uPort is a platform for user centric identity and communication. The platform currently consists of our mobile app, Ethereum smart contracts and number of open protocols for signed messages and message flow.
An identity in uPort is really just someone or something that can sign data or transactions and also receive signed data about itself.
An identity has:
- An Identifier in the form of an MNID
- A signing key
- A public key stored on the uPort Registry
An identity can:
- Sign JWTs (JSON Web Tokens)
- Receive requests for disclosure about themselves
- Receive and store signed third party verifications about themselves
- Sign Ethereum transactions
Currently most uPort users manage their identities through our mobile app. Identities created today consist of an instance of the Proxy smart contract deployed on a supported Ethereum-compatible blockchain.
A request will typically be signed by a client app and sent to mobile app using this generic request flow:
We currently support the following flows:
- Selective Disclosure Flow
- Send Verification Flow
- Ethereum Transaction Request Flow
- Private Chain Provisioning Flow
There are various ways that requests can be sent to the uPort app and how responses can be returned.
Most request and responses are performed privately off-chain between the different parties to a flow.
Most off-chain messages consist of signed JWTs (JSON Web Tokens) as defined in RFC 7519. Signatures are verified using our simple uPort PKI (see later in this document).
The user can sign Ethereum transactions using the mobile app.
uPort implements a simple yet general purpose decentralized PKI system making it easy to create and verify off-chain JWT messages.