Self-Sovereign Identity

Self-Sovereign Identity

Decentralized digital identity and verifiable credentials

Alex Preukschat, Drummond Reed

with Christopher Allen, Fabian Vogelsteller,

and 52 other leading identity experts

Foreword by Doc Searls

To comment go to liveBook

Manning

Shelter Island

For more information on this and other Manning titles go to

www.manning.com

Copyright

For online information and ordering of these and other Manning books, please visit www.manning.com. The publisher offers discounts on these books when ordered in quantity.

For more information, please contact

Special Sales Department

Manning Publications Co.

20 Baldwin Road

PO Box 761

Shelter Island, NY 11964

Email: [email protected]

©2021 by Manning Publications Co. All rights reserved.

No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by means electronic, mechanical, photocopying, or otherwise, without prior written permission of the publisher.

Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in the book, and Manning Publications was aware of a trademark claim, the designations have been printed in initial caps or all caps.

♾ Recognizing the importance of preserving what has been written, it is Manning’s policy to have the books we publish printed on acid-free paper, and we exert our best efforts to that end. Recognizing also our responsibility to conserve the resources of our planet, Manning books are printed on paper that is at least 15 percent recycled and processed without the use of elemental chlorine.

ISBN: 9781617296598

dedication

Thanks to my family, who have always been patient with me as I explore new projects and paths, as in writing this book. Thanks to the identity and blockchain community that helped me discover and learn about many aspects of my true self and where the world might be going with decentralized technologies.

—A.P.

To the love of my life, who has been waiting 33 years since we were married—and 22 years since I went down the digital identity rabbit hole—just to see the one simple thing I promised her—getting rid of those &^%$# passwords!

To my two sons: this is a path to a better world that I’ve been beating since you were born. I hope you both are able to trod upon it all of your days—and the days of your children’s children’s children.

—D.R.

contents

foreword

preface

acknowledgments

about this book

about the authors

about the cover illustration

Part 1 An introduction to SSI

1 Why the internet is missing an identity layer—and why SSI can finally provide one

1.1 How bad has the problem become?

1.2 Enter blockchain technology and decentralization

1.3 The three models of digital identity

1.3.1 The centralized identity model

1.3.2 The federated identity model

1.3.3 The decentralized identity model

1.4 Why self-sovereign?

1.5 Why is SSI so important?

1.6 Market drivers for SSI

1.6.1 E-commerce

1.6.2 Banking and finance

1.6.3 Healthcare

1.6.4 Travel

1.7 Major challenges to SSI adoption

1.7.1 Building out the new SSI ecosystem

1.7.2 Decentralized key management

1.7.3 Offline access

References

2 The basic building blocks of SSI

2.1 Verifiable credentials

2.2 Issuers, holders, and verifiers

2.3 Digital wallets

2.4 Digital agents

2.5 Decentralized identifiers (DIDs)

2.6 Blockchains and other verifiable data registries

2.7 Governance frameworks

2.8 Summarizing the building blocks

References

3 Example scenarios showing how SSI works

3.1 A simple notation for SSI scenario diagrams

3.2 Scenario 1: Bob meets Alice at a conference

3.3 Scenario 2: Bob meets Alice through her online blog

3.4 Scenario 3: Bob logs in to Alice’s blog to leave a comment

3.5 Scenario 4: Bob meets Alice through an online dating site

3.6 Scenario 5: Alice applies for a new bank account

3.7 Scenario 6: Alice buys a car

3.8 Scenario 7: Alice sells the car to Bob

3.9 Scenario summary

Reference

4 SSI Scorecard: Major features and benefits of SSI

4.1 Feature/benefit category 1: Bottom line

4.1.1 Fraud reduction

4.1.2 Reduced customer onboarding costs

4.1.3 Improved e-commerce sales

4.1.4 Reduced customer service costs

4.1.5 New credential issuer revenue

4.2 Feature/benefit category 2: Business efficiencies

4.2.1 Auto-authentication

4.2.2 Auto-authorization

4.2.3 Workflow automation

4.2.4 Delegation and guardianship

4.2.5 Payment and value exchange

4.3 Feature/benefit category 3: User experience and convenience

4.3.1 Auto-authentication

4.3.2 Auto-authorization

4.3.3 Workflow automation

4.3.4 Delegation and guardianship

4.3.5 Payment and value exchange

4.4 Feature/benefit category 4: Relationship management

4.4.1 Mutual authentication

4.4.2 Permanent connections

4.4.3 Premium private channels

4.4.4 Reputation management

4.4.5 Loyalty and rewards programs

4.5 Feature/benefit category 5: Regulatory compliance

4.5.1 Data security

4.5.2 Data privacy

4.5.3 Data protection

4.5.4 Data portability

4.5.5 RegTech (Regulation Technology)

References

Part 2 SSI technology

5 SSI architecture: The big picture

5.1 The SSI stack

5.2 Layer 1: Identifiers and public keys

5.2.1 Blockchains as DID registries

5.2.2 Adapting general-purpose public blockchains for SSI

5.2.3 Special-purpose blockchains designed for SSI

5.2.4 Conventional databases as DID registries

5.2.5 Peer-to-peer protocols as DID registries

5.3 Layer 2: Secure communication and interfaces

5.3.1 Protocol design options

5.3.2 Web-based protocol design using TLS

5.3.3 Message-based protocol design using DIDComm

5.3.4 Interface design options

5.3.5 API-oriented interface design using wallet Dapps

5.3.6 Data-oriented interface design using identity hubs (encrypted data vaults)

5.3.7 Message-oriented interface design using agents

5.4 Layer 3: Credentials

5.4.1 JSON Web Token (JWT) format

5.4.2 Blockcerts format

5.4.3 W3C verifiable credential formats

5.4.4 Credential exchange protocols

5.5 Layer 4: Governance frameworks

5.6 Potential for convergence

References

6 Basic cryptography techniques for SSI

6.1 Hash functions

6.1.1 Types of hash functions

6.1.2 Using hash functions in SSI

6.2 Encryption

6.2.1 Symmetric-key cryptography

6.2.2 Asymmetric-key cryptography

6.3 Digital signatures

6.4 Verifiable data structures

6.4.1 Cryptographic accumulators

6.4.2 Merkle trees

6.4.3 Patricia tries

6.4.4 Merkle-Patricia trie: A hybrid approach

6.5 Proofs

6.5.1 Zero-knowledge proofs

6.5.2 ZKP applications for SSI

6.5.3 A final note about proofs and veracity

References

7 Verifiable credentials

7.1 Example uses of VCs

7.1.1 Opening a bank account

7.1.2 Receiving a free local access pass

7.1.3 Using an electronic prescription

7.2 The VC ecosystem

7.3 The VC trust model

7.3.1 Federated identity management vs. VCs

7.3.2 Specific trust relationships in the VC trust model

7.3.3 Bottom-up trust

7.4 W3C and the VC standardization process

7.5 Syntactic representations

7.5.1 JSON

7.5.2 Beyond JSON: Adding standardized properties

7.5.3 JSON-LD

7.5.4 JWT

7.6 Basic VC properties

7.7 Verifiable presentations

7.8 More advanced VC properties

7.8.1 Refresh service

7.8.2 Disputes

7.8.3 Terms of use

7.8.4 Evidence

7.8.5 When the holder is not the subject

7.9 Extensibility and schemas

7.10 Zero-knowledge proofs

7.11 Protocols and deployments

7.12 Security and privacy evaluation

7.13 Hurdles to adoption

References

8 Decentralized identifiers

8.1 The conceptual level: What is a DID?

8.1.1 URIs

8.1.2 URLs

8.1.3 URNs

8.1.4 DIDs

8.2 The functional level: How DIDs work

8.2.1 DID documents

8.2.2 DID methods

8.2.3 DID resolution

8.2.4 DID URLs

8.2.5 Comparison with the Domain Name System (DNS)

8.2.6 Comparison with URNs and other persistent Identifiers

8.2.7 Types of DIDs

8.3 The architectural level: Why DIDs work

8.3.1 The core problem of Public Key Infrastructure (PKI)

8.3.2 Solution 1: The conventional PKI model

8.3.3 Solution 2: The web-of-trust model

8.3.4 Solution 3: Public key-based identifiers

8.3.5 Solution 4: DIDs and DID documents

8.4 Four benefits of DIDs that go beyond PKI

8.4.1 Beyond PKI benefit 1: Guardianship and controllership

8.4.2 Beyond PKI benefit 2: Service endpoint discovery

8.4.3 Beyond PKI benefit 3: DID-to-DID connections

8.4.4 Beyond PKI benefit 4: Privacy by design at scale

8.5 The semantic level: What DIDs mean

8.5.1 The meaning of an address

8.5.2 DID networks and digital trust ecosystems

8.5.3 Why isn’t a DID human-meaningful?

8.5.4 What does a DID identify?

9 Digital wallets and digital agents

9.1 What is a digital wallet, and what does it typically contain?

9.2 What is a digital agent, and how does it typically work with a digital wallet?

9.3 An example scenario

9.4 Design principles for SSI digital wallets and agents

9.4.1 Portable and Open-By-Default

9.4.2 Consent-driven

9.4.3 Privacy by design

9.4.4 Security by design

9.5 Basic anatomy of an SSI digital wallet and agent

9.6 Standard features of end-user digital wallets and agents

9.6.1 Notifications and user experience

9.6.2 Connecting: Establishing new digital trust relationships

9.6.3 Receiving, offering, and presenting digital credentials

9.6.4 Revoking and expiring digital credentials

9.6.5 Authenticating: Logging you in

9.6.6 Applying digital signatures

9.7 Backup and recovery

9.7.1 Automatic encrypted backup

9.7.2 Offline recovery

9.7.3 Social recovery

9.7.4 Multi-device recovery

9.8 Advanced features of wallets and agents

9.8.1 Multiple-device support and wallet synchronization

9.8.2 Offline operations

9.8.3 Verifying the verifier

9.8.4 Compliance and monitoring

9.8.5 Secure data storage (vault) support

9.8.6 Schemas and overlays

9.8.7 Emergencies

9.8.8 Insurance

9.9 Enterprise wallets

9.9.1 Delegation (rights, roles, permissions)

9.9.2 Scale

9.9.3 Specialized wallets and agents

9.9.4 Credential revocation

9.9.5 Special security considerations

9.10 Guardianship and delegation

9.10.1 Guardian wallets

9.10.2 Guardian delegates and guardian credentials

9.11 Certification and accreditation

9.12 The Wallet Wars: The evolving digital wallet/agent marketplace

9.12.1 Who

9.12.2 What

9.12.3 How

Reference

10 Decentralized key management

10.1 Why any form of digital key management is hard

10.2 Standards and best practices for conventional key management

10.3 The starting point for key management architecture: Roots of trust

10.4 The special challenges of decentralized key management

10.5 The new tools that VCs, DIDs, and SSI bring to decentralized key management

10.5.1 Separating identity verification from public key verification

10.5.2 Using VCs for proof of identity

10.5.3 Automatic key rotation

10.5.4 Automatic encrypted backup with both offline and social recovery methods

10.5.5 Digital guardianship

10.6 Key management with ledger-based DID methods (algorithmic roots of trust)

10.7 Key management with peer-based DID methods (self-certifying roots of trust)

10.8 Fully autonomous decentralized key management with Key Event Receipt Infrastructure (KERI)

10.8.1 Self-certifying identifiers as a root of trust

10.8.2 Self-certifying key event logs

10.8.3 Witnesses for key event logs

10.8.4 Pre-rotation as simple, safe, scalable protection against key compromise

10.8.5 System-independent validation (ambient verifiability)

10.8.6 Delegated self-certifying identifiers for enterprise-class key management

10.8.7 Compatibility with the GDPR right to be forgotten

10.8.8 KERI standardization and the KERI DID method

10.8.9 A trust-spanning layer for the internet

10.9 Key takeaways

References

11 SSI governance frameworks

11.1 Governance frameworks and trust frameworks: Some background

11.2 The governance trust triangle

11.3 The Trust over IP governance stack

11.3.1 Layer 1: Utility governance frameworks

11.3.2 Layer 2: Provider governance frameworks

11.3.3 Layer 3: Credential governance frameworks

11.3.4 Layer 4: Ecosystem governance frameworks

11.4 The role of the governance authority

11.5 What specific problems can governance frameworks solve?

11.5.1 Discovery of authoritative issuers and verified members

11.5.2 Anti-coercion

11.5.3 Certification, accreditation, and trust assurance

11.5.4 Levels of assurance (LOAs)

11.5.5 Business rules

11.5.6 Liability and insurance

11.6 What are the typical elements of a governance framework?

11.6.1 Master document

11.6.2 Glossary

11.6.3 Risk assessment, trust assurance, and certification

11.6.4 Governance rules

11.6.5 Business rules

11.6.6 Technical rules

11.6.7 Information trust rules

11.6.8 Inclusion, equitability, and accessibility rules

11.6.9 Legal agreements

11.7 Digital guardianship

11.8 Legal enforcement

11.9 Examples

References

Part 3 Decentralization as a model for life

12 How open source software helps you control your self-sovereign identity

12.1 The origin of free software

12.2 Wooing businesses with open source

12.3 How open source works in practice

12.4 Open source and digital identities

References

13 Cypherpunks: The origin of decentralization

13.1 The origins of modern cryptography

13.2 The birth of the cypherpunk movement

13.3 Digital freedom, digital cash, and decentralization

13.4 From cryptography to cryptocurrency to credentials

References

14 Decentralized identity for a peaceful society

14.1 Technology and society

14.2 A global civil society

14.3 Identity as a source of conflict

14.4 Identity as a source of peace

References

15 Belief systems as drivers for technology choices in decentralization

15.1 What is a belief system?

15.2 Blockchain and DLT as belief systems

15.2.1 Blockchain believers

15.2.2 DLT believers

15.3 How are blockchains and DLTs relevant to SSI?

15.4 Characterizing differences between blockchain and DLT

15.4.1 Governance: How open is the network to open participation?

15.4.2 Censorship resistance: How centralized is trust?

15.4.3 Openness: Who can run a node?

15.5 Why believers and not proponents or partisans?

15.5.1 How do we measure decentralization?

15.6 Technical advantages of decentralization

References

16 The origins of the SSI community

16.1 The birth of the internet

16.2 Losing control over our personal information

16.3 Pretty Good Privacy

16.4 International Planetwork Conference

16.5 Augmented Social Network and Identity Commons

16.6 The Laws of Identity

16.7 Internet Identity Workshop

16.8 Increasing support of user control

16.9 Rebooting the Web of Trust

16.10 Agenda for Sustainable Development and ID2020

16.11 Early state interest

16.12 MyData and Learning Machine

16.13 Verifiable Claims Working Group, Decentralized Identity Foundation, and Hyperledger Indy

16.14 Increasing state support for SSI

16.15 Ethereum identity

16.16 World Economic Forum reports

16.17 First production government demo of an SSI-supporting ledger

16.18 SSI Meetup

16.19 Official W3C standards

16.20 Only the beginning

References

17 Identity is money

17.1 Going back to the starting point

17.2 Identity as the source of relationships and value

17.3 The properties of money

17.4 The three functions of money

17.5 The tokenization of value with identity

17.6 References

Part 4 How SSI will change your business

18 Explaining the value of SSI to business

18.1 How might we best explain SSI to people and organizations?

18.1.1 Failed experiment 1: Leading with the technology

18.1.2 Failed experiment 2: Leading with the philosophy

18.1.3 Failed experiment 3: Explaining by demonstrating the tech

18.1.4 Failed experiment 4: Explaining the (world’s) problems

18.2 Learning from other domains

18.3 So how should we best explain the value of SSI?

18.4 The power of stories

18.5 Jackie’s SSI story

18.5.1 Part 1: The current physical world

18.5.2 Part 2: The SSI world—like the current physical world, but better

18.5.3 Part 3: Introducing the Sparkly Ball—or, what’s wrong with many current digital identity models

18.6 SSI Scorecard for apartment leasing

Reference

19 The Internet of Things opportunity

19.1 IoT: Connecting everything safely

19.2 How does SSI help IoT?

19.3 The business perspective for SSI and IoT

19.4 An SSI-based IoT architecture

19.5 Tragic story: Bob’s car hacked

19.6 The Austrian Power Grid

19.7 SSI Scorecard for IoT

References

20 Animal care and guardianship just became crystal clear

20.1 Enter Mei and Bailey

20.1.1 Bailey gets a self-sovereign identity

20.1.2 Guardianship transfer

20.1.3 Vacation for Mei and Bailey

20.1.4 A storm and separation

20.1.5 Lost and found at your fingertips

20.2 Digital identity unlocks opportunities for the well-being of animals and people

20.3 SSI for animals reaffirms their inherent worth

20.4 SSI Scorecard for pets and other animals

21 Open democracy, voting, and SSI

21.1 The problems with postal voting

21.2 The problems with e-voting

21.3 Estonia: A case study

21.4 The three pillars of voting

21.4.1 A state’s bill of needs

21.4.2 A voter’s bill of rights

21.5 The advantages of SSI

21.5.1 SSI Scorecard for voting

References

22 Healthcare supply chain powered by SSI

22.1 Emma’s story

22.2 Supply chain transparency and efficiency through SSI

22.3 Industry ecosystem efficiency powered by SSI

22.4 Future supply chain transformation across industries: The big picture

22.5 Eliminating waste

22.6 Authentication and quality

22.7 SSI Scorecard for the pharma supply chain

References

23 Canada: Enabling self-sovereign identity

23.1 The Canadian context

23.2 The Canadian approach and policy framework

23.3 The Pan-Canadian Trust Framework

23.4 The normative core

23.5 Mutual recognition

23.6 Digital ecosystem roles

23.7 Supporting infrastructure

23.8 Mapping the SSI stack to the PCTF model

23.9 Using the Verifiable Credentials Model

23.10 Enabling Self-Sovereign Identity

23.11 SSI Scorecard for the Pan-Canadian Trust Framework

24 From eIDAS to SSI in the European Union

24.1 PKI: The first regulated identity service facility in the EU

24.2 The EU legal framework

24.3 The EU identity federation

24.3.1 The legal concept of electronic identification (eID)

24.3.2 The scope of the eIDAS FIM Regulation and its relationship with national law

24.4 Summarizing the value of eIDAS for SSI adoption

24.5 Scenarios for the adoption of SSI in the EU identity metasystem

24.6 SSI Scorecard for the EBSI

References

A Appendix A Additional Livebook chapters

B Appendix B Landmark essays on SSI

C Appendix C The path to self-sovereign identity

D Appendix D Identity in the Ethereum blockchain ecosystem

E Appendix E The principles of SSI

contributing authors

index

front matter

Self-Sovereign Identity offers a new perspective on one of the most important challenges of society and computing: safely managing our digital identities. As early adopters and leaders in this area, Drummond Reed and Alex Preukschat are uniquely able to introduce the technology and potential of SSI. In this book, you’ll enjoy not just their insights, but also the experiences of many other leading practitioners.

Most of what we call identity isn’t. It’s identifiers. It’s how some organization identifies you: as a citizen, a driver, a member, a student. Those organizations may issue you an ID in the form of a passport, license, or membership card, but that isn’t your identity. It’s their identifier. Your identity—how you are known to yourself and to others—is something else: something much more personal and under your control as a self-sovereign human being.

Self-sovereign identity (SSI) gives you control over what others need to verify about you, on a need-to-know basis. Simply put, it replaces identifiers with verifiable credentials. And, in the process, it greatly simplifies and speeds up the way identity works in the digital world for both individuals and organizations.

It’s early in the evolution of SSI; but not so early that we can’t get answers to the questions of how it’s going to work and where it’s going. Both of those questions are of massive importance and why this book is essential at this juncture in the history of digital technology. Reading and learning what’s being shared here might be the most leveraged thing you do this decade.

But before you start, it should help to visit how identity already works in the natural world where we live and breathe. True, it can get complicated, but it’s not broken. For example, if an Inuit family from Qikiqtaaluk wants to name their kid Anuun or Issorartuyok, they do, and the world copes. If the same kid later wants to call himself Steve, he does. Again, the world copes. So does Steve.

Much of that coping is done by Steve not identifying himself unless he needs to and then not revealing more than what’s required. In most cases, Steve isn’t accessing a service but merely engaging with other people, in ways so casual that no harm comes if the other person forgets Steve’s name or how he introduced himself. In fact, most of what happens in the social realms of the natural world is free of identifiers and free of recollection.

How we create and cope with identity in the natural world has lately come to be called self-sovereign, at least among digital identity obsessives such as myself. And there are a lot of us now. (Search for self+sovereign+identity and see how many results you get.)

Self-sovereign identity starts by recognizing that the kind of naming we get from our parents, tribes, and selves is at the root level of how identity works in the natural world—and that this is where we need to start in the digital world, as well. In the simplest possible terms, we need to be in control of it.

Our main problem with identity in the digital world is that we started with no personal control at all. Everything we did with identity began with organizations’ need to put names in databases. This served the administrative convenience of those organizations—and our convenience only to the degree that we are known separately to all the organizations that know us.

If we want to make SSI work on the internet, we have to respect the deeply human need for self-determination. That means we need to provide individuals with new ways to obey Kim Cameron’s seven laws of identity (explained in chapter 1), most notably individual control and consent, minimum disclosure for a constrained use, and justifiable parties.

Put as simply as possible, we need to give administrative systems no more personal information than they require. We call that information verifiable credentials. Note that these are still not identities. They are nothing more or less than what the other party needs to know.

This book explains how all this works. The authors of those explanations are pioneers and explorers working to make new systems while helping old ones adapt. The main point you need to keep in mind as you read the book is this: it’s personal.

Self-sovereign identity isn’t about administrative systems. It’s about you and me and how we selectively disclose personal information to others on a need-to-know basis, and being able to do that at scale. Getting to scale requires lots of help and alignment from the world’s incumbent identity systems. But those systems by themselves are not self-sovereign. You and I are. That’s the key. And it’s the only one that will open the true future of digital identity.

—Doc Searls

preface

On February 4, 2021, the following graphic appeared in the New York Times, under the headline Pack your ‘Vaccine Passport’:

The article, written by travel reporter Tariro Mzezewa, starts by explaining this new concept:

A vaccination pass or passport is documentation proving that you have been vaccinated against Covid-19. Some versions will also allow people to show that they have tested negative for the virus, and therefore can more easily travel. The versions being worked on now by airlines, industry groups, nonprofits and technology companies will be something you can pull up on your mobile phone as an app or part of your digital wallet.

Illustration by Lloyd Miller

The technology described in that paragraph—more formally known as verifiable credentials—is precisely the subject of this book. As the article goes on to explain, the worldwide rollout of COVID-19 vaccinations has triggered an avalanche of demand for verifiable digital credentials that will enable individuals to easily, safely, and privately prove they have received a COVID-19 test result or vaccination.

One of the most visible of these initiatives is the World Health Organization (WHO) Smart Vaccination Certificate Working Group (https://www.who.int/groups/smart-vaccination-certificate-working-group). When co-author Drummond Reed was invited in January 2021 to participate in this working group, he was asked if he knew of written materials the working group could read to quickly come up to speed on the open standards, open source code, governance frameworks, and real-world deployments of verifiable credentials.

Given that this book—a product of two years of work by over 45 contributing authors—was just entering the final stages of production, Drummond recommended several of the most relevant chapters. Manning obliged by providing WHO with a digital version of the requested chapters within 24 hours so they could be ready for the first meeting of the working group held February 3-5, 2021.

This anecdote illustrates the extraordinary way in which the COVID-19 pandemic is catapulting verifiable credentials and self-sovereign identity (SSI) technology into the internet mainstream. Just as pharmaceutical manufacturers were called upon to compress the normal four- to five-year vaccination development process into a matter of months, verifiable credential developers and integrators are being asked to compress a typical four- to five-year technology adoption cycle into a matter of months.

It is entirely possible that by the time you read this book, you will have received a jab and at the same time—or shortly thereafter—downloaded a digital wallet app, scanned a QR code, and received a verifiable digital credential that you can use to prove the precise vaccination you received.

In short, you will already be using SSI. And so will millions of other people around the world, to help reopen global travel and our economies.

We hope this is just the tip of the iceberg for what SSI can do—for all of us. And that will be just the very beginning of the SSI story.

Of course, we could not have anticipated this when we began work on this book over two years ago. But neither was it a cosmic coincidence. Rather, it was an outcome of the mutual trajectories of our careers. Here is a little about our own stories.

Alex Preukschat

In 2014, driven by my interest in cryptocurrencies, I published the world’s first graphic novel about Bitcoin, called Bitcoin: The Hunt for Satoshi Nakamoto. Over the next several years, it was published in English, Spanish, Russian, Korean, and Brazilian Portuguese. Then, in 2017, I published Blockchain: The Industrial Revolution of the Internet (Spanish title: Blockchain: la revolución industrial de internet) (Gestión, 2017). This became the reference book about blockchain in the Spanish-speaking world. Shortly after that, inspired by David Birch’s book Identity Is the New Money (London Publishing Partnership, 2014), I was motivated to begin working in the decentralized digital identity space. I connected with one of the leading companies in that space, where I had the opportunity to begin collaborating with identity evangelist Drummond Reed and cryptographic SSI pioneer Jason Law.

Realizing the enormous potential of this new space being called self-sovereign identity or SSI, I founded SSIMeetup.org with Drummond’s and Jason’s support. It was an open community-based platform to share knowledge about SSI with the world. Everything on SSIMeetup is available via a Creative Commons Share-Alike (CC BY SA) license that allows free usage with attribution. I began doing webinars with leaders in the SSI space.

With each webinar I did, and the resulting discussion on social media, I realized the growing role that decentralized digital identity was going to play in the world. It unified everything I had been doing since 2006—understanding money, learning about blockchain, and discovering the power of a new type of digital identity.

That’s when I had the inspiration to invite Drummond to join forces to create what we hoped would become the reference book about SSI—one that would explain this fascinating topic not just to developers, but to business people, policymakers, university students, and myriad others who could start to put SSI to work in their everyday lives.

Decentralized digital identity encompasses much more than the word identity means by itself. Decentralized digital identity is at the crossroads of the free software / open source world, peer-to-peer technologies, cryptography, and game theory. In the same way that Bitcoin taught us that these disciplines could be recombined to create something new, decentralized digital identity recombines them into something so unique and powerful that some are calling it the Internet for identity.

While Bitcoin touches on one of the pillars of society—money—identity is even more fundamental. Human lives are too short to fully recognize and appreciate the cycles and changes of mankind, but exponential technologies like blockchain, artificial intelligence, biotech, and many others have accelerated the pace of change much faster than ever before in history. And while we crave change because of the opportunities it provides, we also fear it because of what we might lose in life as we know it.

SSI is one of the expressions of how the world as we know it may be completely reshaped. The outcome of that reshaped world is very hard to predict. It could fulfill the most beautiful of utopian dreams for a better and more balanced society. It could also become a dystopian nightmare.

Of course, the former is my hope for SSI. However, I’m not sure exactly how we will get there and which technologies will create the future identity stack. What I do know is that it is crucial for as many of us as possible to be involved and understand the opportunities to create that world together. So I have poured my heart and soul into bringing together some of the finest identity evangelists, thinkers, pioneers, and business people I could find, to share their visions of this future.

Each of them speaks in their own voice and shares their own vision—and they are by no means all the same. Much of what you will learn from this book is the different paths and tools they advocate for building that vision. But they share the belief that SSI can become a game-changing tool in your life—personally, professionally, economically, even politically. In short, if you take this path and one day look back at it, I think you’ll be glad you did.

Drummond Reed

Alex is one persuasive dude. Ever since this technology—nay,—movement that we now call SSI started to really take hold in 2018, I have been busier than at any time in my life. And here Alex was asking me to help him put together an entire book on this subject—when I couldn’t even find the time to write the papers and blog posts about SSI that were part of my day job at Evernym (and my night job at that time as a trustee of the Sovrin Foundation).

Was he crazy? On the other hand, the webinars I had started giving on his SSIMeetup.org site were proving to be surprisingly popular, and Alex made a compelling case that someone needed to pull together a complete book about SSI to support its growth and transition into the internet mainstream. What finally convinced me was his argument that I would only need to contribute a few chapters about the areas I was most deeply involved with; for the rest of the book, we would curate contributions from other experts across the growing SSI industry and other industries adopting SSI.

We were about a year into that effort—with much of our own content written and many chapters from contributing authors already received—when the COVID-19 pandemic hit. Suddenly our worlds (and everyone else’s) were turned upside down. We halted work on the book and, for a time, were not even sure if we would be able to continue. Then, after a few months, we realized that not only was SSI continuing to move ahead in the market, but also the need for verifiable digital credentials as a new tool for dealing with proof of COVID-19 testing—and soon vaccinations—might lead to even greater demand for SSI-based solutions.

Even so, when we restarted work on the book in the late summer of 2020, we had no idea of the tsunami of demand for SSI that was about to be unleashed by the COVID-19 earthquake. Once the arrival of the first vaccinations became imminent in late 2020, the market demand for an easy, fast, hard-to-forge solution for individuals to be able to prove their health status went through the roof. Within weeks, multiple initiatives to issue digital vaccination credentials were announced, including the World Health Organization (WHO) Smart Vaccination Certificate, IATA Travel Pass, Vaccination Credentials Initiative, AOK Pass, and Good Health Pass Collaborative.

Suddenly it was clear to everyone that SSI was about to go mainstream—and that by the end of 2021, verifiable digital credentials would be in the digital wallets of tens of millions of people around the world, being used multiple times every day for travel, work, sports, and other situations where proof of health status was needed for public safety.

Of course, I am heartbroken that a global public health crisis was what catapulted SSI into the limelight. But if SSI can play a part in helping us deal with the tremendous human and economic pain caused by this once-a-century pandemic, then I want to do anything I can to help. And if publishing this book can assist governments, public health authorities, healthcare providers, companies, universities, cities, and other communities around the world in understanding and implementing SSI more quickly, then I am all the more thankful that Alex persuaded me to help write it.

acknowledgments

From the very outset, we envisioned this book as a collaborative effort among many experts in the emerging SSI industry. So we want to begin by thanking each and every one of these contributing authors—this book would have been impossible without them.

A special thanks to several of these authors who did double duty by either contributing to multiple chapters or helping us review and edit multiple chapters. These include some of the best technology writers we know: Daniel Hardman, Markus Sabadello, and Shannon Appelcline.

When Oscar Lage was introduced to Mike Stevens of Manning Publications, that meeting sparked the first conversations in 2018 that kicked off this book. A special thanks to Oscar for that introduction and for co-authoring chapter 19 about the Internet of Things (IoT).

At Manning, we’d like to thank our development editor Toni Arritola for her perseverance as first our workloads and then the pandemic (and then both) stretched the limits of everyone’s patience. Her wise words about taking one step at a time paid off in the long run as she promised. Thank you also to our copy editor, Tiffany Taylor, for moving swiftly and surely through a book that was very complicated to edit. And our thanks to Mike Stevens and the rest of the editorial team at Manning for pushing through the extra hardships of the pandemic to get this book to publication.

To all the reviewers: Michele Adduci, Sambasiva Andaluri, Davide Cadamuro, Joe Justesen, Justin Coulston, Konstantin Eremin, Chris Giblin, Milorad Imbra, Michael Jensen, Aidan McCarty, Steven H. McCown, Sanket Naik, Zhu Vlad Navitski, Julien Pohie, Simone Sguazza, Stephen John Warnett, Brian van den Broek, Hilde Van Gysel, Sumit Pal Vincent, Chris Viner, Aleksander Wielgorski, Maura Wilder, and Sander Zegveld, your suggestions helped make this a better book.

We also want to thank our compatriots at Evernym, with whom we have been collectively forging SSI since 2016, especially co-founders Timothy Ruff and Jason Law and the outstanding executive team, board, employees, contractors, and investors. A special mention to Misty Bledsoe, who helped in the early drafting stages of the book.

Thank you also to all the board members, staff, and volunteers of the Sovrin Foundation who helped build the first global public utility for SSI and made it real for the world.

Finally, a shout-out to the co-authors of the Hyperledger Aries RFC that laid the groundwork for the ToIP Foundation: John Jordan, Dan Gisolfi, Darrell O’Donnell, Daniel Hardman, and Matthew Davie.

Drummond Reed

I would never have been in a position to write this book without partners and investors who believed in the vision of decentralized data sharing and digital trust infrastructure. This started with my Pattern Language consulting partner, Nick Duckstein, and my Intermind co-founder, Peter Heymann, together with anchor investors Barry Forman and Bill Bauce. It continued with Cordance board chair John Jordan, CEO Vince Calouri, and CFO Lon Weise. And a very special thanks to the executive team at Respect Network—Steve Havas, Les Chasen, and Gary Zimmerman—board chair Gary Rowe, and board members Barry Forman, John Kelly, and Bill Donnelly. I am deeply indebted to all the investors, led by Bill Donnelly and Mike and Trish Peters, whose belief in the Respect Network vision carried us through to the acquisition by Evernym.

I am also very thankful for the unending contributions of the three founders of the Internet Identity Workshop: Kaliya Identity Woman Young, Phil Windley, and Doc Searls. You are the moral center of the SSI movement and have kept it on the right path for 15 years. I am also grateful to Joyce Searls for being the ever-steady hand guiding the SSI community with her practical wisdom and effortless clarity every step of the way.

Finally, I want to thank every last member of the global SSI community, so wonderfully described in chapter 16 by Kaliya and Infominer. You have built everything we describe in this book. It is your passion and lifeforce that will make it so. Keep going!

about this book

Welcome to Self-Sovereign Identity! Our goal in this book is to first introduce you to the basic concept of self-sovereign identity (SSI) and give you a solid understanding of why we’ve reached a watershed in the evolution of internet identity. The rest of the book is designed to help you deepen and broaden that understanding.

We do that not just through our voices, but also through the voices of leading SSI experts from around the world. They share their perspectives on various aspects of SSI: the technology, the business and legal implications, the social impact, and even the philosophy.

We bring you specific examples of how SSI might be used to solve real market problems so you can see how it might be applied in your work, family, company, school, industry, city, or country. We also hope this book will open the discussion for other stakeholders and perspectives from society.

Who should read this book

Our philosophy in composing this book is that successful developers, product managers, and business leaders will benefit from a holistic overview of a foundational new technology in order to see the bigger picture, understand the cross-disciplinary currents, and assimilate upcoming major market shifts into their work. SSI is one of those cases that demands a mix of visions and skill sets to shape it into the future we want for the world.

The target audience of this book is quite varied. We expect all these people to be interested in different parts of the book:

Architects and developers

Product managers

User experience (UX) designers

Business and government leaders

Legal professionals

Privacy, decentralization and blockchain enthusiasts

For this reason, we have structured the book in four major parts:

Part 1 provides an overall introduction to SSI—where it came from, how it works, and its major features and benefits. This should be applicable to all audiences interested in SSI.

Part 2 is specifically designed for technical professionals who want a deeper understanding of the major components and design patterns of SSI architecture without having to go quite all the way down to the code level.

Part 3 goes in the other direction: it focuses on the cultural and philosophical origin story of SSI and what this means about its ultimate impact on the internet and society. This part is especially relevant for readers interested in privacy and those who want to understand the origins of the SSI and decentralization movements.

Part 4 explores what SSI means for business and government through industry experts who convey how it applies to their specific market vertical. This part is especially relevant for architects and product managers who need to convey to their business leaders why SSI matters to their business units—be it opportunity, threat, or disruption.

Chapter 1 introduces the basic concept of SSI and explains how and why it represents the third era of digital identity for the internet. The three remaining chapters in part 1 are as follows:

Chapter 2 —Introduces digital credentials, wallets, agents, decentralized identifiers, blockchains, and governance frameworks

Chapter 3 —Presents seven examples of how the building blocks can be put together to solve hard problems of digital trust

Chapter 4 —Discusses 5 categories summarizing the 25 key benefits of SSI infrastructure

We recommend reading these chapters sequentially as they apply to anyone interested in SSI, regardless of whether your focus is technical, product, business, or policy.

In part 2, we dive deeper into SSI technology for those readers who want to seriously understand how it works. While these chapters do not go quite all the way down to the code level (with the exception of some code examples in chapters 7 and 8), they cover all major aspects of SSI architecture and should provide a solid technical introduction for architects, developers, system administrators, and anyone who wants to understand the SSI stack. The topics are as follows:

Chapter 5 —SSI architecture—the big picture

Chapter 6 —Basic cryptography for SSI

Chapter 7 —Verifiable credentials

Chapter 8 —DIDs (decentralized identifiers)

Chapter 9 —Digital wallets and digital agents

Chapter 10 —Decentralized key management

Chapter 11 —SSI governance frameworks

In part 3, we broaden the focus to look at SSI as a movement that crosses traditional industry boundaries and encompasses larger technological, legal, social, or political infrastructure. We explore how the decentralization technologies powering SSI are rooted in even larger shifts of philosophy, society, and culture. We discuss the various points of view—historical, political, sociological—on what is and is not considered SSI and why. We hope this part is relevant for all readers, but if your focus is primarily on SSI technology or business solutions you can choose to skip it. Here are the topics:

Chapter 12 —Controlling your identity with open source

Chapter 13 —Cypherpunks: the origin of decentralization

Chapter 14 —Identity for a peaceful society

Chapter 15 —Centralization vs decentralization believers

Chapter 16 —The evolution of the SSI community

Chapter 17 —Identity is money

In part 4, we look at how SSI will impact different categories of business, industry, and government—with chapters written by individual experts in each of these verticals. Most chapters end with a SSI Scorecard summary (defined in Chapter 4) assessing the impact of SSI on that particular vertical market:

Chapter 18 —Explaining SSI value to business

Chapter 19—The Internet of Things Opportunity

Chapter 20 —Animal care and guardianship just became crystal clear

Chapter 21 —Open democracy and e-voting

Chapter 22 —Supply-chain management powered by SSI in Pharma

Chapter 23 —Canada: Enabling Self-Sovereign Identity

Chapter 24 —From eIDAS to SSI in the European Union

Finally, we have a set of appendices that provide additional tools and perspectives to help you further explore SSI:

Appendix A —A roster of 11 additional chapters that appear in the liveBook edition of this book to continue the exploration we begin in part 4 of vertical market applications of SSI as explained by experts in each market.

Appendix B —A list of famous essays about SSI, published on the web, that go deep into special topics on SSI and decentralized digital trust infrastructure.

Appendix C —The Path to Self-Sovereign Identity, by Christopher Allen. This is the original landmark essay about SSI written by the co-author of the SSL protocol that finally standardized encryption on the web.

Appendix D —Identity in the Ethereum Blockchain Ecosystem, by Fabian Vogelsteller and Oliver Terbu. This is another landmark essay about SSI from one of the best-known developers in the Ethereum ecosystem together and the identity product lead at ConsenSys.

Appendix E —The Principles of SSI. We conclude the book with a listing of the 12 foundational principles of SSI developed by a global community project hosted by the Sovrin Foundation and published in 15 languages in December 2020.

About the code

The technical chapters of this book are mainly in part 2. Because of the wide-ranging architectural and design choices possible for SSI, the book in general does not go down to the code level. The exception is examples of verifiable credentials in JSON and JSON-LD in chapter 7 and DIDs and DID documents in chapter 8. However we also include numerous references to the major open source projects working on SSI components around the world, most of which are highly accessible.

liveBook discussion forum

Purchase of Self-Sovereign Identity includes free access to a private web forum run by Manning Publications where you can make comments about the book, ask technical questions, and receive help from the author and from other users. To access the forum, go to https://livebook.manning.com/#!/book/self-sovereign-identity/discussion. You can also learn more about Manning’s forums and the rules of conduct at https://live book.manning.com/#!/discussion.

Manning’s commitment to our readers is to provide a venue where a meaningful dialogue between individual readers and between readers and the authors can take place. It is not a commitment to any specific amount of participation on the part of the authors, whose contribution to the forum remains voluntary (and unpaid). We suggest you try asking the authors some challenging questions lest their interest stray! The forum and the archives of previous discussions will be accessible from the publisher’s website as long as the book is in print.

Other online resources

All chapters have references that can be relevant for further reading. We especially recommend the references in chapter 16, which covers the evolution of the internet identity and SSI communities.

Throughout the book, we have included references to SSIMeetup.org webinars whenever there is a webinar with more information about the corresponding chapter. You can also sign up for more updates related to the book at IdentityBook.info.

We especially recommend following these communities to stay current in the SSI space:

W3C Verifiable Credentials Working Group, https://www.w3.org/groups/ wg/vc

W3C Decentralized Identifier (DID) Working Group, https://www.w3.org/ 2019/09/did-wg-charter.html

W3C Credentials Community Group, https://www.w3.org/community/creden tials

Decentralized Identity Foundation, https://identity.foundation

Sovrin Foundation, https://sovrin.org

Trust over IP (ToIP) Foundation, https://trustoverip.org

COVID-19 Credential Initiative, https://www.covidcreds.org

about the authors

about the cover illustration

The figure on the cover of Self-Sovereign Identity is captioned Marguerite of France. The illustration by Rigaud D’Aurellie is taken from a collection of works entitled Costumes Historiques de la France, published by the French Administration of Libraries in 1852. The collection includes fine drawings of historical costumes, monuments, statues, tombs, seals, coins, and more. Each illustration is finely drawn and colored by hand and the rich variety of drawings in the collection reminds us vividly of how culturally apart the world’s regions, towns, villages, and neighborhoods were just over a century-and-a-half ago. Isolated from each other, people spoke different dialects and languages. In the streets or in the countryside, it was easy to identify where they lived and what their trade or station in life was just by their dress.

Dress codes have changed since then and the diversity by region, so rich at the time, has faded away. It is now hard to tell apart the inhabitants of different continents, let alone different towns or regions. Perhaps we have traded cultural diversity for a more varied personal life—certainly for a more varied and fast-paced technological life.

At a time when it is hard to tell one computer book from another, Manning celebrates the inventiveness and initiative of the computer business with book covers based on the rich diversity of regional life of two centuries ago, brought back to life by pictures from collections such as this one.

Part 1 An introduction to SSI

Although it started in 2015, self-sovereign identity (SSI) as a technology, industry, and movement is still very young. Many people working directly in the digital identity industry are likely to be familiar with it, but to those working in other industries—especially outside of tech—it may be a brand-new concept.

Part 1 gives you everything you need to know to become conversant in SSI, no matter where you are coming from. It is organized into four chapters:

Chapter 1 begins with the fundamental reasons we need digital identity and why the first two generations of solutions (centralized identity and federated identity) have not solved the problem. It explains the origins of SSI as a new internet identity model based on blockchain, cloud, and mobile computing technology and paints a picture of the impact SSI is already having in e-commerce, finance, healthcare, and travel.

Chapter 2 introduces the seven basic building blocks of SSI—including digital credentials, digital wallets, digital agents, and blockchains—at a level that should be comfortable for non-technologists.

Chapter 3 takes the seven building blocks from Chapter 2 and shows how they can be put together to solve different scenarios in digital trust.

Chapter 4 introduces the SSI Scorecard as a tool for systematically evaluating the major features and benefits of SSI (a tool we use again in part 4 to evaluate the impact of SSI on various industries and market verticals).

1 Why the internet is missing an identity layer—and why SSI can finally provide one

Alex Preukschat and Drummond Reed

Self-sovereign identity—commonly abbreviated SSI—is a new model for digital identity on the internet: i.e., how we prove who we are to the websites, services, and apps with which we need to establish trusted relationships to access or protect private information. Driven by new technologies and standards in cryptography, distributed networks, cloud computing, and smartphones, SSI is a paradigm shift for digital identity similar to other technology paradigm shifts: for example, the shift from keyboard-driven user interfaces (e.g., MS-DOS) to graphical user interfaces (e.g., Windows, Mac, iOS), or the shift from dumb phones to smartphones.

However, the SSI paradigm shift is deeper than just a technology shift—it is a shift in the underlying infrastructure and power dynamics of the internet itself. In this way, it is closer to other infrastructure paradigm shifts such as those in transportation:

The shift from horse travel to train travel

The shift from train travel to automobile travel

The shift from automobile travel to airplanes and jet travel

Each of these shifts in technology resulted in deeper, structural changes to the shape and dynamics of society and commerce. The same is true of the paradigm shift to SSI. While the details are evolving rapidly, the big picture of SSI that has already emerged is remarkably coherent and compelling—and this is what is driving adoption.

In this book, we endeavor to explain this SSI paradigm shift in the most approachable way possible. Our motivation is not to impose our vision of the world on you but to humbly convey the technological, business, and social movements that have come together to make SSI possible. Our starting point is this claim:

The Internet was built without an identity layer.

—Kim Cameron, Chief Architecture of Identity, Microsoft [1]

What did Kim Cameron—Microsoft’s chief architect for identity from 2004 to 2019—mean by that quote? What is an identity layer? Kim gives an answer in his groundbreaking series of essays called The Laws of Identity, published on his blog over a series of months in 2004 and 2005:

The Internet was built without a way to know who and what you are connecting to. This limits what we can do with it and exposes us to growing dangers. If we do nothing, we will face rapidly proliferating episodes of theft and deception that will cumulatively erode public trust in the Internet.

Kim was saying that when the internet was initially developed in the 1960s and 1970s by the U.S. military (sponsored by the Defense Advanced Research Projects Agency, or DARPA), the problem it was designed to solve was how to interconnect machines to share information and resources across multiple networks. The solution—packet-based data exchange and the TCP/IP protocol—was so brilliant that it finally enabled a true network of networks [1]. And the rest, as they say, is history.

What Kim was driving at, however, is that with the internet’s TCP/IP protocol, you only know the address of the machine you are connecting to. That tells you nothing about the person, organization, or thing responsible for that machine and communicating with you. (Hackers have demonstrated how to change a computer’s hardware [MAC] or IP address before it is sent to remote network devices. This makes it nearly impossible to rely on, or trust, current network-level identifiers.)

This seems like a fairly easy problem to solve—after all, people and organizations built the internet, and we control (or at least we think we do) all the things that are using it. So, how hard could it be to design a simple, standard way to identify the person, organization, or thing you are dealing with over