¶ Graphatars™ - Cryptographically Secure & Portable Identities
A Graphatar is a quick and easy visual representation of user's cryptographic identity. Graphatars are rendered as layered images that allow users to quickly determine if the person they are speaking to is who they think it is. This makes Graphatars the first line of defense against phishing and identity theft by minimizing the likelihood that a user can pretend to be another user, a vulnerability commonly found on other platforms, such as Discord and Telegram. Because there are billions upon billions of unique combinations, Graphatars make it mathematically very difficult to trick users into believing they are somebody else. If a Graphatar doesn't seem right, such as the colors or image composition doesn't appear as expected, further analysis can be done by examining the Graphatar's hash and/or the identifier. The Graphatar hash is a 64-byte SHA-512 hash of the Graphatar public keys. The Graphatar identifier is an 8-byte checksum of the 64-byte hash. These values help analyze possible threat actors, especially when a malicious individual attempts to impersonate a legitimate user.
Since identity is owned by the individual (and not a centralized store), every Polynom server a user connects to will render the Graphatar the same. This allows for identity federation across disparate servers since the same public key(s) will verify all messages sent to those servers. This provides for authentication and non-repudiation. Not only does this allow all users across different servers to perceive a Graphatar identically, but it also allows messages sent to different servers to be trusted to have originated from the same place, i.e., the person with access to the Graphatar's private keys.
