlNECedLrTuc/edit?usp=sharing

The stc-dpki system is mainly composed of Dpki services, storage engines, smart contracts, and dpki-sdk components. The stc-dpki system takes multiple Dpki service nodes as the main blockchain nodes to form a decentralized network. The details are as follows:

1.DPKI service (core service in DPKI architecture) Anyone can run a DPKI service, which carries the core of decentralized public key infrastructure, provides a decentralized authentication model based on blockchain structure that is compatible with traditional PKI digital identity standards, receives information from identity entities and issues ID cards, encapsulates certificates as VC information in smart contracts, and stores certificate public key information in IPFS.

2.Storage engine (identity metadata encrypted storage engine) The Stc-dpki storage engine supports storage through Filecoin's web3.storege and IPFS services. It mainly stores the public key information of encrypted identity entities, reduces gas costs by reducing the volume of on-chain information, and has better confidentiality, integrity and availability.

3.Smart contract (identity life cycle management and DAO Tools model) Stc-dpki manages the life cycle of digital certificates through smart contracts, including the storage, revocation, verification and other operations of certificate VC information, and replaces traditional certificate chain and trust chain verification through a verifiable registry structure, which solves the mutual trust problem of CA and improves verification efficiency.

4.DPKI SDK (trusted authentication tool for identity entities) User entities use stc dpki sdk decentralized registration information and issue identity cards to provide an integrated trusted authentication tool based on blockchain smart contracts, which has good ease of use and authentication efficiency.