Skip to content

Epic: Event Ticketing #39

New issue
New issue
Open
Open
Epic: Event Ticketing#39
Labels
epic
@Flaxscrip

Description

@Flaxscrip
Flaxscrip
opened on Oct 9, 2025

Author: Sat - community contribution

Leveraging (Lightning Auth) L402 and the KeychainMDIP protocol (DIDs and Verifiable Credentials) for event ticketing is a perfect and powerful use case. This combination solves many of the most persistent problems in the ticketing industry, such as fraud, scalping, and the lack of user control.

Think of it this way:

  • L402 handles the proof-of-payment.
  • DID handles the proof-of-identity (who bought it).
  • Verifiable Credential (VC) acts as the proof-of-rights (the actual ticket with its specific permissions).

This creates a cryptographically secure, programmable, and user-owned ticket.

How the Lifecycle of a Ticket Would Work

Let's walk through the process from purchase to entry.

Step 1: Purchasing the Ticket

Identify Yourself: You visit the event's official website. Instead of creating an account with an email and password, you connect with your digital wallet and present your DID.

Initiate Payment: You select your ticket (e.g., Section 101, Seat 12). The website's server generates an L402 challenge. This is essentially a Lightning Network invoice for the ticket price combined with a macaroon that specifies the access rights you're trying to purchase.

Prove Payment: You pay the Lightning invoice. By doing so, you receive the cryptographic secret (the preimage). You now possess the complete L402 token (macaroon + preimage), which is undeniable proof that you paid for that specific ticket.

Step 2: Receiving the Ticket (The Magic Step)

This is where the technologies merge.

Issue the Verifiable Credential: The event organizer's server sees your successful payment. It then cryptographically signs and issues a Verifiable Credential (VC) directly to your DID. This VC is your ticket. Its data fields would contain:

        issuer: did:organizer:event-promoter

        subject: Your DID (tying the ticket to you)

        credentialSchema: "EventTicket"

        claims:

            eventName: "Awesome Concert 2025"

            date: "2025-10-26"

            venue: "The Big Arena"

            seat: "Section 101, Row B, Seat 12"

            ticketType: "General Admission"

            paymentProof: (Reference to the L402 payment hash)

''

Store the Ticket: This "Ticket VC" is sent to your digital wallet (like one managed by the kc tool) and stored securely under your control. You own it, not a centralized ticketing company.

Step 3: Entering the Event

The Challenge: You arrive at the venue gate. Instead of a barcode scanner, there's a screen displaying a QR code. This QR code contains a unique, time-sensitive "challenge" (a random piece of data).

The Response: You scan the QR code with your wallet app. Your wallet automatically performs two actions:

  1. It presents your "Ticket VC."
  2. It uses your DID's private key to sign the challenge from the QR code.

Verification: The gate's scanner receives this "Verifiable Presentation." It instantly verifies three things:

  1. Is the ticket (VC) authentic? (i.e., was it actually signed by the event organizer?) ✅
  2. Is the ticket presented by its rightful owner? (i.e., does the signature on the challenge correspond to the DID the ticket was issued to?) ✅
  3. Has this ticket already been used? (The system checks the ticket's unique ID to prevent double entry.) ✅

If all checks pass, the light turns green, and you're in.

What Problems Does This System Solve?

  1. Eliminates Counterfeit Tickets: VCs are cryptographically signed by the official organizer. It is impossible for a scammer to create a fake ticket that will pass the verification step.
  2. Drastically Reduces Scalping:
  3. Identity-Bound Tickets: Since the ticket (VC) is tied to the original purchaser's DID, it cannot simply be screenshotted or resold. Only the owner of the DID can use it to enter.
  4. Controlled Secondary Market: If the organizer wants to allow resale, they can. They can build a system where a seller "returns" their VC, which the organizer revokes. The organizer then re-issues a new VC to the new buyer's DID, potentially capping the resale price to prevent gouging. The organizer stays in control of their market.
  5. Gives Users True Ownership: The ticket lives in your wallet, not on a company's server. You don't need to worry about a ticketing company going out of business or losing your data.
    6.Enhances Privacy: You don't need to provide your name, email, or phone number to buy a ticket. Your pseudonymous DID is all that's required.
  6. Programmable Access: This system is incredibly flexible. The same DID could hold VCs for a regular ticket, a VIP upgrade, and three drink vouchers. The system can check for all of these credentials at different points in the venue, creating a seamless experience.

In summary:

Combining L402 for payment and DID/VCs for identity and rights creates a modern, secure, and fair ticketing infrastructure that puts control back in the hands of organizers and attendees.

Metadata

Metadata

Assignees

No one assigned

    Labels

    epic

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions