Self Sovereign Identity
Go to file
2018-12-24 15:47:24 -05:00
indy-sovrin-evernym semantics working group docs 2018-12-24 15:47:11 -05:00
self-sovereign-identity democracy earth blockstack 2018-12-24 02:13:12 -05:00
blockchain-id2.toml Rename issues.toml to blockchain-id2.toml 2018-12-11 17:58:57 -05:00
blockchain-id.toml minor edit toml 2018-12-03 10:51:36 -05:00
contributing.md Update contributing.md 2018-12-21 22:33:57 -05:00
LICENSE Create LICENSE 2018-11-15 13:01:53 -05:00
README.md add civic deets 2018-12-24 15:47:24 -05:00

Awesome Decentralized Identity Awesome

Self-Sovereign, Blockchain and Decentralized Identity Resources

A good selfsovereign identity system will allow individuals to directly influence how companies, governments, and others correlate our interactions across different services and locations by default. It wont fix all identity problems nor preclude alternative identity approaches, but it will put the individual in control of most uses of identity and give organizations a simpler, easier, more ethical way to use identity to improve how they provide services and products. When successful, it will not only enable individuals to exercise greater control over how companies and governments keep track of us, it will also illuminate those situations where selfsovereign identity is restricted, facilitating a conversation about when and where such limits are appropriate. Joe Andrieu -A TechnologyFree Definition of SelfSovereign Identity

This is a gathering of educational materials around decentralized, self-sovereign, and blockchain identity. Its an index for research, training, developers, students, end-users, investors, and the enterprise to more easily learn and navigate the decentralized identity landscape.

Contents

Introduction^

Thanks to those who are working to make digital identity, and the world, a better place.

/blockchain-identity and /indy-sovrin-evernym^

/awesome-decentralized-id/indy-sovrin-evernym is another list that naturally grew from this one; focused on Hyperledger Indy's protocol, governance, and ecosystem. I've also worked on /peacekeeper/blockchain-identity and included some of its resources here. Ideally these lists will all compliment each-other.

For now, I'm becoming more familiar with all of this material, and how it fits together in the decentralized identity space. I expect to be actively engaged building this repository for the next month or so, and look forward to it growing along with decentralized identity (irl) over the coming years.

How I got into Decentralized Identity^

I was initially introduced to blockchain identity through a few clients when I offered freelance services on Fiverr. The first was 3500 word report on "Blockchain and the United Nations." Another client had me write a 1500 word report on blockchain identity, an exploration of the sector. Besides that I've written a few articles considering the architecture of Hyperledger Indy. Throughout that time, I collected a ton of quality information on decentralzied id, hyperledger indy, and the surrounding ecosystem.

I also collect resources on nearly every subject in crypto, which I'm slowly entering into a database, to power a web-app for search, and navigation by tags, etc. Since I enjoy the subject so much, I decided to enter all of my DID resources into toml format. Once that was complete, I knew I could make an awesome list out of them sooner than a live demo of the app that is in progress.

All of the work I do feeds into the rest: collecting resources helps me write, writing makes me find more resources. Putting the resources into the database also leads to collecting more resources; which helps me to create quality content, and will hopefully help others find the information they're looking for.

Although originally this began as a result of freelance gigs, all of my work on this repository has been a personal investment of time into building a brand, and supporting the SSI\DID initiative. This is one of my favorite subjects in crypto, and I've been brainstorming ways to create an income working on it. If I come across some attractive business opportunity in the DID ecosystem, I'll be happy to keep working on its documentation for the foreseeable future. Either way, there's a whole uncharted cryptoverse of information to organize and map out, and that's where I'll be.


Pull Requests and Contributions Welcome

Contact: infominer at protonmail dot com.


[T]witter • [G]ithub • [B]log • [wp] whitepaper • [D]ocumentation • [F]orums • [C]hat • [tele]gram • [web]site • [ϟ] related resource • [>] related section • [^] back to the contents.

History^

This isn't meant to be a complete historical outline, but enough backround to provide context for the rest.

The Augmented Social Network and the IDCommons^

  • The Augmented Social Network: Building Identity and Trust into the Next-Generation Internet, presented at the June 2003 Planetwork conference and published in First Monday the Peer-Reviewed Journal on the Internet 8/4/03.

    "This paper proposes the creation of an Augmented Social Network (ASN) that would build identity and trust into the architecture of the Internet"

Ideas from the ASN were the foundation of much that followed. The Identity Commons (2001-Present) was originally created by Owen Davis and Andrew Nelson in 2001 to evangelize the creation of a decentralized user-centric identity infrastructure and to address the resulting social trust issues.

"Their most important contribution may have been the creation, in association with the Identity Gang, of the Internet Identity Workshop (2005-Present) working group. "[ϟ]

Internet Identity Workshop^

In 2005, Kaliya Young[T], Phil Windley[T][V][G], Drummond Reed[T][B], and Doc Searls[T][B] hosted the first Internet Identity Workshop(IIW)[T] in Berkeley to discuss "architectural and governance proposals for Internet-wide identity services and their underlying philosophies." -Announcing IIW 2005

Since then, the IIW has met bi-anually, actively supporting the development of the identity software-ecosystem, including OpenID('05), OpenID 2.0('06), OAuth('10), FIDO('13) and OpenID Connect('14).

IIW participants began the effort towards creating a truly "user centric identity," in contrast to identity solutions whos focus has been fulfilling the needs of the enterprise. The pioneers of decentralized identity have long struggled against the "identity silo paradox," that while the identerati continually work on solutions to break up these silos, the enterprise has had a strong financial incentive to retain them.

  • What is IIW? [ϟ][ϟ] short film about the identirati[ϟ] (a term for those working on identity standards for the purpose of breaking up id data silos, dating back to at least 2006).

In April of 2014, the European Parliament demonstrates strong support for the GDPR, which passes back and forth through the European Council, Commision and Parliment throught the rest of the year.

8/14 The Credentials Community Group[ϟ] forms, hosted by World Wide Web Consortium(W3C)[T] [G] : "to forge a path for a secure, decentralized system of credentials that would empower both individual people and organizations on the Web to store, transmit, and receive digitally verifiable proof of qualifications and achievements." —proposed by Manu Sporney[T] (of digitalbazaar.com)

What is Sovereign Source Authority? shows an early use of 'sovereign' in relation to our internet identities. The term "Self Sovereign Identity" started becoming widely used in 2014.[ϟ][ϟ]

Bitnation and the United Nations^

9\15 Bitnation "seeks to establish the concept of 'world citizenship' via a bitcoin based identity, offering 'Blockchain Emergency IDs' to refugees. [>]

The same month, the UN unveiled it's Agenda for Sustainable Development:

  • Promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels
  • Substantially reduce corruption and bribery in all their forms Develop effective, accountable and transparent institutions at all levels
  • By 2030, provide legal identity for all, including birth registration
  • Ensure public access to information and protect fundamental freedoms, in accordance with national legislation and international agreements—(emphasis mine)
  • DIGITAL IDENTITY AS A BASIC HUMAN RIGHT
  • AID:Tech [T] — "is a voucher and digital identity solution for refugees. A digital record of a person's identity is stored on a smart card, along with various additional information. Blockchain technology is used to distribute all resources in a highly traceable manner." (another early example of blockchain for humanitarian aide)

Rebooting the Web Of Trust^

In relation to SSI, 'Web of Trust' is a network of relationships that attest to our identity claims. Each party attesting to your identity information becomes a strand in your web of trust.

The first Rebooting Web of Trust(RWoT) workshop was held during November 2015; attracting the likes of Vitalik Buterin, Peter Todd, Gregory Maxwell, Joel Dietz, Christopher Allen, and Jon Callas, according to Andreas Antonopolis.

That workshop, produced 5 technical white papers:
5 WoT-usecasesDecentralized PKISmart SignaturesCreating a New World of Trust

The Web of Trust is a buzzword for a new model of decentralized self-sovereign identity. Its a phrase that dates back almost twenty-five years, the classic definition derives from PGP [...] the vibrant blockchain community is also drawing new attention to the concept we aim to reboot it. - Rebranding the Web of Trust

At the end of 2015, the Department of Homeland Security announced that it had funds available for the development of Blockchain Security and Identity Verification Technologies.

ID2020 and the GDPR^

  • 4/16 the EU adopted the GDPR to be enacted as law May 2018.
  • The second RWoT workshop ran in conjunction with the UN's ID2020 Summit in New York that May; clearly a significant time for decentralized identity:

    1.1 Billion people live without an officially recognized identity — This lack of recognized identification deprives them of protection, access to services, and basic rights. ID2020 is a public-private partnership dedicated to solving the challenges of identity for these people through technology. - id2020.org

  • Identity Crisis: Clear Identity through Correlation
  • Christopher Allen[info] details the overarching history of internet idenitity standards in his seminal work (submitted to ID2020\RWoT workshop):
    • The Path to Self-Soverereign Identity[ϟ] details the history of identity standards leading up to self-sovereign and details the 10 principles of self-sovereign identity.

      I am part of the team putting together the first ID2020 Summit on Digital Identity at the United Nations

  • Identity System Essentials 3/16 (Original Evernym Identity WP also submitted to ID2020\RWoT workshop)

Evident from the other whitepapers submitted to the second RWoT Workshop, the DID identifier had begun to emerge:

  • Decentralized Identifiers (DIDs) and Decentralized Identity Management (DIDM)

    "Decentralized Identifiers (DID) stored in a permissioned blockchain enable principals to directly control their own identities with cryptographic proofs and secure, addressable network endpoints. DIDs further enable a Decentralized Identity Management (DIDM) infrastructure that will empower people and organizations to securely and confidentially manage and assert their identities."

  • Requirements for DIDs

    "Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions. -

  • At this point in time DLT innovation, the United Nations Sustainable Development Goals, and the EU GDPR all came together supporting a core identirati tenant: Eliminating id data silos and empowering users regarding digital identity.


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org

Additional IID Standards History^

Resources

Self Sovereign Identity^

0/ “Self-Sovereign Identity: A Progress Report”…

— Christopher Allen (@ChristopherA) April 25, 2018

Selected 'Rebooting Web of Trust' Whitepapers^

RWoT Use Cases^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

DID the Decentralized Identifier^

DID Adoption ^

  • @ChristopherA on DID adoption

    "22/ Over a dozen companies and organizations, using multiple blockchains (Bitcoin, Ethereum, Hyperledger, etc.), have committed to deploying DIDs, including IBM, Microsoft, Digital Bazaar, Consensys, Evernym, Learning Machine, British Columbia, and more:" —How blockchain could solve the internet privacy problem

  • Veres One DID Method 1.0 [D] (veres.one) — a permissionless public ledger designed specifically for the creation and management of decentralized identifiers (DIDs)
  • Blockstack DID Spec[ϟ] Blockstack is a network for decentralized applications where users own their identities and data. Blockstack utilizes a public blockchain to implement a decentralized naming layer, which binds a user's human-readable username to their current public key and a pointer to their data storage buckets.
  • BTCR DID Method — The Bitcoin Reference DID method (did:btcr) supports DIDs on the public Bitcoin blockchain. The Bitcoin Reference method has minimal design goals: a DID trust anchor based on the Bitcoin blockchain, updates publicly visible and auditable via Bitcoin transactions, and optionally, additional DID Document information referenced in the transaction OP_RETURN data field. No other Personal Identifiable Information (PII) would be placed on the immutable blockchain.
  • Interplanetary Identifiers IPID - Implementation of the DID spec over IPFS (Interplanetary File System)
  • Peer DID Method Spec
  • Spidchain [wp]
    • "offers a platform for self-sovereign identity, including desktop and mobile apps for end-users. It uses Decentralized Identifiers (DIDs) - backed by optionally Bitcoin or Ethereum - to implement a marketplace for verifiable claims. The Spidchain applications allow individuals to create, recover, and revoke DIDs, to authenticate, to sign and verify files and claims, and more."
  • did:ockam: [ϟ]


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

DID Auth^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

Verifiable Claims^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

Decentralized Key Management DKMS^


The Story of Open SSI Standards - Drummond Reed/Evernym SSIMeetup.org[ϟ]

Decentralized Identity Foundation^

Evernym^

The Sovrin Foundation^

Selected articles by Phil Windley ^

Hyperledger Indy^

Blockstack^

  • Blockstack • [G]ithub • [F]orum • [B]log • [T]witter • [W]hitepaper
    • a network of computers that collectively maintain a global registry of domain names, public keys, and cryptographic hashes. With this registry, Blockstack serves as a decentralized domain name system (DNS) and a decentralized public key infrastructure (PKI).
    • Onename — "a product built on Blockstack that allows people to register identities"
    • Blockstack DID Spec[ϟ]
  • App Mining

Democracy Earth ^

we worked with councils, senates, non profits, student centers, political parties, corporations.. but implementing real digital governance at scale really took off with crypto networks. our partnership with @blockstack is our biggest milestone of 2018. -Santi

Bitcoin ^

  • Bitnation taps Blockchain tech to aid Refugees[^]
  • BTCR DID Method — The Bitcoin Reference DID method (did:btcr) supports DIDs on the public Bitcoin blockchain. The Bitcoin Reference method has minimal design goals: a DID trust anchor based on the Bitcoin blockchain, updates publicly visible and auditable via Bitcoin transactions, and optionally, additional DID Document information referenced in the transaction OP_RETURN data field. No other Personal Identifiable Information (PII) would be placed on the immutable blockchain.

Ethereum^

Ethereum Identity Applications^

IBM^

Microsoft^

Decentralized Public Key Infrastructure DPKI^

Structured Data Standards^

  • Blockcerts, developed byLearning Machine, is an open standard for issuing and verifying blockchain-based official records; The project offers open-source libraries, tools, and mobile apps. MIT has issued digital certificates based on this standard.
  • Schema — a collaborative, community activity with a mission to create, maintain, and promote schemas for structured data on the Internet. Schema.org vocabulary can be used with many different encodings, including RDFa, Microdata and JSON-LD. These vocabularies cover entities, relationships between entities and actions, and can easily be extended through a well-documented extension model. Over 10 million sites use Schema.org to markup their web pages and email messages. Many applications from Google, Microsoft, Pinterest, Yandex and others already use these vocabularies to power rich, extensible experiences."
    • ÆTERNITY [G]: using Schema's standards: "offers an identity architecture where every account has a unique ID number, and unique names can be registered and linked to arbitrary data such as addresses on the blockchain. Schema's are used for representing data about persons and organizations."
  • DIDs[>] and Verifiable Claims of the W3C [>]

Personal Data Wallets & Marketplaces^

  • Mydata [T] [D] [D]
    • goal: to empower individuals with their personal data, thus helping them and their communities develop knowledge, make informed decisions, and interact more consciously and efficiently with each other as well as with organisations."
    • Consent[ϟ] — "platform for trusted personal data applications and services, using Ethereum smart contracts to implement decentralized identifiers, verified credentials, consent receipts, a web of trust, and exchange of assets and value."
  • Pillar Project [wp]
    • planning to offer a "Personal Data Locker" consisting of a wallet, browser, and token exchange. Personal assets will be put on a blockchain, and "Pillar" tokens will be issued."
  • Datum [wp]
    • "network allows anyone to store structured data on a smart contract blockchain. Data can optionally be bought and sold on a marketplace using the DAT token. Datum leverages BigchainDB and IPFS as data storage backends. All data is encrypted and protected using AES256-GCM.
  • ONTology [G]— "a "Distributed Trust Network" which combines a cross-chain identity system, peer-to-peer data transmission, data authorization mechanisms, distributed data storage, attestation, and various industry-specific modules. It also includes an Ontology Crypto Package (OCP) and an Ontology Marketplace (OM)."
  • Pro-civis — "e-government as a service" platform called "eID+". It enables citizens to get an official, electronic Citizen-ID on a mobile app.
    • The platform includes the Vetri wallet and marketplace. 'Earn extra income and rewards by joining the data economy.'"
  • We can do better than selling our data-Doc Searls(IIW)

Blockchain ID^

State Led Initiatives^

Australia ^

Canada ^ >

VON's founding members are governments who are, by law, trusted issuers of data about organizations. The Province of British Columbia, Province of Ontario and the Government of Canada have come together to create the initial services needed to establish VON.

VON's founders have delivered new Indy-based open source components which form VON's backbone. TheOrgBook is a publicly accessible repository of verifiable claims about organizations. VON-X enables services to verify and issue credentials.[ϟ]

Estonia^

European Union^

Netherlands^

Spain^

  • Alastria [G]
    • a non-profit consortium building a national blockchain ecosystem for Spain. The security and veracity of information will be ensured through the identification of natural and legal persons, while at the same time allowing citizens to have control over their personal information in a transparent way following the guidelines set by the European Union.

Switzerland^

USA^

Humanitarian^

2018 Identity Landsacpe brought to you by: One World Identity — independent advisory and digital strategy consultancy focused on trust and the data economy.

EU General Data Protection Regulation Act^

Reports^

Research-Papers^

Additional Thought around Identity

  • Decentralized Identity Trilemma

    There seems to exist a trilemma in decentralized identity analogous to @Zooko's triangle. None of the existing solutions are at the same time: 1) privacy-preserving, 2) Sybil-resistant 3) self-sovereign -[T]

  • Proof of Thought (PoT)
  • Queer Privacy

    Stories about using the Internet as a tool to find out more about yourself, and as a tool to express and empower; about the dangers of Internet censorship and about the practical realities of maintaining multiple distinct digital identities.

  • @SarahJamieLewis Twitter thread on Identity

    Any technology which relies on the existence of, or attempts to create a, global, unique identity is oppressive by design. Stop" innovating" oppressive structures.

Video^

Slideshare^

Podcasts^

Sources^


Brought to you by The Crypto LibrarySuper Source

Contact me: infominer at protonmail dot com.

BTC— 1GvkjHtiy9LUjVkStnEAXxjhcoS56aCokY

DOGE— DSzMxfABB8EwKiumzV7YHhS7HTvWAyM7QF