KILT is a blockchain protocol for issuing self-sovereign verifiable, revocable, anonymous credentials and enabling trust market business models in the Web 3.0.

In the Internet users register at services. If those services become successful, they accumulate millions of logins and often collect and use data their users generate on the way. This leads to three major problems:

  • The data silos are honeypots for hackers and thus a high security risk.
  • The vast amount of users on one service automatically generates a monopoly. Better services coming up have little chances to get recognised and the monopoly service will not evolve as fast as it could, because it does not fear competition.
  • The amount of data collected by only a few services, gives these services an unfair advantage in the age of artificial intelligence.
KILT – Figure 1: Many users store their user names and passwords with a centralised service.
KILT – Figure 1: Many users store their user names and passwords with a centralised service.

KILT is an alternative! As a building block of the next generation Internet we propose a new mechanism for handling user data: the KILT Protocol enables the issuance and bearing of Credentials in the Internet. An Attester issues a Credential on user’s (Claimer’s) demand. The Credential describes certain attributes of the Claimer, which the Attester can determine. The Attester sends the Credential to the user who stores it locally. This way the user gains full control over her Credentials and thus her data. KILT works very similar to the Credential process in the real world, where trusted authorities issue documents which are then owned and controlled by the people.

KILT – Figure 2: Each user gets an individual, signed document and puts it in her digital wallet.
KILT – Figure 2: Each user gets an individual, signed document and puts it in her digital wallet.

KILT stores a checksum (hash) of this Credential on the KILT Blockchain. Blockchain technology enables the user to proof the authenticity of her document to anyone she decides to show it to. KILT is built on privacy by design principles, never storing any personal data on the blockchain. The personal data is in the Credential which is under complete control of the user, while the blockchain only stores Hash Values.

Figure 3: A checksum (hash value) of the signed document is stored on the KILT Blockchain.
Figure 3: A checksum (hash value) of the signed document is stored on the KILT Blockchain.

When the user wishes to proof a certain attribute of hers to a service with KILT she sends a Credential instead of a login and password. If the receiving service (the Verifier) trusts the issuing entity (Attester), it can check the validity of the Credential by generating the Hash Value and check its existence on the KILT Blockchain.

Figure 4: With her document the user registers with a service.
Figure 4: With her document the user registers with a service.

Exactly like in the analogue world the user can hold many different credentials in her private wallet and use them for different purposes. If one issuing Attester is trusted by more than one Verifier, her credentials become multi-purpose and more valuable to the user. The user is always under full control of her data and decides, when, for which purpose and to whom she shows a credential. Unlike in the analogue world KILT even allows to show only selected parts of credentials, while still allowing to check the Hash Value of the Credential on the Blockchain.

KILT enables Data Sovereignty!

KILT – Figure 5: A user applies her document with several services. Those services check the validity of the document on the Blockchain.
KILT – Figure 5: A user applies her document with several services. Those services check the validity of the document on the Blockchain.

KILT decouples the verification process from the Attester. The Verifier only needs the KILT Blockchain to check the validity of the Credential. The Attester is not involved. This feature makes the system extremely scalable and also insures the privacy of the user. As the trusted attesting entity is not part of the process, it cannot be corrupted and will never know where and for which purpose the Credentials were used.