¶ Graphatars™
A Graphatar is a visual representation of a user's cryptographic Identity in Polynom. Rendered as layered images derived from a user's unique public key, Graphatars allow anyone to quickly verify that the person they are speaking to is who they expect them to be.
This makes Graphatars the first line of defense against phishing and identity theft. Because each Graphatar is mathematically unique, it is extremely difficult for a malicious actor to convincingly impersonate another user, a vulnerability commonly found on platforms such as Discord and Telegram. If something about a Graphatar looks off, such as unexpected colors or image composition, further verification can be done by examining the Graphatar's hash and identifier.
- Graphatar hash - A 64 byte SHA-512 hash of the Graphatar's public key
- Graphatar identifier - An 8 byte checksum of the 64 byte hash
These values can be used to analyze potential threat actors, particularly when someone attempts to impersonate a legitimate user.
¶ Portable Identity
Because an Identity in Polynom is owned by the individual rather than stored on a centralized server, every Polynom server a user connects to will render their Graphatar identically. This enables Identity federation across different servers, since the same public keys verify all messages sent to those servers.
This has two important properties. First, all users across different servers perceive a given Graphatar the same way. Second, messages sent to different servers can be trusted to have originated from the same source, meaning the person with access to that Graphatar's private key. This provides both authentication and non-repudiation.
¶ How Many Possible Graphatars Are There?
There are over 15 Decillion possible Graphatars. That is 15,576,890,575,604,480,000,000,000,000,000,000 unique combinations. With that many possibilities, finding a Graphatar you love may take a little scrolling, but no two users are likely to ever share the same one.