Self Sovereign Identity
Go to file
2019-02-14 23:43:00 -05:00
indy-sovrin-evernym snip 2019-02-14 23:32:31 -05:00
self-sovereign-identity supersource 2019-02-07 02:30:51 -05:00
contributing.md supersource 2019-02-07 02:30:51 -05:00
googlea0c2fa68e5296d7d.html google search 2019-01-13 16:39:01 -05:00
LICENSE Create LICENSE 2018-11-15 13:01:53 -05:00
README.md update tag 2019-02-14 23:43:00 -05:00

Awesome Decentralized Identity Awesome

Self-Sovereign, Blockchain and Decentralized Identity Resources

This is a gathering of educational materials around decentralized, self-sovereign, and blockchain identity. Its an index for research, training, developers, students, end-users, investors, and the enterprise to more easily learn and navigate the decentralized identity landscape.

A good selfsovereign identity system will allow individuals to directly influence how companies, governments, and others correlate our interactions across different services and locations by default. It wont fix all identity problems nor preclude alternative identity approaches, but it will put the individual in control of most uses of identity and give organizations a simpler, easier, more ethical way to use identity to improve how they provide services and products. When successful, it will not only enable individuals to exercise greater control over how companies and governments keep track of us, it will also illuminate those situations where selfsovereign identity is restricted, facilitating a conversation about when and where such limits are appropriate. Joe Andrieu -A TechnologyFree Definition of SelfSovereign Identity

Contents

Introduction ^

Thanks to those who are working to make digital identity, and the world, a better place!

I've collected a ton of other crypto related resources in the SuperSource Discord chat server, and I have a few other repositories for topics ranging from bitcoin history to trading crypto to SEO. Have a look around!

Feel free to contact me. I'm happy to field questions, research niche blockchain topics, and discuss the potential for collaboration. —infominer.id

What is Decentralized ID? ^

The essence of Decentralized-ID is to create systems for identification that are not owned by any one particular organization, and global collaboration in support of interoperability among emerging technologies for identity.

It's impossible to have a conversation about decentralized-id without discussing blockchain and self sovereign identity:

  • Blockchain fueled longstanding efforts to create a privacy preserving internet-wide identity protocol, and inspired development of decentralized networks for online identification.
  • Self Sovereign Identity principles (with some help from the GDPR) have helped to shape the narrative around putting the identity owner in control over their personal information.

Pull Requests Welcome

[T]witter • [G]ithub • [B]log • [wp] whitepaper • [D]ocumentation • [F]orums • [C]hat • [tele]gram • [web]site • [ϟ] related resource • [>] related section • [^] back to the contents.

History^

To provide a little context for the rest of the information in this repository.

The Augmented Social Network and the IDCommons^

  • The Augmented Social Network: Building Identity and Trust into the Next-Generation Internet, presented at the June 2003 Planetwork conference and published in First Monday the Peer-Reviewed Journal on the Internet 8/4/03.

    "This paper proposes the creation of an Augmented Social Network (ASN) that would build identity and trust into the architecture of the Internet"

Ideas from the ASN were the foundation of much that followed. The Identity Commons (2001-Present) was originally created by Owen Davis and Andrew Nelson in 2001 to evangelize the creation of a decentralized user-centric identity infrastructure and to address the resulting social trust issues.

"Their most important contribution may have been the creation, in association with the Identity Gang, of the Internet Identity Workshop (2005-Present) working group. "[ϟ]

Internet Identity Workshop^

In 2005, Kaliya Young[T], Phil Windley[T][V][G], Drummond Reed[T][B], and Doc Searls[T][B] hosted the first Internet Identity Workshop(IIW)[T] in Berkeley to discuss "architectural and governance proposals for Internet-wide identity services and their underlying philosophies." -Announcing IIW 2005

Since then, the IIW has met bi-anually, actively supporting the development of the identity software-ecosystem, including OpenID('05), OpenID 2.0('06), OAuth('10), FIDO('13) and OpenID Connect('14).

IIW participants began the effort towards creating a truly "user centric identity," in contrast to identity solutions whos focus has been fulfilling the needs of the enterprise. The pioneers of decentralized identity have long struggled against the "identity silo paradox," that while the identerati continually work on solutions to break up these silos, the enterprise has had a strong financial incentive to retain them.

  • What is IIW? [ϟ][ϟ] short film about the identirati[ϟ] (a term for those working on identity standards for the purpose of breaking up id data silos, dating back to at least 2006).

In April of 2014, the European Parliament demonstrates strong support for the GDPR, which passes back and forth through the European Council, Commision and Parliment throught the rest of the year.

8/14 The Credentials Community Group[ϟ] forms, hosted by World Wide Web Consortium(W3C)[T] [G] : "to forge a path for a secure, decentralized system of credentials that would empower both individual people and organizations on the Web to store, transmit, and receive digitally verifiable proof of qualifications and achievements." —proposed by Manu Sporney[T] (of digitalbazaar.com)

What is Sovereign Source Authority? shows an early use of 'sovereign' in relation to our internet identities. The term "Self Sovereign Identity" started becoming widely used in 2014.[ϟ][ϟ]

Bitnation and the United Nations^

9\15 Bitnation "seeks to establish the concept of 'world citizenship' via a bitcoin based identity, offering 'Blockchain Emergency IDs' to refugees. [>]

The same month, the UN unveiled it's Agenda for Sustainable Development:

  • Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
  • Substantially reduce corruption and bribery in all their forms Develop effective, accountable and transparent institutions at all levels
  • By 2030, provide legal identity for all, including birth registration
  • Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements—(emphasis mine)
  • DIGITAL IDENTITY AS A BASIC HUMAN RIGHT
  • AID:Tech [T] — "is a voucher and digital identity solution for refugees. A digital record of a person's identity is stored on a smart card, along with various additional information. Blockchain technology is used to distribute all resources in a highly traceable manner." (another early example of blockchain for humanitarian aide)

Rebooting the Web Of Trust^

In relation to SSI, 'Web of Trust' is a network of relationships that attest to our identity claims. Each party attesting to your identity information becomes a strand in your web of trust.

The first Rebooting Web of Trust(RWoT) workshop was held during November 2015; attracting the likes of Vitalik Buterin, Peter Todd, Gregory Maxwell, Joel Dietz, Christopher Allen, and Jon Callas, according to Andreas Antonopolis.

That workshop, produced 5 technical white papers:
5 WoT-usecasesDecentralized PKISmart SignaturesCreating a New World of Trust

The Web of Trust is a buzzword for a new model of decentralized self-sovereign identity. Its a phrase that dates back almost twenty-five years, the classic definition derives from PGP [...] the vibrant blockchain community is also drawing new attention to the concept we aim to reboot it. - Rebranding the Web of Trust

At the end of 2015, the Department of Homeland Security announced that it had funds available for the development of Blockchain Security and Identity Verification Technologies.

ID2020 and the GDPR^

  • 4/16 the EU adopted the GDPR to be enacted as law May 2018.
  • The second RWoT workshop ran in conjunction with the UN's ID2020 Summit in New York that May; clearly a significant time for decentralized identity:

    1.1 Billion people live without an officially recognized identity — This lack of recognized identification deprives them of protection, access to services, and basic rights. ID2020 is a public-private partnership dedicated to solving the challenges of identity for these people through technology. - id2020.org

  • Identity Crisis: Clear Identity through Correlation
  • Christopher Allen[info] details the overarching history of internet idenitity standards in his seminal work (submitted to ID2020\RWoT workshop):
    • The Path to Self-Soverereign Identity[ϟ] details the history of identity standards leading up to self-sovereign and details the 10 principles of self-sovereign identity.

      I am part of the team putting together the first ID2020 Summit on Digital Identity at the United Nations

  • Identity System Essentials 3/16 (Original Evernym Identity WP also submitted to ID2020\RWoT workshop)

Evident from the other whitepapers submitted to the second RWoT Workshop, the DID identifier had begun to emerge:

  • Decentralized Identifiers (DIDs) and Decentralized Identity Management (DIDM)

    "Decentralized Identifiers (DID) stored in a permissioned blockchain enable principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs further enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities."

  • Requirements for DIDs

    "Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions. -

  • At this point in time DLT innovation, the United Nations Sustainable Development Goals, and the EU GDPR all came together supporting a core identirati tenant: Eliminating id data silos and empowering users regarding digital identity.


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org

Additional IID Standards History^

Resources

Self Sovereign Identity^

0/ “Self-Sovereign Identity: A Progress Report”…

— Christopher Allen (@ChristopherA) April 25, 2018

Selected 'Rebooting Web of Trust' Whitepapers^

RWoT Use Cases^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

DID the Decentralized Identifier^

DID Adoption ^

  • @ChristopherA on DID adoption

    "22/ Over a dozen companies and organizations, using multiple blockchains (Bitcoin, Ethereum, Hyperledger, etc.), have committed to deploying DIDs, including IBM, Microsoft, Digital Bazaar, Consensys, Evernym, Learning Machine, British Columbia, and more:" —How blockchain could solve the internet privacy problem

  • Veres One DID Method 1.0 [D] (veres.one) — a permissionless public ledger designed specifically for the creation and management of decentralized identifiers (DIDs)
  • Blockstack DID Spec[ϟ] Blockstack is a network for decentralized applications where users own their identities and data. Blockstack utilizes a public blockchain to implement a decentralized naming layer, which binds a user's human-readable username to their current public key and a pointer to their data storage buckets.
  • BTCR DID Method — The Bitcoin Reference DID method (did:btcr) supports DIDs on the public Bitcoin blockchain. The Bitcoin Reference method has minimal design goals: a DID trust anchor based on the Bitcoin blockchain, updates publicly visible and auditable via Bitcoin transactions, and optionally, additional DID Document information referenced in the transaction OP_RETURN data field. No other Personal Identifiable Information (PII) would be placed on the immutable blockchain.
  • Interplanetary Identifiers IPID - Implementation of the DID spec over IPFS (Interplanetary File System)
  • Peer DID Method Spec
  • Spidchain [wp]
    • "offers a platform for self-sovereign identity, including desktop and mobile apps for end-users. It uses Decentralized Identifiers (DIDs) - backed by optionally Bitcoin or Ethereum - to implement a marketplace for verifiable claims. The Spidchain applications allow individuals to create, recover, and revoke DIDs, to authenticate, to sign and verify files and claims, and more."
  • did:ockam: [ϟ]

DID Auth^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]


http://ssimeetup.org/introduction-did-auth-markus-sabadello-webinar-10

Verifiable Claims^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

Decentralized Key Management DKMS^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]


DKMS - An Essential Missing Piece of the SSI Puzzle. Drummond Reed. SSIMeetup.org

Decentralized Identity Foundation^

Evernym^

The Sovrin Foundation^

Selected articles by Phil Windley ^

Hyperledger Indy^

Blockstack^

Democracy Earth ^

we worked with councils, senates, non profits, student centers, political parties, corporations.. but implementing real digital governance at scale really took off with crypto networks. our partnership with @blockstack is our biggest milestone of 2018. -Santi

Bitcoin ^

  • Bitnation taps Blockchain tech to aid Refugees[^]
  • BTCR DID Method — The Bitcoin Reference DID method (did:btcr) supports DIDs on the public Bitcoin blockchain. The Bitcoin Reference method has minimal design goals: a DID trust anchor based on the Bitcoin blockchain, updates publicly visible and auditable via Bitcoin transactions, and optionally, additional DID Document information referenced in the transaction OP_RETURN data field. No other Personal Identifiable Information (PII) would be placed on the immutable blockchain.

Ethereum^

Ethereum Identity Apps^

IBM^

Microsoft^

Blockpass ^

Decentralized Public Key Infrastructure DPKI^

Handshake^

  • Handshake [wp] [D] - Handshake is a UTXO-based blockchain protocol which manages the registration, renewal and transfer of DNS top-level domains (TLDs). Our naming protocol differs from its predecessors in that it has no concept of namespacing or subdomains at the consensus layer. Its purpose is not to replace DNS, but to replace the root zone file and the root servers.

Structured Data Standards^

  • Blockcerts, developed byLearning Machine, is an open standard for issuing and verifying blockchain-based official records; The project offers open-source libraries, tools, and mobile apps. MIT has issued digital certificates based on this standard.
  • Schema — a collaborative, community activity with a mission to create, maintain, and promote schemas for structured data on the Internet. Schema.org vocabulary can be used with many different encodings, including RDFa, Microdata and JSON-LD. These vocabularies cover entities, relationships between entities and actions, and can easily be extended through a well-documented extension model. Over 10 million sites use Schema.org to markup their web pages and email messages. Many applications from Google, Microsoft, Pinterest, Yandex and others already use these vocabularies to power rich, extensible experiences."
    • ÆTERNITY [G]: using Schema's standards: "offers an identity architecture where every account has a unique ID number, and unique names can be registered and linked to arbitrary data such as addresses on the blockchain. Schema's are used for representing data about persons and organizations."
  • DIDs[>] and Verifiable Claims of the W3C [>]

Personal Data Wallets & Marketplaces^

  • Mydata [T] [D] [D]
    • goal: to empower individuals with their personal data, thus helping them and their communities develop knowledge, make informed decisions, and interact more consciously and efficiently with each other as well as with organisations."
    • Consent[ϟ] — "platform for trusted personal data applications and services, using Ethereum smart contracts to implement decentralized identifiers, verified credentials, consent receipts, a web of trust, and exchange of assets and value."
  • Pillar Project [wp]
    • planning to offer a "Personal Data Locker" consisting of a wallet, browser, and token exchange. Personal assets will be put on a blockchain, and "Pillar" tokens will be issued."
  • Datum [wp]
    • "network allows anyone to store structured data on a smart contract blockchain. Data can optionally be bought and sold on a marketplace using the DAT token. Datum leverages BigchainDB and IPFS as data storage backends. All data is encrypted and protected using AES256-GCM.
  • ONTology [G]— "a "Distributed Trust Network" which combines a cross-chain identity system, peer-to-peer data transmission, data authorization mechanisms, distributed data storage, attestation, and various industry-specific modules. It also includes an Ontology Crypto Package (OCP) and an Ontology Marketplace (OM)."
  • Pro-civis — "e-government as a service" platform called "eID+". It enables citizens to get an official, electronic Citizen-ID on a mobile app.
    • The platform includes the Vetri wallet and marketplace. 'Earn extra income and rewards by joining the data economy.'"
  • We can do better than selling our data-Doc Searls(IIW)

Blockchain ID^

State Led Initiatives^

Australia ^

Canada ^ >

VON's founding members are governments who are, by law, trusted issuers of data about organizations. The Province of British Columbia, Province of Ontario and the Government of Canada have come together to create the initial services needed to establish VON.

VON's founders have delivered new Indy-based open source components which form VON's backbone. TheOrgBook is a publicly accessible repository of verifiable claims about organizations. VON-X enables services to verify and issue credentials.[ϟ]

Estonia^

European Union^

Netherlands^

Spain^

  • Alastria [G]
    • a non-profit consortium building a national blockchain ecosystem for Spain. The security and veracity of information will be ensured through the identification of natural and legal persons, while at the same time allowing citizens to have control over their personal information in a transparent way following the guidelines set by the European Union.

Switzerland^

USA^

Humanitarian^

2018 Identity Landsacpe brought to you by: One World Identity — independent advisory and digital strategy consultancy focused on trust and the data economy.

EU General Data Protection Regulation Act^

Reports^

Research-Papers^

Additional Thought around Identity

  • Decentralized Identity Trilemma

    There seems to exist a trilemma in decentralized identity analogous to @Zooko's triangle. None of the existing solutions are at the same time: 1) privacy-preserving, 2) Sybil-resistant 3) self-sovereign -[T]

  • Proof of Thought (PoT)
  • Queer Privacy

    Stories about using the Internet as a tool to find out more about yourself, and as a tool to express and empower; about the dangers of Internet censorship and about the practical realities of maintaining multiple distinct digital identities.

  • @SarahJamieLewis Twitter thread on Identity

    Any technology which relies on the existence of, or attempts to create a, global, unique identity is oppressive by design. Stop" innovating" oppressive structures.

Video^

Slideshare^

Podcasts^

Sources^


Contact Me for Research Driven Content ^

I've collected other crypto resources in the SuperSource Discord server, and have other repositories similar to this one for other topics, beyond identity. Have a look around—infominer.id

Tips Welcome

BTC— 1GvkjHtiy9LUjVkStnEAXxjhcoS56aCokY

DOGE— DSzMxfABB8EwKiumzV7YHhS7HTvWAyM7QF