DIDAPPER: A Practical and Auditable On-Chain Identity Service for Decentralized Applications

The popularity of decentralized applications brings increasing on-chain audit concerns. Since on-chain accounts do not link to real-world identities, decentralized applications have been wildly used for illegal activities like money laundering. Decentralized identity (DID) is one of the most promising solutions to guarantee on-chain auditability in a privacy-preserving way. However, the existing DID systems suffer from two limitations, making them rarely adopted in on-chain decentralized applications. First, most previous systems only provide partial auditability, meaning that their regulators cannot trace users' real-world identities after users' malicious behaviors occur. Second, current solutions are usually isolated systems, causing a lack of interoperability with on-chain decentralized applications. To address the problems, we propose Didapper, a practical and auditable on-chain identity service with both privacy and auditability for decentralized applications. We introduce group signatures to provide anonymous and traceable credentials for on-chain users and decentralized applications. In order to meet the efficiency and flexibility requirements, we design credential structure and workflow mostly compatible with W3C standards (a DID recommendation that enables verifiable, decentralized digital identity), and realize credential verification service with updatable policies. We implement Didapper and evaluate it on Ethereum, and the results show that the performance of Didapper is acceptable in practice.