IdeaWell

Project ideas from Hacker News discussions.

Tell HN: MitID, Denmark's digital ID, was down

Hacker News Discussion

📝 Discussion Summary (Click to expand)

1. Centralised identity = single‑point‑of‑failure
Many users point out that Denmark’s MitID (and its predecessor NemID) is a single point of failure.

“The system is a single point of failure.” – chr15m
“It is absolutely key to Danish life.” – azalemeth

2. Privacy vs. state trust
The discussion repeatedly frames the digital ID as a “privacy nightmare” that gives the state too much power.

“It is a privacy nightmare.” – azalemeth
“The whole thing is a massive centralised single point of failure.” – azalemeth

3. Reliability and outage impact
Users describe frequent outages and the national‑scale disruption they cause.

“MitID is down quite frequently (now once a month ish, but in the first few years every week or so).” – throwmitid1234
“It was completely down from 10:40 to 12:17 GMT+1.” – mousepad12

4. Usability & security trade‑offs
The conversation highlights the friction of OTP cards, dongles, and mobile‑only logins, and the security gaps they leave.

“The big drawback of one‑time passwords is that it doesn’t protect against man‑in‑the‑middle attacks such as phishing.” – xorcist
“The big drawback of one time passwords is that it doesn’t protect against man‑in‑the‑middle attacks such as phishing.” – xorcist

These four themes capture the core concerns—centralisation, privacy, reliability, and the usability‑security balance—expressed throughout the thread.

🚀 Project Ideas

Decentralized Offline‑Capable Identity Wallet

Summary

  • Enables citizens to authenticate to public and private services without relying on a single central ID provider.
  • Stores cryptographic identity credentials locally and can verify signatures offline, with optional periodic sync for revocation.
  • Core value: resilience against outages, privacy by design, and user‑controlled key management.

Details

Key Value
Target Audience Citizens in countries with centralized e‑ID systems (e.g., Denmark, Sweden, Finland).
Core Feature Self‑contained identity wallet that signs authentication requests locally, syncs revocation lists, and supports multi‑provider fallback.
Tech Stack Rust/WebAssembly for security, IndexedDB for local storage, libp2p for peer‑to‑peer revocation sync, JSON‑Web‑Token (JWT) for assertions.
Difficulty High
Monetization Revenue‑ready: subscription for premium sync & audit logs + open‑source core.

Notes

  • HN users lament outages: “MitID… has been down for over an hour.” A local wallet keeps them online.
  • “I need a way to recover my identity if I lose my phone.” The wallet can export an encrypted backup that can be restored on a new device.
  • Sparks discussion on decentralization vs. state control and the feasibility of a truly offline identity.

Federated Multi‑Provider ID Aggregator

Summary

  • Aggregates multiple national or regional e‑ID providers into a single API, automatically falling back when one provider is unreachable.
  • Provides a unified authentication flow for developers and end‑users, reducing friction during outages.

Details

Key Value
Target Audience Developers building services that rely on e‑ID, enterprises needing high availability.
Core Feature Smart routing layer that queries a health‑check endpoint for each provider and selects the first healthy one.
Tech Stack Go for backend, gRPC, Kubernetes, Prometheus for health checks, OpenID Connect for integration.
Difficulty Medium
Monetization Revenue‑ready: tiered API usage pricing + enterprise support.

Notes

  • “When the central system is down… you still need to log in to bank.” The aggregator keeps services reachable.
  • “I’ve seen the same issue in Finland, Sweden, Denmark.” One API solves cross‑border friction.
  • Encourages discussion on the trade‑off between centralization and redundancy.

Secure Offline Recovery Service for Digital IDs

Summary

  • Provides a tamper‑evident, encrypted backup of a user’s digital ID credentials that can be stored offline (paper, USB, QR).
  • Includes a recovery workflow that can be executed without internet or a smartphone.

Details

Key Value
Target Audience Users of mobile‑only e‑ID solutions (e.g., MitID, BankID).
Core Feature One‑time encrypted backup generation, QR‑encoded recovery key, and a lightweight recovery app that verifies the backup against a public revocation list.
Tech Stack Kotlin/Swift for mobile, Rust for encryption, QR code libraries, secure enclave usage.
Difficulty Medium
Monetization Hobby (open‑source) with optional paid hardware key generator.

Notes

  • “I lost my phone and can’t reset my ID.” The backup lets them regain access.
  • “Digital passports… recovery is hairy.” This tool simplifies the process.
  • Likely to generate practical utility discussions on secure offline storage.

Real‑Time ID Infrastructure Monitoring Dashboard

Summary

  • Public dashboard that aggregates status information from all major national e‑ID providers, showing uptime, latency, and outage alerts.
  • Offers automated fallback recommendations and a community‑driven incident reporting channel.

Details

Key Value
Target Audience Citizens, developers, system operators, journalists.
Core Feature Scrapes provider health endpoints, aggregates into a single UI, sends alerts via email/SMS/Slack.
Tech Stack Node.js, Express, React, Grafana, WebSocket for real‑time updates.
Difficulty Low
Monetization Hobby (open‑source) with optional premium alerting service.

Notes

  • “MitID… has been down for over an hour.” Users can see status instantly.
  • “I want to know when my bank’s ID service is down.” The dashboard provides that visibility.
  • Encourages community engagement and transparency around national digital infrastructure.

Read Later