Digital Identification on the Blockchain with Microsoft's ION

This article describes the concept of digital identification on the blockchain and the working mechanism of Microsoft's ION.


From time immemorial, identification has been an integral part of the human race signified by many things such as tribal marks, body piercings, etc. In short, all humans have an identity, but how we identify ourselves has continually changed over the years.

Humans identify themselves through identification cards, which is important to confirm our identity relating to people or organizations. For instance, anyone opening a bank account, checking into a hotel, traveling out of a country, or even applying for a driver's license needs a form of identification card that is personal to the owner.

The advent of technology has reshaped how humans can identify themselves, especially online (digital) identification. As the way to represent identity changed gradually from analog to digital (internet), many people lost the liberty to manage their identity credentials online. This has prompted the belief in some people that blockchain could be the answer to the identity problem created by the internet since it is purely decentralized.

The identification on a blockchain will limit the control of people's identity to their own hands instead of a third party. Hence, they have complete control over their data.

This article goes beyond identity on the blockchain to exploring in detail the Microsoft ION identity solution. It defines identity on the blockchain, discusses how ION works and the various architectures and system features that make it unique from other identity networks on the blockchain. 

What is Digital Identification in Blockchain?

Digital identification in the blockchain uses blockchain principles to create an identity card and provide management in such a way that gives control to the owner rather than a third party. Since the first blockchain implementation in bitcoin, it has been useful in various applications, including identity, healthcare, supply chain, etc.

Thanks to Bitcoin, a decade ago, that aroused the curiosity of developers, cryptographers, and distributed systems engineers to solve the problems associated with centralized identity systems. Today, cryptographers and other distributed system players are deploying identity solutions on various blockchains, viz; Bitcoin's ION, Cardano's Atala Prism, Ethereum's Element, and so on.

The distributed system community, through groups like Internet Identity Workshop IIW, World Wide Web Consortium W3-C, Rebooting Web of Trust RWoT, are exploring the ideas and technical processes of the traditional identity system. Hence, proposing decentralized identities to achieve a fully distributed and decentralized identity. The purpose behind DID, a foundational technical component of decentralized digital identity, is to give ownership and control to individuals.

While many solutions are proffered, the common denominator is finding a scalable, user-owned unique identifier to a set of cryptographic keys and routing endpoints. So many solutions thus far are not focused on achieving a scalable and decentralized network that doesn't require utility tokens, consensus mechanisms, and trusted validator nodes.

In response to the above-stated issue, Microsoft proposed and launched Identity Overlay Network, also known as ION. Before exploring the solutions, architectures, and killer features of Microsoft's ION, it is crucial to discuss in-depth more about identity.

Why Digital Identification on Blockchain?

Digital identification on the blockchain could solve some of the problems associated with our present identification process. These problems are:

Models of Digital Identity Management

What is Self-Sovereign Identity?

Before defining Self-Sovereign Identity, we should understand that the user-centric model cannot give autonomy, which users need. So, the SSI was introduced to provide sovereignty and put total control in the hands of users.

Self-Sovereign Identity (SSI) is a digital identity that people can store on their devices without relying on an external party. The concept of SSI is purely decentralized and gives the power to create and manage an individual's identity to the owner instead of a third party.

The Working Priciple of Digital Identity on the Blockchain

The digital identity in a blockchain is decentralized, and it operates based on the following components:

Advantages of Digital Identification in Blockchain

Blockchain identification has numerous advantages, which are elaborated on below.

What is ION?

The idea behind ION is to achieve a scalable, resilient, user-owned decentralized identity system where users do not need utility tokens, consensus, and trusted validated nodes. By implication, users own and operate their nodes. ION is a layer 2, public, permissionless, decentralized DID overlay network that runs atop the Bitcoin blockchain and leverages a deterministic DPKI protocol called Sidetree.  

Before fully deploying ION in early March, Microsoft started exploring Sidetree between 2017 and 2018. During this period, they determined if it was worth investing in. Upon realization, the team worked in collaboration with SecureKeyMattr, Consensys, Transmute, GeminiBitpayCasa among others to codify Sidetree into a formal specification with the decentralized identity foundation.

ION Architecture

Microsoft ION Architecture

Microsoft's ION comprises a collection of microservices, including a Bitcoin Core, IPFS, and MongoDB (for local data persistence). Simply put, the majority of ION's code comprises Sidetree protocol. As a Sidetree based DID network, it combines Sidetree logic module; a chain-specific read/write adapter, a content-addressable storage protocol (e.g., IPFS), MongoDB, and an existing layer one protocol. 

The content-addressable storage protocol like IPFS helps replicate data between nodes. The above combine to form the Sidetree protocol that enables the creation of layer 2 DID networks that run atop existing blockchains (layer 1) at thousands, or even tens of thousands, of PKI operations per second. The Sidetree requires no additional consensus like several other layer 2 solutions. It simply relies on a decentralized chronological ordering of operations provided by the underlying blockchain. Unlike monetary units and asset tokens, IDs are not intended to be exchanged and traded. To achieve greater scalability without relying on additional layer 2 consensus schemes, trusted validator lists, or special protocol tokens. Also, the Sidetree is designed to allow all nodes of the network to arrive at the same Decentralized Public Key Infrastructure (DPKI) state. This allows an identifier based solely on applying deterministic protocol rules to chronologically ordered batches of operations anchored on the blockchain, which ION nodes replicate and store via IPFS.

ION Working Mechanism

Microsoft ION working


ION leverages a single on-chain transaction, blockchain-agnostic Sidetree protocol to anchor tens of thousands of DID/DPKI operations on a Bitcoin chain. The ION node processes and encodes transactions with a hash used to fetch, store, and replicate the hash-associated DID operation batches via IPFS. Without requiring an additional consensus, the nodes process the hash associated DID operation batches following a DIF's set of deterministic rules, enabling them to independently arrive at the correct DPKI state for IDs in the system. The nodes are designed to fetch, process, and assemble DID states in parallel, and also, the aggregate capacity of nodes can run at tens of thousands of operations per second.

How to Run ION and Create DIDs

To run ION, you need to meet certain hardware and software requirements. 

Hardware requirement; 

Software requirement

Make sure you have running on your machine, Windows, or Linux operating system. Upon meeting the listed prerequisites, follow the below to run ION and create DIDs; 


Though digital identification in the blockchain is a field that is still new, it gives an assurance of more tight and user-centered control of one's data than centralized databases. It reduces the risk of getting people's information to hackers who use it for different nefarious activities. Microsoft proffered a scalable, resilient, user-owned identity management system that doesn't require utility tokens, trusted validator nodes, and additional consensus mechanism through ION, a layer two solution to decentralized identity.

Also read DeFi Lending: A Primer

ConsenSys Quorum Blockchain: A Comprehensive Review


The financial industry is considered the first to be disrupted Blockchain technology, and ConsenSys Quorum Blockchain seems to be the culprit. However, we need to understand that emerging technologies often experience slow adoption. The primary reason is that organizations seek to better understand the technology and how to use it better.  

ConsenSys is a Blockchain software technology founded in 2014 by the co-founder of Ethereum Joseph Lubin. It develops decentralized applications and other infrastructure for the Ethereum Blockchain. Some of the applications created by ConsenSys include Metamask, uPort, Gnosis, etc. 

J.P. Morgan developed the ConsenSys Quorum chain. It is one of the significant steps towards the common adoption of Blockchain by financial industries. In this post, we shall explore the ConsenSys Quorum Blockchain, its features, and use cases. 

What Is ConsenSys Quorum Blockchain?

The ConsenSys Quorum chain is an enterprise-focused and permissioned Blockchain network specifically built for financial use cases. It is a fork of “GoQuorum,” a lightweight of geth designed to leverage the R&D inside the Ethereum community. “Geth” is a public Ethereum client. It has lots of protocol-level enhancements created to support business needs. The goal of this Blockchain is to create an enterprise Ethereum client that empowers businesses to adopt and leverage the benefits of Blockchain technology. 

We can also see ConsenSys Quorum as Ethereum-based decentralized ledger technology. It offers a permissioned way to apply the Ethereum network to support the privacy of contracts. The ConsenSys Quorum chain like Ethereum but with minor differences. It differs from Ethereum in:

Read about Binance Ecosystem.

The Features Of ConsenSys Quorum Blockchain

1. Permissioned 

The ConsenSys Quorum chain is designed to be permissioned. It means that all the networks using Quorum will not be open to all, unlike Ethereum. Therefore, permissioned Blockchain networks operate differently. There are completely different expectations of trust between approved nodes in the network compared to permissionless ones. 

In other words, the ConsenSys Quorum Blockchain system is a consortium Blockchain. It is only implemented between participants that have been pre-approved by a designated authority. Although consortium Blockchain systems run in the same manner and with the same features and protocols of a normal Blockchain, it relies only on permitted nodes. The implication is that organizations can consider the feasibility of Blockchain technology without the possibility of failure. 

2. Privacy

Financial institutions have always prioritized the confidentiality of records. This is one of the issues that regular Blockchain systems like Ethereum failed to resolve. When it comes to corporations and industries, the pseudonymous nature of the transaction can be easily undermined. Aside from its permissioned nature, the ConsenSys Quorum chain further improves privacy by integrating private and public on-chain transactions. 

While the public transactions function like that of Ethereum, the private transactions are verified. However, the details of the private transactions are not disclosed. With the use of a system known as Constellation, ConsenSys Quorum is able to manage much of its secure message transfers. In simple terms, Constellation is a general-purpose mechanism that is not entirely Blockchain-related. The ConsenSys Quorum chain owes its superior speed to Constellation and the architecture it supports. 

Aside from the privacy in transactions, it also offers privacy for smart contracts. Smart contracts are something banks and other financial institutions are wary of exposing due to security reasons. These smart contracts could contain sensitive information like investment strategies, transaction data, or internal information. In addition, ConsenSys Quorum has been partnering with Zcash to integrate the zero-knowledge security layer (ZSL) into the ConsenSys Quorum protocol. Both of them have released a proof-of-concept technical design document detailing the project. 

3. The Consensus Mechanism 

Its consensus mechanism is called the ConsenSys QuorumChain. It is initiated inside the genesis block. The ConsenSys QuorumChain is a simple, straightforward majority voting protocol. The fact that consortium chains are permission means there is no need to have an expensive PoW mechanism. However, ConsenSys QuorumChain offers different consensus mechanisms suitable for private Blockchain networks. These mechanisms include the following:

• RAFT-based Consensus

RAFT achieves consensus through an elected leader. The leader is saddled with the responsibility of executing log replication to the followers. In this form of consensus mechanism, the leader can decide on placing new entries and establishment of data flow to other servers without consulting those servers. The leader continues to lead until it fails or disconnects, and then a new leader is elected.

• The Istanbul BFT Consensus:

Since this is a Byzantine fault tolerance algorithm is based on the Practical Byzantine Fault-tolerant (PBFT) consensus algorithm, the PBFT supports immediate transaction finality and provides liveness and safety under the standard Byzantine fault threshold assumptions. 

• The Clique Consensus 

This is a Proof-of-Authority (PoA) consensus algorithm. It is readily available with “geth,” the Go Ethereum client. 

The Use Cases Of ConsenSys Quorum Chain

There are many use cases of the ConsenSys Quorum Blockchain. It is used but not limited to healthcare, identity, payments, property, capital markets, etc. Here is a list of some of the projects and brief descriptions:

• Tokenized Cash

It is a distributed ledger developed by HIS Markit. The project helps you to keep track of all cash movements.

• The JPM Coin

This project is designed to promote the immediate settlement of transactions. The transactions are basically between clients of the financial institution’s wholesale payment business. 

• The Marketplace For Loans

This is a decentralized marketplace where people come to seek access to loans. StreamSource develops the platform. 

• Interbank Information Network (IIN)

The project allows its member banks to exchange information at the same time in order to verify payments.

ConsenSys Quorum Chain Tools And Development 

The ConsenSys Quorum system has a lot of tools that help to improve both user and developer experience. These tools are mainly made up of network management, deploying and monitoring utilities, and others. The tools include ConsenSys Quorum support in truffle, Blockchain explorer for ConsenSys Quorum by Web3 labs, Cakeshop. Also, this Blockchain is available on cloud platforms like Azure and Kaleido. There is also the reporting tool that provides convenient APIs that help to generate reports concerning contracts deployed to a particular network. Some third-party tools like Splunk and Prometheus are also very useful in the deployment of the ConsenSys Quorum Blockchain network. 


The ConsenSys Quorum Blockchain offers an enterprise-grade Blockchain network with high performance and privacy. Myriads of features made this chain an excellent choice for enterprise use cases. At the moment, ConsenSys Quorum appears to be a great idea and approach that can revolutionize the financial industry. The acquisition of Quorum by ConsenSys is great news to the enterprise Blockchain community. It also reinforces the impact of Blockchain in the financial industry. 

Also read Stellar Payment Network: Detailed Explanation.