Using X.509 PKI certificates as EOSIO blockchain identity

I published a new design draft outlining a pretty simple idea: X.509 client certificates are broadly in use for digital signatures and identification, and we can utilize them to generate blockchain private keys.

Security implications are yet to be explored, but this design is potentially opening new opportunities in blockchain usage:

  • Government-issued signature certificates are a good replacement for KYC. Integrating them with blockchain will reduce the KYC overhead dramatically.
  • In enterprise environment, this method will make the blockchain seamlessly integrated with corporate IT environment, hiding the private key mechanics from the end user.