Skip to content

Commit

Permalink
rewrite attestation definition and use-cases to bring it up to be rel…
Browse files Browse the repository at this point in the history
…evant in 2023.
  • Loading branch information
SmartLayer committed Sep 21, 2023
1 parent 47e9cf4 commit e869bfe
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 54 deletions.
60 changes: 24 additions & 36 deletions src/concept/Attestation.md
Original file line number Diff line number Diff line change
@@ -1,36 +1,24 @@
# Attestation

An attestation is a cryptographically attested message, by an attestor stating someone have something.

It's a few lines long and often is delivered through a [MagicLink](MagicLink.md).

Note that an attestation is produced by a trusted attestor. It is not a trustless technology. See [Attestation vs Proof](../faq/attestation_vs_authorisation_vs_proof.md).

There are two types of attestations: token issued as attestations (token attestation for short), and identifier attestations.

## Token Attestation

Token attestations are tokens issued by sending the recipient an attestation. The recipient, by using the attestation, is able to interact with smart contracts as if he has a token in a token contract.

An example of such token is the DevCon 2022 ticket.

The advantage over minting tokens in a smart contract: a token is never minted, and can be used as if it is minted. However, it is not transferable in that form, instead, when transferring, a token contract has to burn the attestation and allocate it to the new recipient, and the new recipient will hold the token as a normal smart contract token (not attestation token).

Tokens that can be issued as attestation are non-fungible.

## Identifier Attestation

Identifier attestations are issued by attestors who verifies an Ethereum key holder also owns an identifier. A typical identifier is a web2 identifier such as

- Email address
- Twitter handle
- Facebook ID
- Github handle

Use-cases of Identifier Attestations are:

- To be used as a dependency for other tokens. For example, when DevCon 2022 ticket is issued, they are issued on user's identifier (email address). To use the DevCon ticket, a user has to acquire an email address attestation.
- To be used to attest a transaction as from an identified user. For example, in AutographNFT, a person who add an autograph on an NFT must provide a twitter ID attestation, therefore attesting the autograph is from the owner of that ID.

More use-cases can be found in [Attestation Usecases](../usecase/Attestation.md)

# Attestation Appliations

An attestation is a cryptographic message or proof that asserts certain facts about a specific object. When it is presented to the user, it is encoded in a [MagicLink](MagicLink.md).

While traditionally produced by a trusted attestor and often signed, some attestations may use zero-knowledge proofs to establish trust without revealing specific details.

In TokenScript, various types of attestations exist, and the list is expandable. These attestations are not inherently trustless; they usually come from a trusted source or mechanism. See [Attestation vs Proof](../faq/attestation_vs_authorisation_vs_proof.md). It has many [Attestation Usecases](../usecase/Attestation.md)

## Attribute Attestation

This type of attestation asserts specific attributes about a token. For instance, an airline might issue an attribute attestation to update the arrival time for all passengers on a delayed flight. Smart Tokens representing airline tickets for that flight can then use this attestation when interacting with other systems or smart contracts.

## Authorisation Attestation

Authorization attestations are similar to attribute attestations but are designed to grant permissions or access rights. These attestations often come with time limits, intended recipients, and anti-replay attack mechanisms. For example, in the event of a flight delay, an airline could issue an authorization attestation allowing affected passengers to access the lounge.

## Attestation Token

An Attestation Token is a specific type of attestation that attests to a user's ownership of a token. Token issuers typically issue these attestations to users identified by their public keys or Ethereum addresses. These attestations enable users to interact with smart contracts as if they possess tokens in a token contract, allowing for off-chain token issuance.

## Identifier Attestation

Identifier attestations are issued by trusted attestors who verify that an Ethereum key holder also owns a specific web2 identifier, such as an email address or Twitter handle. These attestations can serve as dependencies for other tokens or to authenticate transactions from identified users. For example, when DevCon 2022 ticket is issued, they are issued on user's identifier (email address). To use the DevCon ticket, a user has to acquire an email identifier attestation.

23 changes: 23 additions & 0 deletions src/concept/AttestationApplications.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
# Attestation Use-Cases

Attestations, when standardized, offer a powerful way to integrate identity and various claims into web processes. They can simplify and secure activities ranging from financial transactions to identity verification. Below are some categories of use-cases that demonstrate the versatility of attestations.

## Authorization Attestations

1. **Investor Verification for ICOs and STOs**: A smart contract could require participants to provide an attestation confirming their status as accredited investors. This attestation could be issued by a qualified entity and reused for both Initial Coin Offerings (ICOs) and Security Token Offers (STOs).
2. **Account Authorization**: An account owner can create an authorization attestation for another person to withdraw a limited amount of money on their behalf. This allows for scenarios like exchanges withdrawing customer funds under special conditions such as liquidation, or employees making purchases under employer instructions.

## Attribute Attestations

1. **Car Tokens and Insurance**: Owning a car token could trigger an option to start an insurance process, resulting in an insurance attestation linked to the car token. This attestation could then enable the car to be lent on a car-sharing platform.
2. **Transaction conditions**: Smart contracts can conditionally release payments based on attestations confirming the completion of specific tasks, like a car painting job, or the satisfaction of payment conditions, such as death certificate in the case of an inheritance transaction.

## Identifier Attestations

1. **Token Holder**: For instance, DevCon 2022 tickets could be issued based on a user's email identifier attestation. Using identifier attestation allows tokens to be issued before user acquire a wallet address.
2. **Token Transfer via Email**: Using an email identifier attestation, tokens can be sent via email and later redeemed by the attestation holder.
3. **Dependency for Other Attestations**: Attestations can be chained to provide a dependency structure. Identifier attestation can be at the bottom of the chain, being the last one linked to wallet addresses.

## NFT Attestations

1. **Off-Chain NFT Creation**: Attestations can be used to verify the ownership of non-fungible tokens created off-chain, without the need for on-chain minting. This allows for more flexibility, such as spawning an NFT token for an art piece only when it is sold, and less gas spending.
18 changes: 0 additions & 18 deletions src/usecase/Attestation.md

This file was deleted.

0 comments on commit e869bfe

Please sign in to comment.