3.5 Consistent Identities With Sighchains

3.5 Consistent Identities With Sighchains

Both accounts and users have states that change over time. An account can change its identity provider or its ADN, and a user can change their email address or add and remove devices.

We need to keep track of states that change over time in a way that is auditable. To do so, we describe the sequence of changes in a data structure called a signed hashchain, or sighchain.

Once a client learns of a sighchain, the only changes to this chain that will be considered valid are extensions of the sequence. Since changes cannot be "forgotten," the Zoom server cannot rewrite history.

Still, this model doesn't force the Zoom server to be consistent across different devices it talks to. We will add a transparency layer called the Zoom Transparency Tree (Section 4) to ensure that the Zoom server must present the same information about sighchains to all users.

Previous3.4.1 Lockdown ModeNext3.5.1 Sighchains

Last updated 3 months ago

Previous3.4.4 Lockdown ModeNext3.5.1 Sighchains