Awesome-Mirrors/decentralized-id.github.io
1
0
Fork 0
mirror of https://github.com/Decentralized-ID/decentralized-id.github.io.git synced 2025-07-29 01:08:58 -04:00
Code Issues Projects Releases Packages Wiki Activity

move indy to hyperledger

Browse source
This commit is contained in:
infominer33 2019-03-05 15:59:40 -05:00
parent dfb577185e
commit a39cc77564
9 changed files with 0 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

668
hyperledger/hgf-18/Microledgers-Edgechains-Hardman-HGF.md Normal file
View file

@ -0,0 +1,668 @@
---
title: Microledgers and Edge-Chains — A Primer
description: A Transcript of Daniel Hardman of Evernym Presenting at Hyperledger Global Forum — 2018
image: "https://infominer.id/images/edge-card.png"
---
# Hyperledger Global Forum 2018 — Microledgers and Edge-Chains
**A Primer - Daniel Hardman, Evernym**
<code>Editors Note: I've taken to working on youtube transcripts for podcasts and videos whos content is valuable and not readily accessible in text form, so that it will be easier for anyone to reference. -<a href="https://infominer.id">infominer</a></code>
[Evernym](https://evernym.com)s Chief Architect [Daniel Hardman](https://www.evernym.com/team/daniel-hardman/) takes the Hyperledger community through Evernyms work on Microledgers and Edge-Chains Architecture. Attendees will gain insight into the theory, applications and evolution in Hyperledger Indy along with a practical discussion of their potential.
<img src="https://i.imgur.com/H5ijP94.png"/>\
<sup><a href="https://www.youtube.com/watch?v=iK5vd7-b1zA&list=PL0MZ85B_96CGkWnEvdPy5sB4VRcH2XWuP&index=100">Youtube: Hyperledger Global Forum- Microledgers and Edge-Chains: A Primer- Daniel Hardman, Evernym</a></sup>
* [Daniel Hardman, Chief Architect - Evernym](https://hgf18.sched.com/event/G8sN/microledgers-and-edge-chains-a-primer-daniel-hardman-evernym)
> Daniel Hardman has a quarter century of experience in enterprise software. As a technical director or chief architect, hes led engineering teams at small startups, an incubator, and a continent-spanning business unit at a Fortune 500 company. He founded a dot com a few years back, serving as CEO and later CTO before selling the business. Daniel designed and personally coded complex scheduling software that runs the biggest supercomputers on the planet. He also worked on big data systems that use natural language processing and machine learning/AI to impute reputation to the entire observable internet. He is a member of Infraguard, has training in cybersecurity, and has spoken at industry conferences such as RSA. Daniel has an MBA plus a masters degree in computational linguistics. He holds numerous patents and is a prolific blogger.
## Contents
* [Microledgers and Edge-Chains](#microledgers-and-edge-chains-)
* [A Personal Arc](#a-personal-arc-)
* [Blockchain— the new centralization](#blockchain-the-new-centralization-)
* [Where Blockchain is Needed (or Not)](#where-blockchain-is-needed-or-not-)
* [Microledgers](#microledgers-)
* [How Blockchain is Still Relevant](#how-blockchain-is-still-relevant-)
* [App Centralization Continuum](#app-centralization-continuum-)
* [Teleomergent - More than a decentralized app](#teleomergent---more-than-a-decentralized-app-)
* [Dapps vs Edgechain Protocols](#dapps-vs-edgechain-protocols-)
* [Defining an Edgechain Protocol](#defining-an-edgechain-protocol-)
* [A Familiar Example—Buying a House](#a-familiar-examplebuying-a-house-)
* [Trust Ping Protocol](#trust-ping-protocol-)
* [Tic Tac Toe](#tic-tac-toe-)
* [DID method for peer (private pairwise) DIDs](#did-method-for-peer-private-pairwise-dids-)
* [Peer DID Method Spec](#peer-did-method-spec-)
* [Megaphone Protocol](#megaphone-protocol-)
* [Call to Action](#call-to-action-)
* [Q&A](#qa-)
* [Home](https://infominer.id)
## Microledgers and Edge-Chains [**^**](#contents)
**Lightly edited transcript from Youtube.**
<img src="https://i.imgur.com/Hu9v2Md.png"/>
Okay, I think we'll go ahead and get started. There are likely to be people trickling in, if they're like I am. If I didn't have to be here speaking I would take my time getting in the next session after lunch feeling a little bit sluggish... but anyway, they'll come in and and we'll already be in the presentation.
My name is Daniel Hardman, hopefully you've if you read about this session you might know a little bit about my background. I work with Hyperledger Indy project, mostly. I'm a maintainer there, and I also work for, well so I have a day job with Evernym... and then a side gig, where I work on the technical governance part of the Sovrin Foundation, which is closely connected to the Indy project.
Anyway, today I'm going to talk about some concepts that have been marinating in my mind and in the minds of some people that I work with for quite a while. Not all these ideas are originally mine I want to give credit where credit is due.
Lots of other smart people have been talking and thinking about this as well I'm just a spokesman for a lot of other people, and hopefully the title intrigued you a little bit.
Microledger's and edge-chains: I'm going to demystify that, and when you walk away I hope you're gonna think of this as not so much a super technical session that you've been to but instead a session that kind of has some intriguing ideas for you to think about later in whatever you're doing.
## A Personal Arc [**^**](#contents)
<img src="https://i.imgur.com/5aXEDkg.png"/>
I'd like to start by taking you on a little bit of a personal journey. I started working in blockchain two and a half years ago, and when I first became aware of the basic concepts of how blockchain worked and so forth I became really excited about how blockchain had solved a bunch of problems
and how I was going to go conquer the world with all this new technology and it was awesome and that was a I lasted in that phase of my acquaintance with blockchain for, I don't know, several months but I start to encounter practical problems with some of the blockchain stuff I was doing.
and I hope as I describe the rest of this arc you'll smile a little bit to yourselves, and say, yeah I've kind of been through the same thing.
in a way this is kind of like the Gartner hype cycle you know there's the the spike of excitement and then the trough of disillusionment.
<img src="https://i.imgur.com/BsTgEd0.png"/>
I went through learning about some of the performance and scaling issues that we had to deal with, and some of the complexity.
and then I started to realize that putting data on the blockchain had certain repercussions that I didn't always want to deal with, and that there needed to be some very careful thought about how we encrypted data.
<img src="https://i.imgur.com/kdoyUEq.png"/>
and then I realized encrypting it wasn't enough, it just plain shouldn't be there at all. and so hopefully you guys are recognizing these kinds of patterns in your own thinking here and then I got into the whole all regulatory compliance of GDPR thing and gee this is getting harder and
harder.
<img src="https://i.imgur.com/V5cyLYb.png"/>
Then I and several of my companions discovered this notion of microledgers, and we feel like it was kind of an aha moment for us. So I'll explain what microledgers are and I think you'll see how that's relevant to this arc when I'm done.
Let me just point out that that same kind of arc that I just described in my own thinking we're seeing unfold in lots of different ways in the whole blockchain space.
<img src="https://i.imgur.com/oVC0WwF.png"/>
All of the things on this list here are examples of projects where somebody has thought hard about the original blockchain paradigm, and tweaked something in an interesting way because
of that same arc, and you know the tweaks are different.
* plasma is about taking smart contracts off the blockchain
* triple signed receipts is about preserving confidence in data but not having to keep a full history even though you have a strong proof that you're at the right state anyway
they all different things up there and if you don't know about all those, I didn't know about all of them either until I went and researched this talk, and I was looking for patterns.
I knew about some of them and I found some others there but the point is that I think the whole industry is going through a maturation phase where we're realizing that there's certain aspects of what blockchain can do that we love, and there's other aspects of what blockchain gives us that we don't love so much and we're trying to kind of wrestle against those constraints
<img src="https://i.imgur.com/ZBiVQ0J.png"/>
These are the two things that I think these arcs all have in common, mine and and the things on the previous slide: they're all trying to do less with the central big blockchain in some creative way so that they can keep the special value out of the blockchain but not have some of its downsides.
## Blockchain— the new centralization [**^**](#contents)
I want to just point out something I went and looked just for fun I went and looked up architecture diagrams with Google. I was looking for old client-server architecture diagrams okay and these are just three that I picked at random out of the Google image search results list
<img src="https://i.imgur.com/yYUdvNr.png"/>
you see that client-server is kind of this old paradigm where we have this notion of a centralized thing, and client-server equals bad, right?
we've been down that road we don't like that anymore, but here's what's interesting I also went and searched for some architecture diagrams about blockchain and some blockchain supposed to be highly decentralized and lo and behold there are lots and lots of evidence in these diagrams that blockchain is actually it just almost the exact same thing
<img src="https://i.imgur.com/py6olR5.png"/>
now there's some things about blockchain that are different I'm not arguing that they're identical but the point is there is this phenomenon sometimes that blockchain has been used in a way that's far more centralized than we like to admit yes there are nodes that spread the load around and yes the nodes create this notion of diverse or I mean diffuse trust and yet all of those nodes can be treated as one bundle in the middle
and in fact in a lot of architecture diagrams that you see in presentations at this conference and any other conference you will see a little graphic that represents the blockchain and a bunch of arrows coming to it from all over the place and what's that that's centralization
## Where Blockchain is Needed (or Not) [**^**](#contents)
<img src="https://i.imgur.com/ugjLkS9.png"/>
so we don't necessarily need the blockchain for everything that we think we need it for the Vitalik, back in April, I'll let you read that quote there, well actually I'm going to read it because it's such a good one:
>Blockchains.. are a far less efficient computer and database than technologies that have existed for over 40 years... efficiency is not what block chains are built for - [Vitalik Buterin, April 2018](https://www.youtube.com/watch?v=jJt3yag96fU)
if you actually go and look up that quote he does a comparison of how much it costs to do certain kinds of computations on Ethereum versus AWS, and it's about a million to one difference in efficiency.
>"Let's say you and I, we are happy to do some transactions with each other.. We don't really need to use the blockchain unless we disagree with each other... Why would you need the mediator if you are actually in accordance...?" - Arther Gervais (Founder of Liquidity Netowrk), June 2018
Then founder of Liquidity Network, in June. This is a really good quote: - bottom line is this notion, you know what? Why would you need a mediator if you're actually agreeing with each other?
now there's an answer to that question but there's also, that question exposes some interesting things to think about.
I think smart people in the industry are starting to question some basic assumptions.
<img src="https://i.imgur.com/ZfhYNAD.png"/>
here's my picture of an architecture that's centralized in blockchain oriented you got the blockchain in the middle here and you got the arrows coming to it right this is how I was thinking about my own particular problem which was the identity management relationship management problem that's at the core of identity when I first came into this world and if you see,
we've got two parties that each have a relationship and want to trust each other we have Alice we have Bob and Alice needs to know some things about her view of this relationship and she also needs to know some things about Bob's view of the relationship okay and these two views of the world
what's symmetrical and complimentary but they're using the blockchain in the middle as the trusted intermediary and like I said this view of the world sort of works but it chafed on me and it became increasingly uncomfortable as I learned some of the drawbacks and challenges to it
## Microledgers [**^**](#contents)
<img src="https://i.imgur.com/kX93eTU.png"/>
Here's what I evolved to, and this is what I want to talk to you about, is the microledger notion. In this notion you still have a blockchain, and blockchain does have relevance it's highly relevant, but it's not the main mediator of the relationship between Alice and Bob.
Alice and Bob talk to each other directly and then they have this kind of back-channel thing that they can use to interact with the blockchain to the extent that they need to and I'm gonna talk about what they really need the blockchain for but it's not as much as we thought at least as much as I thought to begin with
so when you have this kind of a relationship what you have is two parties that are kind of at the edge of the old diagram, instead of the thing that's in the middle, you have the things that are at the edges okay and these things at the edge are talking to each other. this is how I get the concept of an edge chain
that's where that word in the title of the presentation comes from, is the notion that you can have some of the same characteristics of a blockchain, you can have high trust and tamper resistance, and diffuse patterns of communication and so forth. but, you don't have the blockchain sitting in the middle of it. it's all happening out at the edges
<img src="https://i.imgur.com/c0mtJW0.png"/>
okay so this evolves even further: if you have this person Alice having relationships with multiple people, she
continues to have these lateral side relationships. she doesn't have them through the blockchain.
now you might be saying well wait a minute if you take the blockchain and all those big arrows out what is it even useful for?
## How Blockchain is Still Relevant [**^**](#contents)
<img src="https://i.imgur.com/uJ1Kkwq.png"/>
In my case it's useful for certain problems that require external trust. For example, there has to be a place where I can announce that a credential, upon which identity is based, has been revoked. The world needs to test for that condition when they're seeing credentials presented.
I know that there's people out here who aren't in the identity space. I think there's analogs to this in in non-identity world too.
There's certain things that you need to consult the blockchain for. The main things that aren't on this list are things like:
* talking to each other
* storing things
* doing computation
* interacting
None of that stuff has to go through smart contracts or any of that. It just has to have a few very small things that make this possible.
Besides revoking credentials, in the identity space:
* You have to be able to revoke a device: If you leave your phone in on the backseat of an uber you need to be able to quickly say don't let anybody use that phone to impersonate me.
* you need to be able to discover parties that are intending to be public
* you need a secret rendezvous spot: so if you think of secret agents that you know they're heading off into enemy territory, and they agree that if if they're not back by such-and-such a time, then they're going to meet in the square at midnight, or whatever...
You can use a blockchain kind of like that: agree that we'll rendezvous on the blockchain if we lose track of one another, or have to repair a relationship and we can't do it by direct conversation.
It turns out that Merkel proofs of state integrity between these two parties can be relevant.
This last one is where I get the name micro ledger for this talk. That is, the way that these two parties interact with each other, has to have some characteristics of proveability and tamper-resistance even though it's not on the main blockchain.
You can do that by doing some very simple (well it's not very simple... it's simple compared to other stuff) crypto on your local hard drive..
When you interact with the other, passing them Merkel proof-of-state and having them check it against what they have.
you end up knowing with confidence that both of you have the same thing, and and you haven't drifted or misinterpreted one another.
You end up basically having a tiny little ledger on your machine for the relationship. Alice would have one for the relationship she has with Bob. I'm talking tiny, I'm talking 5k 10k little tiny files.
They're not massive, they don't last necessarily forever, they don't store any significant amounts of information, but they just have an orderly sequence of hashes that show how state has evolved that's the micro ledger concept.
## App Centralization Continuum [**^**](#contents)
<img src="https://i.imgur.com/lnKUizp.png"/>
After we started playing with this idea I started to see things a little bit different this is my journey again but I thought instead of it being kind of a time sequence I saw it as a continuum of centralization and I really think that's where my mental journey took me is I started out thinking blockchain was cool and I'm going to be decentralized but I wasn't really very decentralized in my thinking and took me a long time to get there
you know I started over with "put it all in the blockchain" which isn't so far away from traditional client-server
then you start seeing people talking about sub chains and side chains and things like that that's an example of moving farther to the right on the continuum
then you hear people talking about well just anchor it on the blockchain now we're starting to get pretty far over to the towards the right if you go all the way over to the right you have a pure edge chain where you really don't need the blockchain at all.
I don't think I'm gonna write any software that looks completely at that end of the continuum. I think the blockchain introduces some characteristics of trust that I really need but I think I can get pretty far over here get all the benefits from blockchain that I really care about but not have hardly any of the drawbacks or complications and the only price is complexity darn it
okay so I put up here on this picture, also I have gaps right here and edge chain protocols. when I first started exploring this notion of the edge chain, I was calling the thing that we were building a dApp. because it's a decentralized app, of course. but I realized that what the industry is calling a dApp is actually pretty far over to this side because it's typically running everything through a smart contract that does centralize computation.
there are dApps that aren't that way, so the DAP thing moves over towards the right. There are some gaps that get maybe almost this far, but you you can take it all the way over here, and I think if you go way over to the right side it's not really fair to call that a dApp because it's pretty different from what the industry thinks a dApp is.
## Teleomergent - More than a decentralized app [**^**](#contents)
<img src="https://i.imgur.com/1E6jCjZ.png"/>
I'm gonna give you some examples here in just a minute. Just for kicks, I'm gonna introduce a new word to you, because this is why I'm excited about the right end of that continuum. I think that the things on the right end of that continuum have this characteristic.
this is a big word, you know, a $24.00 word. but it's "telly-o-mergent." If you're familiar with the word [teleology](https://www.merriam-webster.com/dictionary/teleology) or [telonomy](https://www.merriam-webster.com/dictionary/teleonomy), this has the notion that you have order from chaos.
Okay? but, it's not order that's decreed by some central party it's order that arises spontaneously. Teleonomy is used in discussions about evolution and biology and how a very complex ecosystem can manifest really sophisticated patterns of behavior even though there's not anybody out there telling the Zebras which direction to run when the Lions chase them
so you may have also heard the word chaotic before and you may have run into the notion of Adam Smith's invisible hand in the economy it's the notion that you give a bunch of independent actors the right incentives and lo and behold the free market causes an interesting dynamic to emerge that's useful
and that's what I think is the true characteristic at the far right side is that you give independent agents the ability to interact and these agents find useful ways to interact according to a protocol.
## Dapps vs Edgechain Protocols [**^**](#contents)
this is just a little compare and contrast I think I'm gonna skip over this suffice it to say that daps and edge chains have a lot in common but I think there's some interesting differences
<img src="https://i.imgur.com/cVg6gFH.png"/>
and I'll maybe during Q&A; we can come back to this slide if you have questions about it, but let me now actually give you some examples of what I'm talking about.
## Defining an Edgechain Protocol [**^**](#contents)
<img src="https://i.imgur.com/vIDt6iO.png"/>
When you define an edge chain protocol you have to answer these four questions:
* what are the roles in my protocol?
* what types of messages do we exchange?
* what stage or sequencing rules apply?
* and how our trust and incentives managed?
## A Familiar Example—Buying a House [**^**](#contents)
<img src="https://i.imgur.com/XEpCvty.png"/>
so here's a really familiar example, okay? no tech involved. how do you buy a house? What are the roles in buying a house?
well you have a buyer and a seller, and the realtor for the buyer and the realtor for the seller. you have a home inspector, you have a title company.
these are roles, and by the way, buying a house is a protocol. You can't just go order a title, insurance, on some arbitrary home, because that would be out of order for the, it's not the sequence.
You have to start by doing step one and then you go to step two and then you go to step three right and the parties in this interaction have responsibilities they can do certain things, and not other things.
The kinds of messages that get exchanged in this protocol: we have an offer to buy, a counter-offer, an acceptance or rejection, a home report, a title search. These are messages.
What are the state rules that apply? well this is an example state machine I drew. You start by negotiating and you can go round and round in circles in negotiating, eventually you exit the negotiating phase. you're in the preparing phase where you order a title search and a home report and all these things and anyway you end up consummating the deal or not consummating it
That is an edge protocol.
Why is it an edge protocol?
There's no blockchain involved, right? it's people out at the edge.
There's a hundred thousand things like this, ordering a hamburger is a protocol. You can't just walk up to somebody nd say, "here's seven twenty five." You have to walk up to him and say, "I want number three on the menu," then give him $7.25 after they ask you "is that to go or not?" "to go" right?
There's this whole protocol involved in that, that we all know. The reason I'm harping on this is because all kinds of business problems are solved by protocols all the time, and in fact, they're mostly edge protocols.
That's a cool thing if you can just hook them up to blockchain for just the parts that you need them for, and not all of it. The weight of what you're building goes way down.
## Trust Ping Protocol [**^**](#contents)
<img src="https://i.imgur.com/pUnUIiD.png"/>
Here's a simple edge protocol that's techy. this one is relevant to the identity space. This is the trust ping protocol, and in Indy there is a HIPE (which is like an RFC) about how you ping another person.
You have their DID, for them that's their identifier, and given that identifier you should be able to reach out and talk to that person.
So how do you do it? According to the whole Indy technology should be able to do it no matter what transport you're used to send messages whether it's HTTP or mail or Bluetooth or whatever.
You should know some things when you engage in this trust ping about whether the person on the other side is trustworthy and how much trust might have been eroded by the kind of mechanisms you used in between you.
There's a HIPE about that, you can see the roles, the pinger and the pingee; and the message types.
let me give you a quick demo of this protocol. I'm gonna start up an indie agent, and that agent is going to be listening on email, and I'm going to talk to it by email, and I'm gonna use the trust ping protocol to to interact with it.
<img src="https://i.imgur.com/SA01z4J.png"/>
This is the [trust ping protocol documentation](https://github.com/hyperledger/indy-hipe/pull/67), and the trust ping documentation says that if I want to ping somebody this is the kind of JSON message I need to send it.
So, I'm gonna send it one. Let's go over here to my email, and I'll bring up my little trust ping. nothing up my sleeve. here's the the JSON that I'm sending, which is just a direct copy and paste out of this HIPE here... so that's the that's the stuff that I sent.
and let's see... message was sent. that's good. now what we've got to see is if the message is going to come back... there we go.
<img src="https://i.imgur.com/qe7MocA.png"/>
so the agent on the other side pinged me back and let's see what it sent me: it sent me an aim style message.
This is the JSON that I got back, it says "hi" from Indy agent. So, I've just engaged in a protocol.
Now what does blockchain add to this? I could do this entirely without blockchain, but there's some things I wouldn't have: I wouldn't have confidence in the other sender. Somebody could sit in between me in this protocol and mess with my mind, right? be a man-in-the-middle.
So most of the protocol is not modified, but by adding a little bit of blockchain pixie dust, I'll call it, I can increase the trust behind this protocol.
That's the kind of thing that I'm seeing over and over again as I get my head wrapped around this paradigm is you start with a paradigm that's really not very blockchain heavy, and then you say "what are the things that's wonderful about blockchain, that I need to add into this? and how can I do it as light as possible?"
## Tic Tac Toe [**^**](#contents)
<img src="https://i.imgur.com/Ym9zesW.png"/>
okay so on to the next thing... here. Tic Tac Toe. We could also play tic-tac-toe. I'm gonna wait and see if I have enough time. I'll do a demo of tic-tac-toe if you feel like it later. but anyway I have a demo of that if you want to. this one was not there's no blockchain goodness on this this is all the way to the complete right side is being a pure hedge protocol because you don't need a blockchain to play tic-tac-toe okay.
## DID method for peer (private pairwise) DIDs [**^**](#contents)
<img src="https://i.imgur.com/T3nCl47.png"/>
This is a more serious one. What if you want to manage a relationship? Alice and Bob live across the world, they use complicated technologies. Each of them has different technologies. One of them has a laptop, and a cell phone; and the other one has a desktop computer at work, and two cell phones, and something in the cloud.
They want to talk to each other and there's different pieces of software running on all these different things at different version levels and all this kind of stuff.
How does Alice tell Bob: "you shouldn't accept messages anymore from my old cell phone that I just sent to the recycling"?
I think they told me they were gonna wipe the hard drive on it but I just don't trust I'm gonna tell Bob not to do that. How does Alice say, "I upgraded my own world here, and I've got a new device, and now if I send messages from that device you
should trust them."
how does Alice say I'm gonna rotate my keys? all of these are concerns of managing a relationship, and you need a protocol to manage a relationship... and guess what? it's mostly an edge protocol.
## Peer DID Method Spec [**^**](#contents)
This is a more serious one that has pretty high stakes. I've been working on a method to describe how DIDs can be created, and the DID docs associated with those DIDs can be shared.
You can see the the roles here are the participants in the relationship and there's some message types that are described here there's actually a [DID method spec draft](https://dhh1128.github.io/peer-did-method-spec/index.html) and I'll show that to you really briefly here and you can go look it up yourself later if you want to
<a href="https://dhh1128.github.io/peer-did-method-spec/index.html"><img src="https://imgur.com/QlhWEmfl.png" /></a>
I'll give you the URL and you can go read it, but there's this whole spec behind this, and this is what has caused, I think, the most ruminating on the concept of a microledger... because the microledger as a persistence mechanism could provide high trust to back the did method that I'm mentioning.
## Megaphone Protocol [**^**](#contents)
Let me go on to another one that's maybe a little bit more interesting so this is just an imaginary one but I think I'd love if somebody in the audience wants to build this I'd be super excited and I would buy your app.
<img src="https://i.imgur.com/wzji3sc.png"/>
A megaphone protocol, what I'd like is something where if I'm sitting on the beach in Indonesia and a tsunami happens... I can grab my phone and push a button and say "run a tsunamis coming" and my phone contacts all the phones all around the resort where I'm staying which in turn contact all the phone's a mile inland and everybody starts running not just the people who can see the wave. Would that be cool?
I want basically a virtual megaphone, but here's a "why do I need blockchain?" there's a really good answer to this, I can't build this right now, because if everybody had a real megaphone in real life you'd have problems with people using it irresponsibly, wouldn't you?
So there's a trust problem, I can use blockchain to require people to put stake, or put their identity in escrow against their responsible behavior. So that a person can say, when it's a life-or-death situation, "I need an EpiPen right now!"
I'm willing to you know have a hundred dollars on the line or I'm willing to have my identity disclosed if I am shown to use that irresponsibly and that protocol can hook back to the blockchain as a basis for that trust but most of everything that's happening is all out on the edge.
you can see some of the other ones, you know, "my child is lost at Disneyland," or "I'm desperate to get on this plane as somebody in this line willing to send me to sell me their plane ticket 4000 euros?"
any of these kinds of things could be done with this kind of protocol, and you would just need peer-to-peer communication in your app. Or you could have the app go back to the cloud and talk to other apps through the cloud, if you needed to.
that would be more centralized but anyway there's some roles in this a speaker a listener and a relay so you could have an app and a person could talk through your app to another phone that was close to you and so the word would spread right if anybody's interested there's a link to the concept doc when you download the slides you can go read more about that protocol
## Call to Action [**^**](#contents)
<img src="https://i.imgur.com/xLHfZ7b.png"/>
I hope that I haven't gone too too deep, I've tried to stay really high-level and I hope that I've been general enough that even if you're not in the Indy space, the identity space, you're thinking a little bit to yourself yeah maybe there's some ways that I'm taking for granted
that we need to use the blockchain for something... and maybe I should think from the other direction instead start thinking about the problem as an edge protocol problem and then say how do I sprinkle the the magic pixie dust a blockchain just enough to get the properties of trust or the constraints that I need
what I've found is that this is a very liberating experience. Two and a half years in, a lot of the problems that I initially thought were really yucky, I'm now thinking, "well if I flip it on its head I can get what I need to and I
don't have the performance problem or I don't have the scaling problem or I don't have the centralization and trust problem or the regulatory problem.
So I want to encourage you to do that. Think in terms of the edge, with a blockchain as a useful foundation that you can refer to but not necessarily as the place where it all happens. You don't have to compute everything in a smart contract.
there are some problems that you must use blockchain for but I'm just saying use it wisely, and not just peanut butter spread it on everything.
I would love to get some people here to work with me on this peer did method I think it's a very high value for the identity space that's one specific to my area of expertise so with that I'll go back and demo something if you want or we can go into QA I think we got about ten minutes
left which is good
## Q&A [**^**](#contents)
<img src="https://i.imgur.com/HNmcUfN.png"/>
I was trying hard to not go till the very last second well it doesn't necessarily have to be a person but some entity on the edge yeah and I'm really using the term edge of course is really vague but what I mean by it mostly is it's not the thing in the center of the architecture diagram okay and then the second question the concept of the micro ledger is there any concept of persisting the final values of the micro ledger onto a blockchain yeah so this is if I go back to let's see the notion of anchoring something on a blockchain a number of people in industry are exploring different ways to do that and one of the things you could anchor on a blockchain is a micro ledger so if you needed to prove for example to a third party let's say Alice and Bob are interacting and it's it's a private personal relationship but let's say Bob doesn't fully trust Alice and maybe he's afraid that alice is gonna steal all of his cool music for his next album even because he's been sharing it with her so
he goes and he anchors some things on
the blockchain to provide evidence so
that if anybody ever you know if there's
ever an argument there's a third party
that's a witness that kind of a thing
and there's other kinds of use cases
like that too
hi so obviously it's a communication
protocol so I'm wondering if there was
any thoughts about communication
recording or if it could be useful in
any way I know there have been papers
for TLS communication recording but
obviously it's not easy to do at this
point with TLS and HTTPS so is there any
ideas about communication recording
between the agents or da DS and how it
could be possibly useful so that's an
interesting question I used to work at
Blue Coat which makes a line of products
actually blue coats been acquired by
Symantec so if you look this up now
online you're gonna have to look under
Symantec but anyway blue coat makes a
made a product called an SSL visibility
appliance and what it is is a
deliberately constructed
man-in-the-middle attack on a TLS
session so an enterprise does some fancy
magic with certificates to make it so
that when you inside the enterprise talk
to somebody outside the enterprise that
appliance catches the traffic and it man
in the Middle's both of you neither side
can tell that there's this thing in the
middle and the whole point of it is make
the TLS channel visible so that the
enterprise can look for malware that's
coming into the environment and stuff
like that so where I'm going with this
is that same kind of technique could be
used in agent to agent communication
however you would have to get the
consent of both ends of the conversation
you don't have the ability like you do
in an enterprise to simply say well
every browser in our enterprise is going
to accept this certificate authority
therefore nobody's going to get any
warnings when they click and and stuff
like that so self sovereign identity
technologies provide a protection
against that kind of sniffing happening
invisibly but it could be done and the
old the other thing I was going to say
is there's also a hype
a proposal about message tracing this is
cooperative voluntary message tracing
where people are trying to troubleshoot
a complex interaction and they say hey
please tell me when you get this message
and forward it on so that I can see
what's happening parties don't have to
follow it and but it's somewhat related
to recording so I I guess I can only
think of two those two comments about
the recording concept maybe we can talk
some more after Danny I actually have a
follow-up question and what what
happened here so I'm sure you're
familiar with signal in signal low using
a double ratchet it's right in Triple D
filmin and they create that end-to-end
encryption so how does this really
different when it comes to peer-to-peer
and then just creating that encryption
because you just mentioned that if
you're going to man in the middle attack
I'm quite familiar with what Bluecoat
does I work at Symantec as well so you
have access to the private key you are
able to record a session and then you're
able to replay it
so basically acting as a proxy so how
does this does not apply in this
scenario because if I'm able to actually
sit in between let's say I hold the
network and then I compromise one of the
parties then this is basically just a
broken channel well first of all indie
communication there's a this has not
been implemented but the hype has been
accepted is adopting signals double
ratchet algorithm so forward secrecy and
so forth is a property of the
communication channel the same way it
would be with signal the did method spec
that I talked about here one of the key
characteristics that it has is that when
you created did you must create it by
deriving it from the public key of a key
pair that exists and the reason that
that requirement exists is because you
don't want if you had it if you did well
let me take you down a different path if
if you started a D ID as just like let's
say some UUID and then later you
associated it with keys what could
happen is you could start it and a
person who's proactive and malicious
could notice what your D ID is
but you haven't asserted keys and jump
in and create the kind of man in a
middle situation that we're really
worried about here but because DIDS
require you to derive the thing from the
key the the did value from the key there
is no point in time where the creator of
the did is vulnerable to the man in the
middle attack that's only a partial
answer to your question let's talk about
it after yeah I had yet another
follow-up on this thread so the ietf has
a existing internet standard called the
host identity protocol and it does
exactly the same thing the intention
there is because right now in networks
there's the IP address is the identity
but this is not verifiable so they made
this protocol with the intention that it
existed to be compatible with the
Internet's tcp/ip stack so there is no
tie to and etherion network or a hyper
ledger implementation it's just part of
the general Internet can you give me
some context as to why this is existing
separate from that and we don't just use
the host identity protocol existing on
the internet already so that's a great
question there's several different
answers that are all kind of related
that kind of add up the first thing is
that this communication mechanism has to
work on things besides the Internet
so not everything has IP addresses and
still we have to be able to communicate
we certainly live in a highly IP centric
world but there's plenty of use cases
that are outside that the second thing
is that like with certificates my
understanding of the host identity
technology is that it focuses on servers
now of course it could be used for
clients and stuff too but TLS in general
even though it has
the option of identifying both parties
is almost a hundred percent used to
identify only the server side of an
interaction so when you want to identify
the client side what do you do you have
this great channel but you don't use
certificates you have an entirely
different mechanism which is
browser-based sessions and cookies and
all this other stuff to identify the
other party you log in you present some
credentials and I think the same kind of
phenomenon maybe is undermining some of
the value of that protocol where it's
it's going to be applied whether the
protocol is written that way or not it's
going to be applied just to identify
things that have a permanent presence
does it does it work for mobile phones
that are changing IP addresses
constantly and that are refreshing their
software and all that other stuff I
don't know enough to know maybe we can
can you share a link with me or
something and I'll go learn some more
about it
state channels are on my list of we're
right here
well state channels yeah the state
channels are an example of this kind of
thinking yeah I have one question
concerning the etch chain protocols as I
understood you you suggest we make small
protocols and different apps but what
when I want to glue them together
because they together build higher-level
protocols would I then try to make the
glue in the blockchain so things that
those protocols need store it there or
would I define let's say super H J chain
protocol
well yeah protocols are one of those
things that can be understood at there's
there's lower level ones and higher
level ones just like there's the OSI
stack and so forth in networking and you
can combine logical entities into bigger
constructs to make higher-level
protocols something that you said kind
of gets at this slide that I skipped
over one of the things that's different
between DAPs and edge chain protocols is
that edge chain protocols there there's
no set of apps that you have to have you
just need to have software that is
capable of playing all of the roles in
your protocol and it could be written by
ten different people and there could be
ten different providers of one of the
roles if you wanted right so think about
like buying a house we don't have only
one place that you go to get all the the
actors in the buy a house protocol and
yet DAPs are typically written where you
write a DAP that implements the whole
thing and so that's a little bit of a
paradigm shift
yeah yeah yeah
theirs doesn't have to be implemented on
server so it's not exactly micro
services but it's like that in the sense
that it's a bunch of little granular
things hi thanks this was really
interesting I was going to offer a bit
of nitpicking for the megaphone protocol
I think if you don't take in
consideration economic pressure
I think the protocol probably fall apart
because some people will be in such
situations that they'll be willing to
trade what they consider their important
identity to spam people nearby and
there'll be markets that will probably
show up saying hey if you can if you do
this for us we'll give you some money
and people might burn through their
identity because they don't see the
value of it or maybe they will try and
stack up multiple identities as much as
they can
obviously we we would expect this the
product or the system the overall
underlying self sovereign identity
system not to allow that but I think if
you don't count factor in economic
pressures especially for those of us who
are very poor like you won't be able to
expect some of the ways that the
protocol will be manipulated
that's good comment the the concept
document includes the notion that
megaphones have a volume and you can
select the volume if you say look I'm
tired and hungry and I'm a mom in an
airport and I have a baby and I need to
change the baby's diaper and I forgot a
diaper that's not a life-threatening
crisis so you don't need
life-threatening volume and so there's
probably different staking for different
levels of volume but I think there's
still you're right that there's
potential for abuse which is maybe one
of the reasons that nobody's been
working on it yet
okay well I think we should declare the
the session over and I'll be up here if
anybody wants to ask more questions a
couple of you asked me questions that I
want to get some more information about
if you just come and talk to me that'd
be great and thanks for your attention I
appreciate it

0
hyperledger/HGF-18.md → hyperledger/hgf-18/README.md
View file

475
hyperledger/hgf-18/VerifiableOrganizationsNetwork-HGF.md Normal file
View file

@ -0,0 +1,475 @@
---
title: Verifiable Organizations Network - A Production Government Deployment of Hyperledger Indy
description: Transcript of Presentation by John Jordan and Stephen Curran at HGF 2018
image: "https://infominer.id/images/VON.png"
---
# Hyperledger Global Forum 2018 — Verifiable Organizations Network
**A Production Government Deployment of Hyperledger Indy**
<code>Editors Note: I've taken to working on youtube transcripts for podcasts and videos whos content is valuable and not readily accessible in text form, so that it will be easier for anyone to reference. -<a href="https://infominer.id">infominer</a></code>
-Published on Dec 27, 2018
[John Jordan](https://twitter.com/jljordan42), Province of British Columbia & [Stephen Curran](https://twitter.com/scurranC3I), [CloudCompass Computing](https://cloudcompass.ca/)
Learn about the Province of British Columbia's experience deploying the first Hyperledger Indy based production ecosystem.
The [Verifiable Organizations Network](https://vonx.io) (VON) enables governments and organizations to exchange data in trustworthy ways based on open standards and technology.
VON's founding members are governments who are, by law, trusted issuers of data about organizations. The Province of British Columbia, Province of Ontario and the Government of Canada have come together to create the initial services needed to establish VON.
VON's founders have delivered new Indy-based open source components which form VON's backbone. [TheOrgBook](https://orgbook.gov.bc.ca/) is a publicly accessible repository of [verifiable claims](https://w3c.github.io/webpayments-ig/VCTF/charter/faq.html) about organizations. VON-X enables services to verify and issue credentials.
We present the Why, What and How including our strategy for bootstrapping VON using a two-sided market strategy.
<a href="https://youtu.be/g19VNv3DAd0"><img src="http://i.imgur.com/kODoTdj.png"/></a>
## Contents
* [Transcript](#transcript-)
* [Introduction](#introduction-)
* [Solving Problems](#solving-problems-)
* [Collaboration](#collaboration-)
* [Verifiable Proofs](#verifiable-proofs-)
* [Chicken-or-Egg Dilemma](#chicken-or-egg-dilemma-)
* [The Org Book](#the-org-book-)
* [BCGov Org Book](#bc-gov-org-book-)
* [Verifiable Credentials](#verifiable-credentials-)
* [Production Network—Live 9-10-18](#production-networklive-9-10-18-)
* [General Purpose](#general-purpose-)
* [Ontario Org Book](#ontario-org-book-)
* [Come to our Workshop](#come-to-our-workshop-)
* [Bootstrapping Mechanism](#bootstrapping-mechanism-)
* [dFlow](#dflow-)
* [Just the First Step](#just-the-first-step-)
* [Indy Catalyst](#indy-catalyst-)
* [Serving the Public](#serving-the-public-)
* [Q&A](#qa-)
* [Home](https://infominer.id)
## Transcript [**^**](#contents)
<code>**Editors Note** I just copy\pasted this youtube transcript, lightly edited for readability, and added screenshots for context. -infominer</code>
**Pull Requests Welcome**
## Introduction [**^**](#contents)
My name is John Jordan and I come from the province of British Columbia in Canada. This is my colleague Steven Curran we work together on this project.
I guess I'll just get started, and we'll have some slides, a demo, we should have some time for some questions
Ian is also here, one of our developers as well, he's a hyper ledger future developer. What we're gonna talk about today is what we're doing in the government of British Columbia, together with some of our peer provinces in the country — about how we're trying to solve some very long-standing difficult problems.
<img src="http://i.imgur.com/bf3lLTq.png"/>
>**we're gonna focus on business services today and talk about how the government can start to do the things that it does today in paper**, which it underpins the economy.
>
>**money exists because the government says so businesses exist because the government registers them and allows them to operate** and the laws and so forth of the of the government allow commerce to occur
>
>**but we have no way of doing that in the digital economy right now** there's no business models in the digital economy other than basically buying stuff and getting your data exploited for advertising. so if you have a Visa card you're in.
>
>otherwise there's no other really interesting transactions going on and I think big part of that is because **we don't have any way of extending the trust of government into the digital realm in a way that is trustworthy**
<img src="http://i.imgur.com/BVVoGaA.png"/>
so we're going to talk about that this is our fun slide this is where we're from Canada with a variety of animals quite a lot of space we come from Victoria BC I norm I actually grew up in Ottawa which is around the beaver and people think that's kind of humorous but so there you go that's her that's
her
<img src="http://i.imgur.com/UN0dT5b.png"/>
I also want to acknowledge that **I do all this work with [Carol Prest](https://www.linkedin.com/in/carol-prest-aa34b258/)** who is the registrar for BCS so I've been there for a couple years and **from day one we've been working together exploring how can we use the registry data as the foundational data for doing business.**
Unfortunately she's not available she's in India right now, but having this business partnership and having her in her organization behind this, and having the discipline of trying to **solve problems for business people** is what is making this project really fun and also useful
## Solving problems [**^**](#contents)
<img src="http://i.imgur.com/MrIep94.png"/>
We're gonna focus on a problem here which is **how do we help small business** we have sort of a an example of Mary's bakery but **it could be any kind of business** construction mining whatever it is and the problem is that these business people are very excited about starting a business is an exciting time in life but they don't realize sometimes that **they have quite a lot of obligations that they must fill for government**
We have examples where our research teams have gone out and talked to restauranteurs and they have released a building and so forth it's the perfect spot everything is great **and then they realize oh I've got six months of permits and licenses to do because we had to bring it up to building code and they didn't realize this and then there's all these dependencies and they weren't ready to fund that building for six months** so those are like real stories **we'd like to try and minimize that kind of stuff** because we want them to start their businesses and grow.
<img src="http://i.imgur.com/FxeKL2D.png"/>
>you know the path is also very meandering and it can be in multiple different media you can be faxing you could be email you could be online you're in person and so forth.
>
>**All of this is a very difficult both for the business people but also on the government side**. We are also in different places verifying data all the time: who are you? whos business are you representing? Are you authorized to represent the businesses?
<img src="http://i.imgur.com/sIiI6Ni.png"/>
In the most complicated cases, for liquor and so forth, shareholders and employees have **criminal background checks.** They make sure that nobody owns more than 8 stores that sells liquor, and can take up to a year so.
## Collaboration [**^**](#contents)
<img src="http://i.imgur.com/GM9FxgX.png"/>
We're collaborating with a couple of other jurisdictions. We're working with a team in **Ontario** and a
team **in the Government of Canada**, where I used to work, **The Procurement Agency**.
<img src="http://i.imgur.com/oPuhVyP.png"/>
**When we say working together, we're actually writing code together**. There's no MOUs, no steering committees, no work groups. They have a couple devs and the business person, we have a couple of devs and a business person. We sprint together, write code.
All this stuff we're going to show you today has been co-developed, and significant portions have been done by each of the groups
## Verifiable Proofs [**^**](#contents)
<img src="http://i.imgur.com/0MS4yEs.png">
This is the journey that we'd like to enable, it's a journey that we know well. The government gives you something, you take that something to another institution, you use it to prove something and you get and you get the outcome.
In this case it's the incorporation information that's given to Mary, she goes to the bank and she can open a bank account. Turns out that's a very general pattern, and this is the pattern that we see in the verifiable credentials realm.
<img src="http://i.imgur.com/FNpnmLg.png"/>
So we have this pattern of: **holder** which *is a person or a business* but a business can't really hold something on their own. They have to have people holding it on behalf of the business.
They presented to a verifier, which is earlier in the workflow, the verifier says bring your list of things in and prove to me who you are, and you have various permits and licenses and so forth. You then get to enter their form which is usually not that pleasant, and then you are issued something which you hold.
**This is the pattern that we're very familiar with.**
We're sitting with a wallet full of these things. I have bank cards and identity cards and so forth and we're gonna explore how we can do that.
When we discovered that **we were pretty excited** it was about a year ago that **we stumbled across Hyperledger Indy** after having done a little bit of work with fabric
So it was just Stephen and I on the team and we thought it looked promising, that there was this pattern here we could solve some of these hard problems we've been working on for years but we realized we didn't have any of the software for different organizations or people.
## Chicken-or-Egg Dilemma [**^**](#contents)
<img src="http://i.imgur.com/hHn9SLm.png"/>
Somebody mentioned it this morning, the classic chicken and egg problem: we don't have any software out there that we can issue to our issuers, don't have software to issue. We realized, in this case government is a little bit special, which I don't like to say very often.
It turns out our core business is issuing that's what we do every service we have is pretty much an issuer so we thought: what if we could give the services that we are dealing with in the business realm, somewhere to issue to?
<img src="http://i.imgur.com/9IHbEkL.png"/>
We purposely picked business realm because if we're dealing with business data we're not triggering all the personal identifiable information problems. In the BC we call it FoIT, the Freedom of Information Act and Privacy Protection Act. When you get into personal data, of course it triggers all of that which, is good but makes it very complicated to play with new technologies.
## The Org Book [**^**](#contents)
<img src="http://i.imgur.com/6KxuQM9.png"/>
We just deal with open business data right now and we thought: what if we could create something where these issuers could issue data to? and it would be a public thing, and we call that **The Org Book.**
This is a bootstrapping technique that we're copying from Facebook. We're just playing with one side of the market. **We're gonna deal with the supply side: the issuers of credentials, more commonly known as permits and licenses.**
<img src="http://i.imgur.com/o5KphnK.png"/>
Because they're public and because they're open we can create this directory of searchable verifiable data and we can build software for the issuers.
Our goal was how can we make it as easy as possible for existing services to be able to issue their credentials to this OrgBook starting with the foundational data of the registry, and we're going to show you that.
**When we started writing this code built on top of Hyperledger Indy we realized that there could be intermediate benefits.**
<img src="http://i.imgur.com/voKqoaF.png"/>
So first there's some public good, and the searching and finding of data will show you that. It turns out we can also create [api's](https://bcgov.github.io/MyGovBC-notification-server/docs/api-overview/) to allow that data to be searchable, and we created an [enterprise agent](https://github.com/bcgov/von_agent) for services to verify the data in The Org Book.
So later when businesses have their own services for holding verifiable credentials, our issuers are ready.
<img src="http://i.imgur.com/AdYRiK9.png"/>
## BC Gov Org Book [**^**](#contents)
Now I'm gonna hand it over to Stephen. This is what The Org Book looks like in British Columbia, so there's two instances and we'll show you them both but **this is the [British Columbia Org Book](https://orgbook.gov.bc.ca/en/home) and it's basically a kind of a Yelp type site.**
<img src="http://i.imgur.com/nsurhhx.png"/>
**we've got five hundred twenty-five thousand active legal entities in British Columbia every one of them has a record in here** they have the credentials that the registries have issued to them
<img src="http://i.imgur.com/ngfzaPh.png"/>
Let's do a search we're into chocolate because we're in Switzerland so we'll talk about a Vancouver Island chocolatier. Purdy's chocolates, we can take a look at them. Search capability names we've got other capabilities for what searches we can provide ways to filter and things. When we get into it, we can see some information that the registry publishes, so previously registered.
<img src="http://i.imgur.com/0mcU9ru.png"/>
**9:41** This is all public data, this is all open data. This is exactly what they hang on their walls inside the restaurant and things like that, there's really no place in BC it is actually published but in a very obscure places, very difficult to find. We've actually, as a byproduct of doing this exercise, created a pretty useful facility for citizens to use to find businesses, so we can take a look at them.
## Verifiable Credentials [**^**](#contents)
<img src="http://i.imgur.com/yMMHV01.png"/>
this one has a couple of credentials they actually have a corporate entity and then a couple of names they do business under so [they've got several credentials](https://orgbook.gov.bc.ca/en/organization/BC0057742/cred/1902355) we can see a timeline of when they've got the different credentials so we can take a look at those in it and as the history builds up we haven't loaded all the history of all BC companies yet some of that is on paper which is going to be more challenging but that's that's not for us to worry about but we can load them up so if we can look at our registration we can see an active credential
<img src="http://i.imgur.com/vmZx8py.png"/>
<img src="http://i.imgur.com/umWHJO7.png"/>
so this is what a credential looks like online basically we present it with the key data that a person might be interested in and then at the bottom we can actually go [into the credential](https://orgbook.gov.bc.ca/en/organization/BC0057742/cred/1902355/verify) from an Hyperledger Indy perspective
<img src="http://i.imgur.com/l3LCLnu.png"/>
so this is the schema if you as they call it on the one side the populated data for this particular version of the
credential and then down below we get some really fun stuff
this allows any citizen to go and do the cryptography on
paper themselves to prove that this is a proven credential yeah and we say verified see the check up there that's
the that's the key
<img src="http://i.imgur.com/47eUSiL.png"/>
## Production Network—Live 9-10-18 [**^**](#contents)
okay I think that's most of what we wanted to show so the idea here that we wanted to talk about a little bit was the title of this, **this is a production system, we've been live since the 10th of September**
<img src="http://i.imgur.com/cHws3Sb.png"/>
there's a little story there so let's go back to the home page and let me talk about a couple of things there the current statistics those are actual statistics we actually recreated the credentials and loaded them this week
so that's why **2.6 million were issued this week** we can do that the first weekend in September when we loaded it, it took 10 days to load the credentials so that kind of wasn't too good.
**we had Ontario coming behind us with about five times as many credentials** so we were a little nervous and did a couple of sprints to scale up its capabilities
BCGov, which has [the developers exchange](https://bcdevexchange.org/), is a pretty progressive environment for developing code. We've got a Red Hat open shift [kubernetes](https://kubernetes.io/) based platform
so basically we were able to use the capabilities of that platform to just spin up other instances and be able to scale up the the speed of loading and things like that so we got up to
we're now about 12 hours to load the full data set so we're creating issuing and holding about 2600 credentials per minute so decent speed it's kind of weird because we are a single holder for all of these organizations these don't the organizations don't have their own wallet and the first vision and the first thing that Indy wanted to support was the idea of a person having a wallet
so the database behind it was not the most scalable solution out of the box so the next thing we did as well to to make it scalable was to implement say an enterprise-grade wallet with Postgres in was the developer on that and we were pleased that yesterday his code was merged into the Indy SDK repo so it's now officially hyperledger code, which is kind of cool. So that's a contribution we've made to the to the ecosystem in Hyperledger Indy.
## General Purpose [**^**](#contents)
<img src="http://i.imgur.com/rrQSzsd.png"/>
So one of the things you're seeing, is this is a BC site, but it's really very generic so what we've tried to do is make it completely agnostic of what the actual credentials that will be loaded in.
We do have the concept that it's a an organization so we've got names, we have addresses, the concept of addresses, we have the concept of credential types, we have the concept of dates in there... but other than that the structure is whatever the issuer happens to issue so, it's very flexible for others to use.
<img src="http://i.imgur.com/sewb1Aq.png">
so that search that's up there is you know it was a decent amount of work uses solar and and and so on but is very generic so that other entities other jurisdictions can take this and basically spin up their own instance of this relatively easily using this code and be able to take advantage of the loading the naming the searching the display all of this is flexible and localized localizable
## Ontario Org Book [**^**](#contents)
<img src="http://i.imgur.com/PMpdfJ8.png"/>
let's take a look at the Ontario one so [The Ontario Org Book](https://www.von.gov.on.ca/) looks quite different from BCS obviously the search panel is the same they have different things they want to show and what they they don't want to show
<img src="http://i.imgur.com/wfCQNDT.png"/>
so for example in Ontario they didn't want to show the structure of a company they actually have a contract that charges for that so they weren't able to do that through this
so every entity and every doing business as is a separate entity on this so because we were building with multiple jurisdictions in mind right
<img src="http://i.imgur.com/L97WeSB.png"/>
from the start we've we built it to be pretty flexible and so you're able to construct it on your own have your own skinning language support there's multiple language support is in there built in already I think those were the main things
## Come to our Workshop [**^**](#contents)
<img src="http://i.imgur.com/GwrN03q.png"/>
the two more things that I wanted to touch on: **come to our workshop on Friday and Saturday** and what we're actually doing is building out issuers and verifiers
* [Hands-On with Verifiable Organizations Network - Part 1](https://www.youtube.com/watch?v=R5TB-goL3_o&list=PL0MZ85B_96CGkWnEvdPy5sB4VRcH2XWuP&index=108)
* [Hands-On with Verifiable Organizations Network - Part 2](https://www.youtube.com/watch?v=j-lM2hNq1TI&list=PL0MZ85B_96CGkWnEvdPy5sB4VRcH2XWuP&index=107)
<img src="http://i.imgur.com/PE065NM.png"/>
So this is The Org Book, the central piece. What really is important is there's an API behind all this that a issuer of permits can use to learn about the company to fetch the credentials that are already there and have them proven and then issue credentials back to the org book.
A key part of this is that being easily able to extend this to many more permits and licensing providers could be within the government which we're working with.
<img src="http://i.imgur.com/cdI0NGO.png"/>
almost every project team we talked to says "oh we can use that!" so we're building that out and trying to make that as easy as possible so our workshop on Friday involves building an issue or verifier and actually deploying it out so you can create your issue your own credentials
<img src="http://i.imgur.com/QyOUf4G.png"/>
## Bootstrapping Mechanism [**^**](#contents)
the other side of it that we think is going to be really important is well this is a bootstrapping mechanism we've realized there can be some life to this in that we're going to create we're going to be creating a pub sub subscription service basically so that a business that gets a credential and verifies it can subscribe to that credential in the future and get notified when it changes
so a big challenge in all government organizations is this ability to understand when things change and we think this can be a super light way for a business to get notified that:
"hey these two businesses just merged they've started a new entity", "those two entities no longer exist they've been dissolved in this new entity exists you should know that" and
so that webhook capability will just whatever you're subscribed to when when our credential changes we can notify you that it happened and then you can dig in to figure out how that affects your permit and licensing service
## dFlow [**^**](#contents)
the other piece that we'll show is thing called decentralized flow - [dFlow](https://dflow.orgbook.gov.bc.ca)
<img src="http://i.imgur.com/a8WzejN.png"/>
so do you wanna go to that okay spicy wings we're gonna look at Spicy Wings. This is our dev site, this is just new, that we're playing with. This is a company that's got four different credentials from different organizations.
<img src="http://i.imgur.com/jUyJEIk.png"/>
They've got a registration a PST that's a tax number from the province, a clearance letter for workman's compensation for a worker's insurance, and a business license from a from an entity from a municipality.
<img src="http://i.imgur.com/2fQTCap.png"/>
So with [dFlow](https://dflow.orgbook.gov.bc.ca) what we can do is basically what you're saying is I have a goal as a businessman I have a goal that I want a business license in the city of Surrey and it's going to be for a restaurant what have I got to do to accomplish that what other things do I need and
<img src="http://i.imgur.com/YSIIWLQ.png"/>
what we've built here is a [dynamic workflow](https://github.com/bcgov/dFlow) that starts with the one you want I want a business license, and says "what are the prerequisites for getting a business license?" well that's been encaptured in the proof requests that the business requires before it will issue you the credential that they have to offer.
<img src="http://i.imgur.com/PpzN2E9.png"/>
**19:34** so we can look at that proof require and then iteratively go back to that proof request and walk back a step and walk back a step all the way back until we get to the starting point and
<img src="http://i.imgur.com/XQK4hH3.png"/>
now we can display dynamically what does that company need in order to get a business licencse there their goal and then what have they already got that allows them to proceed
<img src="http://i.imgur.com/FvA5vMU.png"/>
so basically this company the ones in blue they already have and they can take a look at it the ones in yellow they're able to acquire now because they have all the prerequisites they haven't got it yet but they have the prerequisites for it and the ones in red they don't have the prerequisites they're just going to get rejected so no need to start in on those already
<img src="http://i.imgur.com/Pmtg8km.png"/>
the nice thing about this is all of these entities that are issuing credentials that are issuing permits and licenses don't have to know the whole journey that that's really hard to figure out all they have to know is what their prerequisites are and as soon as they express those in the form of a proof request we can dynamically walk that chain and figure out what what else they need compare that with what's in their wallet what credentials they already have and now we can give them a picture of where they are all right if we got a minute
<img src="http://i.imgur.com/ZdQrDU3.png"/>
**21:15** one of the things we're going to do in the workshop is in spinning up your issue or verifier is you'll have to connect to and create ended transactions on Indy blockchain on a distributed ledger
so this is a tool we created to be able to browse the network so we can look at in this case the four node network that we've got running we can look at the status of it
**21:50** we can do some operations like look at the Genesis transaction but we can also dig in and look at what are the transactions that actually exist on the ledger at this time
<img src="http://i.imgur.com/J6I6GkD.png"/>
we can do some searching for things and find all the ones that have tax in the name we can search by types of in this case we're looking for schema
<img src="http://i.imgur.com/QfgNVr1.png"/>
so this gives you a really good way of actually being able to see what is on the ledger you know get an idea as you register an issue or verifier take a look at what's there
so that's kind of a preview of the site and the ideas that have been emerging as a result of our work but there's a little bit more
## Just the First Step [**^**](#contents)
<img src="http://i.imgur.com/kO6nCGy.png"/>
**22:55** one of the things that we're trying to do is, it's helpful for BC businesses but BC businesses do business all around the world and we want our businesses to be able to interact digitally with everybody else and like Steven mentioned it's not just businesses but it's professionals and so forth
<img src="http://i.imgur.com/8tyRlCK.png"/>
this model could work for professional engineering societies medical societies other kinds of things that have public accreditation that you need to check on
<img src="http://i.imgur.com/3O2CKLa.png"/>
**23:27** so we have this idea where we think The Org Book helps us establish our local neighborhood. businesses are gaining their credentials and and that's kind of building up our local ecosystem
<img src="http://i.imgur.com/aYIYVha.png"/>
That makes it easier for us to help them find their way like we just demonstrated because each of these issuers are going to automatically be able to express digitally the preconditions that are necessary for them to be able to allow you into their service and an issue a new permit/
## Indy Catalyst [**^**](#contents)
We think that's pretty pretty cool and as a result of this learning we've we've come up with this generalized model that has been accepted as a sub project of Indy.
<img src="http://i.imgur.com/p8BME5z.png"/>
We're calling that [Indy Catalyst](https://github.com/bcgov/indy-catalyst) because this is sort of a bootstrapping capability, and that'll comprised of the code-behind [The Org Book](https://github.com/bcgov/TheOrgBook) in a more generalized fashion, and the code behind the issuer verifier service that we've built which we call [von-X](https://github.com/PSPC-SPAC-buyandsell/von-x) but we'll give some other sub named as an Indy Catalyst component.
## Serving the Public [**^**](#contents)
The big reason behind this is because I work for the government of BC, we're not a software development agency, were serving the public.
We want this to be part of a global capability, and
having a sustainable set of software in a well governed organization like Hyperledger, the Linux Foundation, we think is a good way to go.
**24:50**
We think that as these neighborhoods grow, hopefully well become will create what we call the verifiable organization Network
**25:01**
<img src="http://i.imgur.com/ANXXvan.png"/>
so this is sort of a concept where if you can use these kinds of tools and it doesn't have to be Hyperledger Indy it could be any system that is decentralized identifier—verifiable credential compliant
you'll be able to exchange verifiable data amongst businesses and that is really what we want to be able to do it's nice that they could come and do business with us like get the things they need but what's really more important is it that they transact amongst themselves that's what the economy lives.
That's the idea of the Verifiable Organisation Network and the coming code that we'll call a Hyperledger Indy Catalyst, so that is our talk for now.
<img src="http://i.imgur.com/dbHSiO7.png"/>
## Q&A [**^**](#contents)
**25:40** as Steven mentioned **we're having a workshop Friday and Saturday morning** and Ian and Steven and I'll do my best to help will walk you through actually creating an issue we're
creating schemas and doing your own decentralized workflow example.
**we're happy to take questions** just wanted to check any **prerequesites for the workshop**, any required software components to be installed before hand:
>you need a browser and you need a **docker hub ID** but you know you could do that while you're there yeah so the prerequisites are a docker hub ID and then everything else can be done in a browser and we've got all the guidance and so on but you don't need anything else I don't think about **Chrome** is ideal right chrome is probably the best we're using a tool called play with docker so you don't have to install anything on your machine it's super cool I promise no biometrics
so you did mention the verifiable claim and you you implied standards and I just want to confirm with the audience here because we had a side discussion.
>it's w3c compliant verifiable claims and then and so I don't want to ask about the the other adjuncts that the registrar and the verifier because you talk about those concepts but I'm trying to understand what standards you use or what you're developing on your own and what standards apply specifically the registrar?
right so right now it's Hyperledger Indy version of things but as they progress they'll they'll create the ID doc specs and the end verifiable credential base
but that's still emerging right in terms of how the agents communicate we're actually contributing quite a bit
to sort of this agent agent protocol and that's being done in the open as well right now in this sort of Hyperledger
Indy working groups but we want interoperability
we'd like our citizens to have a choice so they could use a DID method of their choice they could use software of their choice when it gets to personal data or this data we think if that's where the marketplace will provide options for citizens and businesses like the holder software so whatever standards emerge we would want to support those and we're helping shape some of those as well so
there isn't a specific standard for the agent agent protocol but it's a collaboration with the decentralized identity foundation and the w3c folks and the hyper ledger folks yeah one of the things we thought about as John alluded to early in the talk was oh we're gonna build this thing in our organizations they're gonna use our agent and they're gonna talk to our issuers and verifiers and we're gonna build all that stuff and then we realize no this is not what we should be doing we shouldn't be in the business of doing that we need to be in the business of issuing credentials
so we have to build software for that we need to make do it in a way that allows them to change as little as they need to we don't want them to have to read recreate their world we want them to just be an adjunct on just like they use a printer to print the verified credential the permit or the license so they can hang it on the wall we just want them to stamp out a digital version of that that's signed cryptographically right and
one of the things I say about that is like so this piece of software that we've been we sort of we take it for granted now but everything we've done is in the open every line of code every presentation every ticket it's all in github so it's all patchy
I mentioned we're contributing to the Hyperledger thing but sort of a line I say is like if your system can produce a CSV of your permit or license data then you're in our box we'll take care of the rest
you'll learn on the workshop that it's just an hour to to configure that thing to make it work for you and and that's how much work it takes kind of thing
we're trying to make it as easy as possible because we're from government we know like it's basically impossible to do IT things so we wanted to like you know make that as simple as possible
you have the concept of in this case the org book is the wallet right, and the issuers issued to it but it'll be using the same protocols in the future to issue two individual wallets which is the demand side right that sort of goes closely to the question I was going to ask
which is one of the points of blockchain is usually to have nodes under control of multiple entities where are the actual nodes right now from what I understand they're all under the control of the BC government so could there be like variances like an NGO holding onto one of the nodes, the production systems using the sovereign network to store the DID
there's a DID and a schema and a clerk read that you know credential definition and yeah on there but again in theory that could be another DID Network it's just there
aren't any other DID networks
so we're not gonna run the network we don't want to be running node but we're not running the network um the the thing you remember with verifiable credentials is they don't go on the ledger so none of the data about the organization's or about individuals goes on the ledger it all goes into a wallet
the weird thing we are doing is we've got this community wallet concept but once people have their own wallet we'll be issuing to their wallet directly we won't we may continue to issue to our own community wallet but for public credentials but for any other for the credentials once they have a wallet will be issuing to that wallet and they will be able to use it wherever they need to use it in whatever jurisdiction has systems that allow it
we are doing some collaboration with some folks from spark Telecom New Zealand that have a pretty nice implementation and we're using that as an opportunity to develop the early version of the agent agent protocol that's generalized
so as soon as we get code that map we had originally that just had Ontario and and Ottawa on it will expand to include New Zealand so we're looking forward to that and others
the schema you used for business registration is something that came from a standard about business registration or Ontario's doing the same one so that you guys just like get together in a darkroom and created or New Zealand I mean what happens with that
it's a schema that we co-created with Canada and Ontario
but we also looked at like standards in Canada that have evolved like I've been in this business for very it's not an ISO no no no there isn't such a thing in the world for that for businesses other than like maybe schema.org but it's
really not sufficient yeah so we evolved it together and so far
it's working you know
it's a bit tricky to get the minimal set but but again this helped with having multiple jurisdictions involved so we had a first, we did Ontario and we went wait this isn't gonna work we don't want that we're both Canadian entities we should be able to figure that out and that worked pretty well and then the other side of it was
once we got into things like the the doing business as well that's totally uncharted territory no not really yeah been done and we came up with something, Ontario came up with something even better, and we balance back and forth to figure out what a real
it's actually a relationship credential so we can have it point both ways the interesting thing there the thought process was a lot around we originally started oh you know how is The Org Book gonna show this and all that then we realized no that's not the right thinking what the thinking is is what is the business gonna want to do with this
what do they have to prove to somebody else and that's how you look at how how to build a credential is you stick it in the wallet of a business in this case or a person and figure out okay they've got to prove this to show that they're a
partnership to the bank how are they gonna do that and
that's the sort of mindset we had in building credentials so we built this so that's where the relationship credential came from which is I was very happy about because it's basically the edge in a graph so I'm terminal like that idea
the registration credentials are the nodes and this is a credential that demonstrates a linkage between the nodes of a knowning doing businesses name but that that those labels could be changed to is a director or as a beneficiary or any kind of relationship can be modeled this way between two things and so that generalizes the model to basically whatever you want which also gives it interesting properties in terms of visualization and analysis and relationship recommendation engines and that kind of stuff so it was fun hospital systems
we're gonna be talking with man Revere you know that's what an interesting thing is that you know like if you look at you know College of Physicians and Surgeons and other kind of public statements my you know engineering societies they publish these things already so they could have a version of this and then that just becomes part of the overall ecosystem so that you can for example have a prescription issued by a doctor to patient that patient brings the prescription to a pharmacy the pharmacy asks proof but at the same time can look at that credential say oh I'm gonna look up that doctor in this in the public you know verify in public doc hub or whatever the heck they call it and and they can subscribe to those things too so they can always know if that doctor currently licensed maybe that doctor has a restriction on the kinds of things they can prescribe so I think it's like it's a it's complementary to the peer-to-peer transaction when you have these public sort of hubs of trusted data we don't have them loaded today now like you come to the workshop we could
build another interesting one we're looking at is evident evidence so another function and the provincial
government is mining inspections things
like this so inspectors go out into the field out like offline and they are recording videos taking pictures making
notes and so forth and they would like to be able to be used data that they gather five you ten years from now and
be able to answer the question definitively it was this person using this device on this place at this time
and it data was unaltered well that's a credential you could have their phone issue a credential to an internal hub of
like this and you know ten years from now when there's a court case they can use that you can just ask for a proof
from it and at that point we know that it's unaltered and and we know who it was and we know what version it was and
what chunk of binary data was hashed in there
so we had to experiment with that that could be quite an interesting matter all right we're just about done any other
questions or great well hopefully some of you will come for a workshop and thanks for your time
[Applause]
**Contact Me for Research Based Content—[infominer.id](https://infominer.id)**

163
hyperledger/indy-ecosystem/README.md Normal file
View file

@ -0,0 +1,163 @@
# Awesome Hyperledger Indy Resources [![Awesome](https://awesome.re/badge.svg)](https://awesome.re)
<a href="https://infominer.id"><img src="https://infominer.id/images/infominer.png" align="right" width="150" height="140"></a>
**Protocol, Governance, Education, Ecosystem**
This page contains a growing collection of educational resources related to Evernym, the Sovrin Foundation, and Hyperledger Indy. It was born from [/awesome-decentralized-id](../README.md) and contains some of the same material, but is quite exhaustive. As a result, I decided to split this list off to focus on learning about Hyperedger Indy, the Sovrin Foundation, adn Evernym. Its an index for training, developers, students, end users, investors, and enterprise to more easily navigate the digital identity landscape enabled by Hyperledger Indy.
Since the information is all inter-related, there is some overlapp. Skipping back and forth may be required, depending on your particular interests.
**[Pull Requests](https://github.com/infominer33/awesome-decentralized-id/blob/master/contributing.md) and\or [Contributions](#brought-to-you-by-the-crypto-librarysuper-source) Welcome**
![](https://i.imgur.com/KFmYHQ6.png)
## Contents
* [Introduction](#introduction-)
* [Link Shorthand](#link-shorthand-)
* [Self Sovereign Identity—SSI](#self-sovereign-identity-)
* [Selected Articles Windley.com](#selected-articles-windleycom-)
* [Hyperledger Indy](#hyperledger-indy-)
* [Additional Indy Related](#additional-indy-related-)
* [Wallets](#wallets-)
* [Zero Knowledge Proof in Indy](#zero-knowledge-proofs-in-indy-)
* [Videos](#video-)
* [Podcasts](#podcasts-)
* [Directory](#directory-)
* [Indy GitHub Repos](indy-github-repos.md)
* [Adoption](adoption.md)
* [VON.md](VON.md)
* [VerifiableOrganizationsNetwork-HGF.md](VerifiableOrganizationsNetwork-HGF.md)
* [Microledgers-Edgechains-Hardman-HGF.md](/Microledgers-Edgechains-Hardman-HGF.md)
* [Literature](literature.md)
* [Sources](#sources-)
## Link Shorthand [**^**](#Contents)
[[**T**](#Link-Shorthand)]witter • [[**G**](#Link-Shorthand)]ithub • [[**B**](#Link-Shorthand)]log • [[**wp**](#Link-Shorthand)] whitepaper • [[**D**](#Link-Shorthand)]ocumentation • [[**F**](#Link-Shorthand)]orums • [[**C**](#Link-Shorthand)]hat • [[**tele**](Link-Shorthand)]gram • [[**web**](Link-Shorthand)]site
• [[**ϟ**](#Link-Shorthand)] related resource • [[**>**](#Link-Shorthand)] related section • [[**>>**]()] related section on awesome-decentralized-id • [[**^**](#Link-Shorthand)] back to the contents.
![](https://imgur.com/3zz62kpl.png)
## Introduction [**^**](#Contents)
Internet Identity Workshop is where the quest for concious, user-centric, identity began. Rebooting Web-of-Trust Workshops sprung from the IIW, focused on creating standards for DPKI. Among the United Nations 'Sustainable Development Goals' is for all the world to have access to a digital identity by 2030. Around 2016, the SDGs, blockchain, and the GDPR converged bringing much energy to the decentralized identity ecosystem.
**Additional history and related information may be found at [/awesome-decentralized-id](../README.md#Contents)**.
## Hyperledger Indy [**^**](#Contents)
![](https://www.osiztechnologies.com/asset/oimages/hyperledger_indy/hyperledger_indy_02.png)
![](https://imgur.com/2LWlrgvl.png)\
<sup><a href="https://www.edx.org/course/blockchain-for-business-an-introduction-to-hyperledger-technologies">Linux Foundation -Blockchain for Business -INDY</a></sup>
* [Hyperledger Indy - *Distributed Ledger and Utility Library*](https://www.hyperledger.org/projects/hyperledger-indy) [[**T**](https://twitter.com/Hyperledger)] [[**C**](https://chat.hyperledger.org)]
* [Indy Documentation Index - wiki.hyperledger.org](https://wiki.hyperledger.org/projects/indy/documentation)
* [indy.readthedocs.io](https://indy.readthedocs.io/) (under construction)
* [Indy Docs Framwork](https://github.com/hyperledger/indy-hipe/tree/master/text/0025-indy-docs-framework)
* [Introduction to Hyperledger Indy](https://github.com/hyperledger/education/blob/master/LFS171x/docs/introduction-to-hyperledger-indy.md) (awesome resource from hyperledger github)
* [Hyperledger Indythe Future of Decentralized Identity](https://www.axiomtech.io/blog-feed/hyperledger-indy-decentralized-identity)
* [Hyperledger Welcomes Project Indy](https://www.hyperledger.org/blog/2017/05/02/hyperledger-welcomes-project-indy) - ANN
* [The Rise of Self-Sovereign Identity - Hyperledger Indy](https://wso2.com/blog/research/the-rise-of-self-sovereign-identity-hyperledger-indy)
* [Ernesto.net - What goes on the Ledger](https://www.ernesto.net/ernesto-net-5-minute-course-on-indy-and-what-goes-on-the-blockchain-ledger/)
* [Ernesto.net - Hyperledger Indy Architecture](https://www.ernesto.net/hyperledger-indy-architecture/)
* [github.com/IBM-Blockchain-Identity](https://github.com/IBM-Blockchain-Identity) (Docker based tutorial sandbox env)
* The Linux Foundation's [Blockchain for Business](https://www.edx.org/professional-certificate/linuxfoundationx-blockchain-for-business) course may be freely audited and has a section about Indy.
* [Blockchain development made easy: Getting started with Hyperledger Indy](https://jaxenter.com/hyperledger-indy-interview-hardman-148796.html) - Interview with Daniel Hardman[[**G**](https://github.com/dhh1128)][[**L**](https://www.linkedin.com/in/danielhardman/)][[**T**](https://twitter.com/dhh1128)], Hyperledger Indy maintainer
<img src="https://i.imgur.com/a0dpDtr.png"/>
## Additional Indy Related [**^**](#Contents)
* [Hyperledger Identity Working Group-paper](https://docs.google.com/document/d/1ExFNRx-yYoS8FnDIUX1_0UBMha9TvQkfts2kVnDc4KE/edit#heading=h.7noli5fp1i70)
* [HyperledgerIndyWGCall_2018-12-06](https://drive.google.com/file/d/1166XpTM8WgZVMN2ca53CRCJapZlAeUhM/view) Discussion of VON and Plenum Docs (w info-graphics)
* [A Framework for Designing Cryptographic Key Management Systems](https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-130.pdf)
* [An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials](https://eprint.iacr.org/2008/539.pdf)
* [An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation](https://www.iacr.org/archive/eurocrypt2001/20450093.pdf)
* [sovrin-foundation/connector-app](https://github.com/sovrin-foundation/connector-app) - Reference mobile edge agent for use with the Sovrin Network built from Hyperledger Indy.
* [Building binaries of LibIndy for Android](https://github.com/hyperledger/indy-sdk/blob/master/doc/android-build.md)
* [HIPE 0014-ssi-notation](https://github.com/hyperledger/indy-hipe/tree/master/text/0014-ssi-notation)
* [Set up Indy Pool in Local Linux Environment Using Docker](https://medium.com/@smaldeniya/setup-hyperledger-indy-pool-in-local-linux-environment-using-docker-304d13eb86dc)
* [Learn how to set up a DEV Environment with Vagrant on Hyperledger Indy!](https://github.com/hyperledger/indy-node/blob/master/environment/vagrant/sandbox/DevelopmentEnvironment/Virtualbox/Vagrantfile)
* [Semantics Working Group Shared Docs](https://drive.google.com/drive/u/0/folders/1zkXr--0DG7I1k62vaFuotEzIaTIUH0ou?ogsrc=32)
* [Verifiable Credentials, Schema and Overlays- Overview Decks](https://drive.google.com/drive/u/0/folders/1UxLLugRQKuV8Mdvv_X9Y6ty4szSi5ZNU?ogsrc=32)
* [Indy August Update](https://wiki.hyperledger.org/groups/tsc/project-updates/indy-2018-aug) - Most recent report from the Hyperledger Indy team.
### Wallets [**^**](#Contents)
* [How to build a Self Sovereign Identity Wallet](https://www.devteam.space/blog/how-to-build-a-self-sovereign-identity-wallet/)
* https://github.com/streetcred-id/indy-sdk-storage
### Zero Knowledge Proofs in Indy [**^**](#Contents)
<a href="https://www.slideshare.net/eralcnoslen/privacypreserving-authentication-another-reason-to-care-about-zeroknowledge-proofs"><img src="https://i.imgur.com/LAUkkbN.png"/><br/><sup>Privacy Preserving Authentication—Another reason to care about ZKP</sup></a>
* [The Sovrin Network and Zero Knowledge Proof](https://sovrin.org/the-sovrin-network-and-zero-knowledge-proofs/) - high level walk through
* [AnonCreds: Anonymous credentials protocol implementation in python](https://github.com/hyperledger/indy-anoncreds) [[**ϟ**](https://github.com/hyperledger/indy-anoncreds/blob/master/docs/anoncred-usecase1.pdf)]
* [Relationship Diagram](https://github.com/hyperledger/indy-node/blob/master/docs/relationship-diagram.png)
* [Zero-Knowledge Proofs: Privacy-Preserving Digital Identity with Clare Nelson](https://www.slideshare.net/SSIMeetup/zeroknowledge-proofs-privacypreserving-digital-identity-with-clare-nelson)
* [Anonymous Credentials: Claims and Proofs in a Developer-friendly Format](https://docs.google.com/document/d/1XEfaOinOTIU9RgtP-GlXQAbOoW8z-oR5aWJDoQdftZ4/edit#heading=h.vor6nerodxkn) - Mike Lodder
>Our zero-knowledge proofs are part of the [Idemix protocol](http://domino.research.ibm.com/library/cyberdig.nsf/papers/EEB54FF3B91C1D648525759B004FBBB1/%24File/rz3730_revised.pdf), where they are used to prove the possession of [Camenisch-Lysyanskaya credentials](https://eprint.iacr.org/2001/019.pdf). We also use zero-knowledge proofs in the revocation protocol, which is based on [cryptographic accumulators](https://eprint.iacr.org/2008/539.pdf). —*[What Zero Knowledge Poof Algorithm is used in Sovrin?](https://forum.sovrin.org/t/what-zero-knowledge-proof-algorithm-is-used-in-sovrin/71/2)*
>Identity Mixer is not directly (re)implemented by Sovrin, but its cryptographic foundations are very similar, and Sovrins implementation includes most of its extended features (predicates, multi-credential, revocation, advanced issuance…). One of the researchers who helped to create Identity Mixer is on Sovrins Technical Governance Board and has offered insight to keep the implementations aligned on goals and methods.
>—*[How is IDEMix Implemented?](https://forum.sovrin.org/t/how-idemex-is-implemented-in-sovrin-indy/)*
* [IBM Identity Mixer](https://www.zurich.ibm.com/identity_mixer/) [[**B**](https://idemix.wordpress.com/)]
* [idemix in Hyperledger Fabric](https://hyperledger-fabric.readthedocs.io/en/release-1.3/idemix.html)
* [ABC4Trust—Attribute-based Credentials for Trust](https://abc4trust.eu/)
* [Concepts and Features of Privacy-Preserving Attribute-Based Credentials](https://github.com/p2abcengine/p2abcengine/wiki/Concepts-and-features)
* [Concepts and Languages for Privacy-Preserving Attribute-Based Authentication](http://dl.ifip.org/db/conf/idman/idman2013/CamenischDLNPP13.pdf)
### Video [**^**](#Contents)
* [Meet the Sovrin Foundation](https://vimeo.com/299487829)
* [Hyperledger Indy Explainer Video](https://www.youtube.com/watch?v=MnO2L6WoqD0)
* [Phil Windley on the Sovrin Network](https://www.youtube.com/watch?v=IxQUL2ztFi8)
* [Self-Sovereign Identity with Hyperledger Indy\Sovrin- Calvin Cheng - FOSSASIA 2018](https://www.youtube.com/watch?v=hfyIZu3_fw8)
* [Hyperledger Indy introduction with Indy Agents Demo](https://www.youtube.com/watch?v=llwfb5Ut5sg)
* [Hyperledger Indy Demo Screencast](https://www.youtube.com/watch?v=9WZxlrGMA3s&t=93s)
* [Architectural Overview of Indy Wallets](https://www.youtube.com/watch?v=Km4IoUdb3Lc)
* [Indy Demo by IBM](https://www.youtube.com/watch?v=cz-6BldajiA)
* [Behind the Cloud Episode 6: Blockchain and Self-Sovereign Identity in the Enterprise](https://www.youtube.com/watch?v=wSdm2-18Z2g)
* [Evernym's contributions to Hyperledger Indy](https://www.youtube.com/playlist?list=PLRp0viTDxBWGLdZk0aamtahB9cpJGV7ZF)
* [Introduction to Indy Plenum Architecture](https://www.youtube.com/watch?v=WZin717AT_A)
* [Hyperledger Indy Working Group Calls](https://drive.google.com/drive/u/0/folders/1AwHWN95KmSEi5fijraID0tFFMzYHoMwt?ogsrc=32)
* [Sovrin: Public, Permissioned and Still Decentralized - Nathan George](https://www.youtube.com/watch?v=lVHJiUrHv2A&app=desktop)
* [Hyperledger Global Forum - Video](https://www.youtube.com/playlist?list=PL0MZ85B_96CGkWnEvdPy5sB4VRcH2XWuP)
### Podcasts [**^**](#Contents)
* [MyData Podcast](https://mydata.org/podcast/)
### Sources [**^**](#Contents)
* [Evernym](https://www.evernym.com/)
* [Sovrin Foundation](https://sovrin.org/)
* [wiki.hyperledger.org—Indy](https://wiki.hyperledger.org/display/indy)
* [indy.readthedocs.io](https://indy.readthedocs.io)
* [SSI Meetup](http://ssimeetup.org/) [[**V**](https://www.youtube.com/channel/UCSqSTlKdbbCM1muGOhDa3Og)][[**SS**](https://www.slideshare.net/SSIMeetup/presentations/)]
* [windley.com/tags/sovrin](http://www.windley.com/tags/sovrin)
* [/WebOfTrustInfo](https://github.com/WebOfTrustInfo/)
* [/peacekeeper/blockchain-identity](https://github.com/peacekeeper/blockchain-identity)
* [/awesome-decentralized-id](/README.md)
---
### Contact Me for Research Based Content—[infominer.id](https://infominer.id)
<a href="https://infominer.id"><img src="https://infominer.id/images/infominer.png" align="right" width="150" height="140"></a>
Check out the [Crypto SuperSource Discord Server](https://discord.gg/ahTuPMY), if you'd like to chat or discover our other crypto-resources.
**Tips Welcome**
BTC— 1GvkjHtiy9LUjVkStnEAXxjhcoS56aCokY
![](https://imgur.com/yXLLm9Bl.png)
DOGE— DSzMxfABB8EwKiumzV7YHhS7HTvWAyM7QF
![](https://i.imgur.com/0zBLoUP.png)

21
hyperledger/indy-ecosystem/VON.md Normal file
View file

@ -0,0 +1,21 @@
# BCGov's Verifiable Organizations Network VON
![](https://i.imgur.com/0Mr3YMn.pnghttps://i.imgur.com/CvQnRZ2.png)
>VON's founding members are governments who are, by law, trusted issuers of data about organizations. The Province of British Columbia, Province of Ontario and the Government of Canada have come together to create the initial services needed to establish VON.
>
>VON's founders have delivered new Indy-based open source components which form VON's backbone. TheOrgBook is a publicly accessible repository of verifiable claims about organizations. VON-X enables services to verify and issue credentials.[[**ϟ**](https://hgf18.sched.com/event/G8rm/verifiable-organizations-network-a-production-government-deployment-of-hyperledger-indy-john-jordan-province-of-british-columbia-stephen-curran-cloudcompass-computing-inc)]
* [Verified Organization Network](https://vonx.io/) [[**G**](https://github.com/bcgov/von)] [[**D**](https://vonx.io/getting_started/von-overview/)] [[**ϟ**](https://www.iaca.org/wp-content/uploads/VON-Using-Blockchain-Technology.pdf)] [[**>**](#Canada)]
* "an initiative by the government of British Columbia to create a trusted network of organizational data. It allows organizations to claim credentials that are part of their own digital identity, using a component called [TheOrgBook](https://theorgbook.pathfinder.gov.bc.ca/en/home)[[**G**](https://github.com/bcgov/theorgbook)] that lists entities with their associated public verifiable claims.
* [Pan-Canadian Trust Framework](https://github.com/canada-ca/PCTF-CCP)
* [Demonstrating the Verifiable Organizations Network (VON)](https://docs.google.com/document/d/1wNnXdQKUtWnx--xw3VQ9Fr2TDa0kUNIBSMmFGR4uoMg/edit#heading=h.kphtj2c176xb)
* [BC.gov Verifiable Organizations Network Demo](https://drive.google.com/open?id=1Ms2vKqTe-jVDpz5eWtQIqIz8Jl6TLbSE) (video)
* [VONs Blockchain Basis](https://vonx.io/getting_started/vons-blockchain-basis/)
* [Getting Started with Hyperledger Indy](https://cdn.oreillystatic.com/en/assets/1/event/274/Getting%20started%20with%20Hyperledger%20Indy%20Presentation.pdf)
* [BCGov Verifiable Organization Network Impressive Client Demo](https://www.continuumloop.com/bcgov-verifiable-organization-network/)
* [bcdevexchange.org/opportunities](https://bcdevexchange.org/opportunities)
* [BCovrin](http://138.197.138.255/) - Indy TestNet
>The Government of British Columbia and the Government of Ontario have already rolled out a production system using the Sovrin Network for business registration and licensing; together they've issued over 6 million credentials, according to Windley. - [How Blockchain may Kill the Password](https://www.computerworld.com/article/3329962/blockchain/how-blockchain-may-kill-the-password.amp.html)

32
hyperledger/indy-ecosystem/adoption.md Normal file
View file

@ -0,0 +1,32 @@
# Evernym-Sovrin-Indy Adoption
![](https://i.imgur.com/3sfiarQ.png)
* [Tykn *The Future of Resilient Identity*](https://tykn.tech/) [[**T**](https://twitter.com/Tykn_tech)][[**G**](https://github.com/tykntech)][[**D**](https://docs.google.com/document/d/1pNRO6aOb5eK4s8PVv7yS4x9TkqrGglCJ4jebU1F3Yzo/edit#)] (Indy\Sovrin)
* [Why we use Sovrin](https://blog.tykn.tech/why-we-use-sovrin-ee31dd146a47)
* [Illinois Blockchain Initiative](https://illinoisblockchain.tech/) — [partners with Evernym to launch birth registration pilot](https://illinoisblockchain.tech/illinois-partners-with-evernym-to-launch-birth-registration-pilot-f2668664f67c)
* [News Release: DHS S&T Awards $749K to Evernym for Decentralized Key Management Research and Development](https://www.dhs.gov/science-and-technology/news/2017/07/20/news-release-dhs-st-awards-749k-evernym-decentralized-key) (Department of Homeland Security)
* [Cordenity: Evernym and R3 Partner to make Corda compatible with Indy](http://www.paymentsjournal.com/evernym-r3-partner-apply-self-sovereign-identity-financial-services/) [[**G**](https://github.com/Luxoft/cordentity)][[**D**](https://schd.ws/hosted_files/hgf18/0e/Indy%20Identity%20on%20R3s%20Corda.pdf)]
* [Sovrin Foundation, Ontology and Evernym Collaborate on Interoperable Decentralized Identity Networks](https://medium.com/ontologynetwork/blockchain-identity-experts-ontology-evernym-and-the-sovrin-foundation-reach-an-agreement-on-68974ae50bb2)[[**ϟ**](https://globenewswire.com/news-release/2018/10/23/1625715/0/en/Sovrin-Foundation-Ontology-and-Evernym-Collaborate-on-Interoperable-Decentralized-Identity-Networks.html)]
* [SecureKey Technologies to explore interoperability between Verified.Me and Hyperledger Indy](https://securekey.com/press-releases/hyperledger-indy/)
* [Evernym rolls with auto industry association MOBI to promote SSI in automotive and IoT](https://globenewswire.com/news-release/2018/10/05/1617425/0/en/Evernym-rolls-with-auto-industry-association-MOBI-to-promote-SSI-in-automotive-and-IoT.html)
* [15 Industry Leaders Join Evernyms Global Accelerator to Build the Future of Digital Identity.](https://globenewswire.com/news-release/2018/11/07/1647044/0/en/15-Industry-Leaders-Join-Evernym-s-Global-Accelerator-to-Build-the-Future-of-Digital-Identity.html)
> Founding members of the Accelerator include industry leading organizations ATB Financial, IAG, Irish Life, the International Federation of Red Cross, Spark New Zealand, Truu and three provincial and state governments. Collectively, these organizations represent the interests of 100's of millions of individuals worldwide.
* [IOTA and Evernym Launch Collaboration Aimed at Making the Internet of Things More Secure](https://globenewswire.com/news-release/2017/08/31/1106292/0/en/IOTA-and-Evernym-Launch-Collaboration-Aimed-at-Making-the-Internet-of-Things-More-Secure.html)
* [Digital Identity Innovator Helps Non-Profits Get on the Identity Blockchain](https://globenewswire.com/news-release/2018/09/25/1575928/0/en/Digital-Identity-Innovator-Helps-Non-Profits-Get-on-the-Identity-Blockchain.html)
>Evernym is opening its Accelerator program to Non Profit Organization (NPOs) applications. Evernym will waive the $50,000 membership fee it normally charges to participate in the program. A panel of judges will select the successful applicants. The first group of awards will be announced before December 2018 and will include 5 organizations. Further NPO cohorts are already planned for 2019.\
>The World Bank estimates over 1 billion persons, usually the most vulnerable, are without formal identity.
* [The Sovrin Foundation Names Cisco Founding Steward](https://globenewswire.com/news-release/2018/06/21/1527830/0/en/The-Sovrin-Foundation-Names-Cisco-Founding-Steward.html)
* [CULedger partners with decentralized identity innovator Evernym to create MyCUID](https://www.cuinsight.com/press-release/culedger-partners-decentralized-identity-innovator-evernym-create-mycuid)
* [Self Sovereign Identity and MyData](https://medium.com/@apoikola/self-sovereign-identity-and-mydata-e1f996a9451)
* [Mydata](http://mydata.org/) [[**T**](https://twitter.com/mydataorg)] [[**D**](https://mydata.org/papers/)] [[**D**](https://mydata.org/declaration/)]
* goal: to empower individuals with their personal data, thus helping them and their communities develop knowledge, make informed decisions, and interact more consciously and efficiently with each other as well as with organisations."
* [Consent](http://www.consent.global/)[[**ϟ**](https://sovrin.org/steward/global-consent/)] — "platform for trusted personal data applications and services, using Ethereum smart contracts to implement decentralized identifiers, verified credentials, consent receipts, a web of trust, and exchange of assets and value."
* [Legal Entity Identifier blockchained by a Hyperledger Indy implementation of GraphChain](http://www.graphchain.io/MTSR2018.pdf)
>The main idea behind GraphChain is to use blockchain mechanisms on top of an abstract RDF graphs. This paper presents an implementation of GraphChain in the Hyperledger Indy framework. The whole setting is shown to be applied to the RDF graphs containing information about Legal Entity Identifiers (LEIs).
* [What the EEA and Hyperledger Collaboration Means for Enterprise Blockchain Development](https://media.consensys.net/what-the-eea-and-hyperledger-collaboration-means-for-enterprise-blockchain-development-31580012cb2)
* [IXO World](https://ixo.world/) - Guided by the UN framework of 17 Global Goals to end poverty, protect the planet and ensure prosperity for all, by the year 2030. [[**ϟ**](https://twitter.com/phillipgibb/status/1073247433067556865)]
>"Achieving the Sustainable Development Goals demands embracing the data revolution " UN Secretary - General (2014)
* <a href="https://twitter.com/Hyperledger/status/1072892591157510148"><img src="https://i.imgur.com/pjs9aPf.png"/></a>
* <a href="https://twitter.com/techkuz/status/1074492556434698241"><img src="https://i.imgur.com/txTBlSU.png"/></a>
* <a href="https://twitter.com/ByteSizeCapital/status/1046067509869367307"><img src="https://i.imgur.com/WeLDs34.png"/></a>

18
hyperledger/indy-ecosystem/indy-github-repos.md Normal file
View file

@ -0,0 +1,18 @@
# Indy Github Repositories
* [/indy-plenum](https://github.com/hyperledger/indy-plenum) - Byzantine Fault Tolerant Protocol [[**wiki**](https://github.com/hyperledger/indy-plenum/wiki)]
> "Byzantine fault tolerance is a sub-field of fault tolerance research inspired by the Byzantine Generals' Problem, which is a generalized version of the Two Generals' Problem."
* [Storage components](https://github.com/hyperledger/indy-plenum/blob/master/docs/storage.md) - As of now, RocksDB is used as a key-value database for all Storages.
* [/indy-sdk](https://github.com/hyperledger/indy-sdk) - Everything needed to build applications that interact with an Indy distributed identity ledger.
* [MAINTAINERS.md](https://github.com/hyperledger/indy-sdk/blob/master/MAINTAINERS.md)
* [/indy-node](https://github.com/hyperledger/indy-node) - The server portion of a distributed ledger purpose-built for decentralized identity.
* [/indy-anoncreds](https://github.com/hyperledger/indy-anoncreds) - Anonymous credentials protocol implementation in python
* [/indy-agent](https://github.com/hyperledger/indy-agent) - reference agents and associated tools.
* [/indy-test-automation](https://github.com/hyperledger/indy-test-automation) - Automation tools for testing of Indy Project components.
* [/indy-post-install-automation](https://github.com/hyperledger/indy-post-install-automation)
* [/indy-hipe](https://github.com/hyperledger/indy-hipe) -
Hyperledger Indy Project Enhancements
* https://indy.readthedocs.io/projects/hipe/en/latest/
* [/indy-crypto](https://github.com/hyperledger/indy-crypto) - shared crypto library for Hyperledger Indy components. To be:
* [/ursa](https://github.com/hyperledger/ursa) [[**ϟ**](https://www.hyperledger.org/blog/2018/12/04/welcome-hyperledger-ursa)][[**ϟ**](https://www.coindesk.com/hyperledger-launches-cryptography-toolbox-for-blockchain-developers)] "includes the Hyperledger Indy-Crypto code base that is the building block for anonymous credentials, the verifiable credentials protocol, in indy-sdk used by the Sovrin Network. [...] We are hopeful the shared library will help other platforms better incorporate and use ZKP-based credentials and leverage Sovrin for their identity component." (From Nathan George on Sovrin Telegram) [[**wiki**](https://wiki.hyperledger.org/projects/ursa)]

27
hyperledger/indy-ecosystem/literature.md Normal file
View file

@ -0,0 +1,27 @@
# Literature
**Sovrin Specific Literature**
## EU General Data Protection Regulation Act
* [Digital Identity Management in the Context of GDPR & Sovrin —Why Data Privacy Matters & How to Protect It](https://blog.tykn.tech/digital-identity-management-in-the-context-of-gdpr-sovrin-43028247378b)
* [Implementing Privacy by Design in Hyperledger Indy](https://www.infoq.com/news/2018/09/Hyperledger-Indy-Privacy)
* [Self-Sovereign Privacy By Design](https://github.com/sovrin-foundation/protocol/blob/master/self_sovereign_privacy_by_design_v1.md)
* [Privacy by Design The 7 Foundational Principles](https://www.ipc.on.ca/wp-content/uploads/Resources/7foundationalprinciples.pdf)
* [When GDPR Becomes Real, and Blockchain is no longer fairydust](https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/final-documents/gdpr.md)
* [Is Self-Sovereign Identity the ultimate GDPR compliance tool? [1\3]](https://medium.com/evernym/is-self-sovereign-identity-ssi-the-ultimate-gdpr-compliance-tool-9d8110752f89) [[**2**](https://medium.com/evernym/is-self-sovereign-identity-ssi-the-ultimate-gdpr-compliance-tool-40db94c1c437)] [[**3**](https://medium.com/evernym/is-self-sovereign-identity-ssi-the-ultimate-gdpr-compliance-tool-7296a3b07769)]
* [Privacy by Design in Hyperledger Indy](https://www.hyperledger.org/blog/2018/09/12/privacy-by-design-in-hyperledger-indy)
## Research Papers
* [A Conceptual Analysis on Sovrin](https://www.researchgate.net/publication/323144927_A_Conceptual_Analysis_on_Sovrin)
* [Evernym Research Collection *2016 Archive*](https://web.archive.org/web/20170206161655/http://www.evernym.com/our-research/)
* [Matching Identity Management Solutions to Self Sovereign Identity Solutions](https://www.slideshare.net/TommyKoens/matching-identity-management-solutions-to-selfsovereign-identity-principles)
* [A First Look at Identity Management Schemes on the Blockchain](https://arxiv.org/pdf/1801.03294.pdf)
## Reports
* [A Comprehensive Evaluation of the Identity Management Utility Sovrin](https://dutchblockchaincoalition.org/uploads/pdf/Blockchain-Sovrin-rapport.pdf)
* [White Paper: Canadas Digital ID Future - A Federated Approach](https://www.cba.ca/embracing-digital-id-in-canada)
* [IDENTITY MATTERS](https://cboxxtest.files.wordpress.com/2017/09/cboxxidentitymatters04.pdf)
* [A position paper on blockchain enabled identity and the road ahead—Identity Working Group of the German Blockchain Association](https://www.bundesblock.de/wp-content/uploads/2018/10/ssi-paper.pdf)