STEEM Private Selfie KYC
STEEM Private Selfie KYC
Project Concept
The system allows users to encrypt personal documents on the client-side (in the browser) and send the data identifier to the blockchain. The blockchain acts as an irrefutable log of applications and a routing mechanism, ensuring document access only to chosen verifiers.
Technological Stack
- Blockchain: Steem (for transaction storage).
- Cryptography: Web Crypto API (browser-based implementation).
- Authentication/Signing: Steem Keychain (integration with wallets).
- Data Processing: Canvas API (steganography: hiding data within image pixels).
Verification Process: Detailed Breakdown (Hybrid Encryption)
The system utilizes a hybrid encryption scheme (Envelope Encryption), which combines the speed of symmetric encryption with the security of asymmetric key exchange.
 |
Stage 1: Application Submission (User)
 |
Local Preparation: The user selects a file. The system generates a random 256-bit AES key (symmetric), which will be used exclusively for this specific file.
Encryption: The image is encrypted using the AES-GCM algorithm.
- Steganography (Obfuscation): The encrypted binary Blob is split into color channels (RGB) and embedded into the pixels of a real PNG image. This allows the file to be uploaded to any image hosting service as a standard photo without raising suspicion or violating service rules.
- Asymmetric "Key Wrapping": The AES key (along with the IV) is encrypted via the user's wallet (Keychain) using the verifier's public key. This ensures that only the designated verifier can decrypt the AES key using their private key.
 |
 |
- Blockchain Relay: The user signs and broadcasts a
custom_jsontransaction to the Steem blockchain (id:kyc_verification_v1), containing:- A link to the PNG image.
- The encrypted AES key.
- The hash of the original file (for integrity verification).
 |
 |
Stage 2: Verification (Verifier)
 |
- Monitoring: The verifier checks the blockchain for
kyc_verification_v1transactions addressed to their account. The most recent transaction is considered active (handling repeated applications or test attempts).
 |
Key Decryption: The verifier's wallet automatically decrypts the received AES key using the verifier's private MEMO key.
Data Extraction: The system downloads the PNG image and, via the Canvas API, "pulls" the data out of the pixels back into a binary Blob, recreating the selfie for verification.
Document Decryption: The AES key obtained in step 2 is used to decrypt the binary data (AES-GCM).
 |
- Validation: The system compares the hash of the decrypted file with the hash recorded on the blockchain to ensure the file has not been corrupted or tampered with.
Stage 3: Decision
The verifier either approves or rejects the application.
 |
The verifier signs and sends a kyc_decision_v1 transaction to the blockchain, containing a reference to the user's initial ref_timestamp and the status (approved|rejected).
 |
- Once the decision is published and confirmed, a notification appears in the verifier’s interface.
 |
Platform Integration
Platform owners can implement a feature to scan these verified JSON records and add a "Verified via Selfie" badge to user profiles.
Key Advantages
- Total Confidentiality: No personal data is stored on servers. The service acts merely as an interface for the blockchain.
- Integrity: Due to hashing, it is impossible to swap the document after submission.
- Granular Access Control: The hybrid scheme ensures that even with the image link, no one except the intended verifier can read it.
- Privacy.
- Increased Service Trust.
Future Prospects & Improvements
- Enhanced Automation: Currently, names of verifiers/applicants are entered manually for searches; this can be automated.
- AI Integration: Verification could potentially be moved to a closed, automated mode using AI, though this requires additional resources and expertise.
- Trusted Verifier Network: Establish a list of fixed, trusted verifiers whose records are universally recognized as valid on steemit.com or specific private sites.
- Verification Badges: Visual indicators of verification status visible directly on the website, similar to traditional social networks.