Concept
Identity Registrar is a module within the KIRA network that allows users to prove statements about themselves or others on the blockchain. These statements, known as claims, can be about anything the user wants to prove ownership of, such as a website, social media handle, or even a public IP address. The proof of these claims can either be a self-evident signature, or a social consensus of other KIRA accounts that have verified the claims. This enables users to build trust within their social circle without relying on a centralized authority to verify the claims.
One unique aspect of the Identity Registrar is that it is a simple, public key-value pair dictionary, also known as an associative array. This means that users can create their own entries and associate them with any value they choose. For example, a user could create an entry called "website" and associate it with the value "example.com" to prove ownership of that website. Every existing KIRA account is able to create an unlimited number of these entries, and each entry can be individually verified by any other KIRA account. However, if a verified entry is edited, all related verifications of that claim become invalid.
It is worth noting that users may not always want to reveal certain information to third parties in order to support their on-chain statements. In these cases, users can rely on other trusted KIRA account holders to validate their claims, creating a more convincing social proof without having to reveal private information to centralized entities that could potentially misuse or expose it. For instance, a Validator or other publicly known and respected actor can support the claim that a specific account is also a trusted party without requiring the account to reveal its private information.
Governance
Parameters
Record verification process
The process of verifying an identity record involves a few steps:
An user creates an on-chain transaction that includes the desired key and value for the identity record.
It then requests verification from a publicly trusted KIRA account for the key-value pair, and include a tip as payment for the service provided.
If the verification is successful, the record will remain verified unless any changes are made to the verified key.
If any changes are made to the key after the verification process, the record will no longer be considered verified.
It is important to note that verification requests must include a tip, which cannot be less than the min_identity_approval_tip network property (default: 2x the transaction cost of the approval/rejection transaction). This tip is meant to incentivize other accounts to verify identity records, or at least provide them with a refund of the transaction cost. Tips are paid regardless of whether the records are rejected or approved, ensuring that approvers are honest and trusted, rather than motivated solely by financial gain. The network governance can also choose to distrust any account at any time through a proposal process, marking them as potentially malicious and referencing the evidence.
Predefined Identity Records
KIRA allows to create any custom key in the Identity Registrar, but certain key names, such as username and moniker, are reserved and will affect the visibility of the node or account in explorers, network visualizers, wallets, and other frontend applications. It is important to note that username and moniker must be unique and cannot be deleted once created.
KIRA offers a range of dedicated identity keys to make interactions with the network more user-friendly. These keys can be used to store various user-related information that can be interpreted by wallets, explorers, visualizers and other front-end applications. For example, instead of sending assets to a KIRA address, users can send assets by simply providing a username. This is possible because the KIRA network's governance can enforce certain key-value pairs to remain globally unique by modifying the unique_identity_keys network property. For instance, the moniker and username keys remain globally unique by default.
Consensus node dedicated records
A consensus node can create one or more of the following keys in the Identity Registrar to increase its public recognition and trust
Users dedicated records
Users can create one or several of the following keys in the Identity Registrar in order to make their account easier to identify and recognize by other users.
CLI functions description
tx/customgov
register-identity-records - Submit a transaction to create an identity record.
delete-identity-records - Submit a transaction to delete an identity records.
request-identity-record-verify - Submit a transaction to request an identity verify record.
handle-identity-records-verify-request - Submit a transaction to approve or reject identity records verify request.
query/customgov
all-identity-records - Query all identity records.
identity-record - Query identity record by id.
identity-records-by-addr - Query identity records by owner.
identity-record-verify-request - Query identity record verify request by id.
identity-record-verify-requests-by-requester - Query identity records verify requests by requester.
identity-record-verify-requests-by-approver - Query identity record verify request by approver.
Syntax & examples
Each CLI command and proposal process in KIRA requires specific permissions. These permissions must be added to the account's whitelist or obtained as sudo permissions for direct changes. Refer to the 
Roles & Permissions documentation for more details. $SIGNER represents the transaction signer's account name or address. For instructions on setting common flags as environment variables, such as $FLAGS_TX and $FLAGS_QR, see the 
CLI flags configuration section
Roles & Permissions documentation for more details. $SIGNER represents the transaction signer's account name or address. For instructions on setting common flags as environment variables, such as $FLAGS_TX and $FLAGS_QR, see the CLI flags configuration sectionAdding/Editing records
To add or edit identity records using the register-identity-records CLI, provide the desired key-value pairs in either a JSON file by specifying its path with the --infos-file flag, or directly in the command as a JSON string using the --infos-json flag. It is important to note that certain key names are reserved and may be required to be unique within the Identity Registrar.
Bash
Copy
sekaid tx customgov register-identity-records \
--from=$SIGNER $FLAGS_TX \
[ --infos-file=$INFOSFILE || --infos-json=$INFOSJSON ]
Bash
Copy
# Example
# from an id.json file with below content :
# {
# "key1": "value1",
# "key2": "value2"
# }
sekaid tx customgov register-identity-records \
--from=$SIGNER $FLAGS_TX \
--infos-file="path-to-id.json"
# providing json format manually
sekaid tx customgov register-identity-records \
--from=$SIGNER $FLAGS_TX \
--infos-json="{\"$KEY1\":\"$VAL1\",\"$KEY2\":\"$VAL2\"}"
Deleting records
To delete one or several identity records, use the delete-identity-records CLI and provide the keys to be deleted as a comma-separated list using the --keys flag. Note that the keys moniker and username cannot be deleted.
Bash
Copy
sekaid tx customgov delete-identity-records \
--from=$SIGNER $FLAGS_TX \
--keys=$KEYS
Requesting record verification
In order to verify an identity record, use the request-identity-record-verify CLI and provide the address of the verifier using --verifier and the desired key(s) or record ID(s) using --record-ids. Users can also provide a tip using --tip to incentivize the verifier to review the request. It is important to note that the tip value must be greater than twice the transaction fee value.
Bash
Copy
sekaid tx customgov request-identity-record-verify \
--from=$SIGNER $FLAGS_TX \
--verifier=$VERIFIER --record-ids=$RECORDIDS --tip=$TIP
Verifying or rejecting records verification requests
To verify or reject a request for identity record verification, use the handle-identity-records-verify-request CLI. To approve the request, include the --approve flag and set its value to true. To reject the request, users can set the value of --approve to false. The ID of the request must also be provided. (Reminder: Only the verifier specified in the original request can approve or reject it)
Bash
Copy
sekaid tx customgov handle-identity-records-verify-request \
--from=$SIGNER $FLAGS_TX \
$ID --approve=$APPROVE
Queries
Records queries
List all exisiting records
Bash
Copy
sekaid query customgov all-identity-records $FLAGS_QR | jq
Display one record id
Bash
Copy
sekaid query customgov identity-record $ID $FLAGS_QR | jq
List all records of a specific account
Bash
Copy
sekaid query customgov identity-records-by-addr $ACCOUNT $FLAGS_QR | jq
Display one specific record id of a specific account
Bash
Copy
sekaid query customgov identity-records-by-addr $ACC_ADDR $FLAGS_QR | jq ".records | .[] | select(.id==\"$ID\")"
Display one specific record key of a specific account
Bash
Copy
sekaid query customgov identity-records-by-addr $ACC_ADDR $FLAGS_QR | jq ".records | .[] | select(.key==\"$KEY\")"
Requests queries
Display all pending requests of a specific record id
Bash
Copy
sekaid query customgov identity-record-verify-requests-by-requester $ID $FLAGS_QR | jq
List all pending requests of an account
Bash
Copy
sekaid query customgov identity-record-verify-requests-by-requester $ACCOUNT $FLAGS_QR | jq
List all pending requests from an account to a specific verifier
Bash
Copy
sekaid query customgov identity-record-verify-requests-by-requester $ACCOUNT $FLAGS_QR | jq ".verify_records | .[] | select(.verifier==\"$VERIFIER\")"
List all pending requests of a verifier
Bash
Copy
sekaid query customgov identity-record-verify-requests-by-approver $VERIFIER $FLAGS_QR | jq
List all pending requests of a verifier from a specific account
Bash
Copy
sekaid query customgov identity-record-verify-requests-by-approver $VERIFIER $FLAGS_QR | jq ".verify_records | .[] | select(.address==\"$ACCOUNT\")"