Home Knowledge Blog Contact

Decentralized Web project

dWeb tutorial: User identity and inviting other users

1. Introduction

User Identity is a very important aspect for both centralized and decentralized communication.
This article is part of the group of articles establishing the foundation of decentralized communication.

The interaction and communication described here uses and is done through IP address. In centralized client-server communication the IP address of the server is always known and almost always stays the same.

However the IP address of the user / client may change - when connecting from home, or from work location, or from the phone/mobile connection, etc.

In both centralized and decentralized communication users have to be identified but decentralized communication is presented with a bigger problem to solve in order to be able to communicate as there is no central point which can save user identities.

If you did not previously read please check these articles as a pre-requisite before enabling inward communication -
'Local and global IP addresses'
'Outward and inward communication'
'Testing outward and inward IP communication'
'Enabling inward communication'
'Echo test'

2. User identity for centralized communication

A variety of ways can be used to uniquely identify a user - full name, phone number, national id card number, passport number, social security number, driving license number, physical address, facebook/twitter/instagramm... id , and so on.

The most used way of user identification for centralized communication is to provide to the central point (the web server/site) an e-mail address and choosing a used ID and password. An e-mail is then sent to verify and then store the user identify based on the e-mail address and the chosen user id and password.

This is the absolute minimum and many web servers/sites go way beyond the minimum - requiring and then verifying a phone number, then a second/third,..etc. alternative e-mail addresses.

In addition, it is becoming a standard for centralized crypto exchanges to require the user to provide national id card and/or a driving license and and/or a passport pages images and a selfie picture, and/or an authenticating app like the Google authenticator.

Beyond the minimum, most of these ways of identifying a user are invading their privacy.
Not publicly stated but a Standard practice for web sites with many users is to sell identities of the users to third party marketing companies.

National id cards, passport pages, driving license cards stored by sites requiring them are targets for hacking by friendly or adversary nations for the purposes of impersonating and then performing industrial or ordinary espionage.

3. User identity for decentralized communication

Currently, we are choosing to use only one e-mail address as an identifier of the user. A user can have multiple e-mail addresses. If privacy conscious, the user can choose to provide an e-mail address with a generic or random name, from a domain which needs only a minimum of information for a registration.

When our communication program is started for the first time it is asking the user to type an e-mail address to be used for their identification.

After typing, an e-mail address is sent while our communication program is waiting. The user needs to open an e-mail client, read the e-mail sent and click on the link in the message.

The link information is passed to the waiting program which stores the e-mail address as an identity and goes to open screens and start normal work.

After this, every time the communication program is started it uses the initially stored identity.

Please note that unlike the centralized types of communication we do not ask for a name of the person, or to choose a user id and a password, or to provide any other identifying information - the privacy of the user is much higher.

Whether using only the e-mail address as an identity will be sufficient remains to be seen during the period of growing user adoption of the decentralized communication program.

4. Sending invitations for communication

Once a user establishes identity they need to find and connect with other users of the decentralized communication program.

We take advantage of the mass adoption of e-mail by most computer and mobile users to send e-mail invitations to other people - potential new or existing users of decentralized communication program.

Once started, the communication program includes in the menu the option of sending an invitation. Just like with the personal identity, once the user types the e-mail address of the person who they want to invite to connect, an e-mail is sent.

The receiver of the invitation gets a message with the e-mail address of the sender and a link with communication details. The receiver has to be familiar with the address of the sender and have the choice to ignore the message or click on the link.

The communication program has to be running on the receiver's computer and when the invitation link is clicked the identity and connection details of the sender are added to the list of connections of the receiver.

The e-mail message of the sender of the invitation includes also a link to download the decentralized communication program - in the case when the receiver did not yet install and use the program.

   Support our project - become our patron on Patreon:   Patreon - Decentralized Web