56 KiB
Awesome Decentralized Identity
DID, Blockchain and Self-Sovereign Identity Resources
Thanks to those who are working to make our identity experience, and the world, a better place.
Note
Information is not so easily organized in a linear fashion. This list is a by-product of the effort to enter all of the best blockchain, self-sovereign, and decentralized identity links into a database, which will power a web-app for search, manual navigation through the tags, and pages like this. With comments and reactions, so that it can become a co-operative effort among those who get involved.
In the mean-time, after gathering all of the links I had already into one collection, I knew I could make an awesome list out of them sooner than a live demo of the app that is in progress.
Furthermore, I am working on sovrin-indy.md as a space to focus more on the foundations, archetecture, and projects within that ecosystem. Eventually some of that material will be thinned out from here.
Contents
- History
- Resources
- GDPR
- Self Sovereign Identity—SSI
- RWoT Whitepapers
- RWoT Use Cases -infographic workflow
- World Wide Web Consortium—W3C
- Evernym
- The Sovrin Foundation
- Hyperledger Indy
- IBM
- Ethereum—Protocol
- State Led Identity Initiatives
- Assorted Decentralized \ Blockchain ID Related
- Humanitarian
- Structured Data Standards
- Decentralized Public Key Infrastructure
- Personal Data: Wallets, Marketplaces, etc
- Reports
- Research Papers
- Videos
- Sources
Imagine a world where you are in direct control of your personal information; a world where you can limit and control how much information you share while retaining the ability to transact in the world. This is self-sovereign identity, and it is already here. Blockchain is the underlying technology paving the path to self-sovereign identity through decentralized networks. It ensures privacy and trust, where transactions are secure, authenticated and verifiable and endorsed by relevant, permissioned participants. -Jerry Cuomo IBM
History
Internet Identity Workshop^
In 2005, Kaliya Young[twitter], Phil Windley[twitter], Drummond Reed[twitter], and Doc Searls[twitter][blog] hosted the first Internet Identity Workshop(IIW)[twitter] in Berkeley to discuss "architectural and governance proposals for Internet-wide identity services and their underlying philosophies." -Announcing IIW 2005
Since then, the IIW has met bi-anually, actively supporting the development of the identity software-ecosystem, including OpenID('05), OpenID 2.0('06), OAuth('10), FIDO('13) and OpenID Connect('14). The heart of the internet identity community has been with empowering users and self-sovereign principles, since the early days.
- What is Sovereign Source Authority? shows an early use of 'sovereign' in relation to our internet identities. The term "Self Sovereign Identity" started becoming widely used in 2014.[1][2]
- Christopher Allen[twitter][github] details the overarching history of internet idenitity standards in his seminal work:
- Not Just Who They Say We Are: Claiming our identity on the Internet- short film on the “Identerati” at IIW[4]
- Identirati is a term for those working in the identity ecosystem dating back to at least 2006:
identirati[5] "have been working on standards and methods that are based on the premise of opening up those [id data] silos"
- Identirati is a term for those working in the identity ecosystem dating back to at least 2006:
- More information on iid standards history: IIW-Wiki | identitywoman.net | windley.com-#identity | WoTinfo
8/14 The Credentials Community Group[6] forms, hosted by World Wide Web Consortium(W3C)[twitter][github] : "to forge a path for a secure, decentralized system of credentials that would empower both individual people and organizations on the Web to store, transmit, and receive digitally verifiable proof of qualifications and achievements." —proposed by Manu Sporney[twitter][7]
Rebooting the Web Of Trust^
In relation to SSI, 'Web of Trust' is a network of relationships that attest to our identity claims. Each party attesting to your identity information becomes a strand in your web of trust.
The first Rebooting Web of Trust(RWoT) workshop was held during November 2015; attracting the likes of Vitalik Buterin, Peter Todd, Gregory Maxwell, Joel Dietz, Christopher Allen, and Jon Callas, according to Andreas Antonopolis.
The initial workshop, produced 5 technical white papers:
[5 WoT-usecases][Decentralized PKI][Smart Signatures][Creating a New World of Trust][Rebranding the Web of Trust]:
The Web of Trust is a buzzword for a new model of decentralized self-sovereign identity. It’s a phrase that dates back almost twenty-five years, the classic definition derives from PGP [...] the vibrant blockchain community is also drawing new attention to the concept we aim to reboot it.
Bitnation and the United Nations^
9\15 Bitnation "seeks to establish the concept of 'world citizenship' via a bitcoin based identity, offering 'blockchain emergency IDs' to refugees.[8] The same month, the UN unveiled it's Agenda for Sustainable Development.
Goal 16.9 By 2030, provide legal identity for all, including birth registration.
- DIGITAL IDENTITY AS A BASIC HUMAN RIGHT
- AID:Tech[twitter] — "is a voucher and digital identity solution for refugees. A digital record of a person's identity is stored on a smart card, along with various additional information. Blockchain technology is used to distribute all resources in a highly traceable manner."
ID2020 and the GDPR^
4/16 the EU adopted the GDPR, enacted as law May 2018. The second RWoT workshop ran in conjunction with the UN's ID2020 Summit in New York that May. There are an estimated 1.5 billion without a legal identity.[9] Without a legal identity it is very difficult to recieve any services, aide, or to advance ones station in life.
Evident from the whitepapers produced at the RWoT\ID2020 Workshop[10] the DID identifier began to emerge:
[Clearer Identity Through Correlation][Physician Patient Relationship][Protecting Digital ID in Developing Countries][Smarter Signatures]
"Respect Network is conducting a research project for the U.S. Department of Homeland Security, HSHQDC-16-C-00061, to analyze the applicability of blockchain technologies to a decentralized identifier system. Our thesis is that blockchains, or more generically distributed ledgers, are a potentially powerful new tool for “identity roots” — the starting points for an Internet identity. However “blockchain identity” may not fully address the core security and privacy principles needed in a complete identity system. In this case DIDs — Decentralized Identifiers rooted on a distributed ledger — may end up being a foundational building block for higher level identity management solutions. -Requirements for DIDs
- At this point in time DLT innovation, the United Nations Sustainable Development Goals, and the EU GDPR all came together supporting a core identirati tenant: Eliminating id data silos and empowering users regarding personal digital identity.
Decentralized Identity Foundation^
On May 22 at Consensus 2017 the formation of the Decentralized Identity Foundation (DIF) was announced:
- Decentralized Identity Foundation (DIF) [github] [twitter] [blog]
- the following links highlight something each member adds to the DID ecosystem:
- Members include: Microsoft, uPort, IBM, Sovrin, SecureKey, Blockstack, Evernym, Hyperledger, Civic, Accenture, Danube, netki, RSA, Consent, IOTA, Mooti, r3, Authenteq, Blockchain-foundry, Validatedid, 1kosmos, gamecredits[*], auth0, jolocom, Enigma, Humanized-internet, Pillar, id2020, Nuggets.
- Decentralized Identity Foundation Grows To 56 Members In Our First Year
- A Universal Resolver for self-sovereign identifiers [github]
Resources
EU General Data Protection Regulation Act^
- Blockchains and Data Protection in the European Union
- IBM — How blockchain could address five areas associated with GDPR compliance
- GDPR - A reflection on the 'self-sovereign identity' and the Blockchain
- GDPR and Privacy by Design, What developers need to know
- Privacy by Design The 7 Foundational Principles
- When GDPR Becomes Real, and Blockchain is no longer fairydust
- Digital Identity Management in the Context of GDPR & Sovrin —Why Data Privacy Matters & How to Protect It
- Self-Sovereign Privacy By Design
Self Sovereign Identity^
- WebOfTrustInfo/self-sovereign-id
- Self-Sovereign Identity: Why Blockchain?
- A Technlogy-Free Definition of Self-Sovereign Identity (SSI)
- Self-Sovereign Identity Principles
- Inevitable Rise of Self-Sovereign Identity
- Experts talk Self-Sovereign Identity
- Self-Sovereign Identity — wiki.p2pfoundation
0/ “Self-Sovereign Identity: A Progress Report”…
— Christopher Allen (@ChristopherA) April 25, 2018
Selected 'Rebooting Web of Trust' Whitepapers^
- WebofTrust.info/papers.html
- Rebooting the Web of Trust VII: Toronto (September 2018)
- Framework for the Comparison of Identity Systems
- A Primer on Functional Identity
- The DCS Theorem — We use the triangle to show decentralized consensus systems can have Decentralization, Consensus, or Scale, but not all three properties simultaneously.
- Identity Crisis: Clear Identity through Correlation
- Decentralized Key Management System
- SSI: A Roadmap for Adoption
RWoT Use Cases^
—infogrphic workflow examples
- Amira 1.0
- Re-Imagining What Users Really Want
- Joram 1.0.0
- Powering the Physician-Patient Relationship with HIE of One Blockchain Health IT
- Protecting Digital Identities in Developing Countries
- Opportunities Created by the Web of Trust for Controlling and Leveraging Personal Data
World Wide Web Consortium^
- World Wide Web Consortium(W3C) [twitter] [github]
- Credentials Community Group[blog]
- Verifiable Claims Working Group
- The W3C CREDENTIALS COMMUNITY GROUP | W3C CCG
- Verifiable Claims Data Model 1.0 [github]
- Verifiable Claims Use Cases 1.0
- JSON-LD 1.0, W3C Recommendation
- opencreds.org — Identity Credentials 1.0
- DIGITAL VERIFICATION COMMUNITY GROUP[github]
DID the Decentralized Identifier^
- w3c- Decentralized Identifiers (DIDs) v0.11
- DID Primer -Extended
- Decentralized IDentifers (DIDs)
- A Universal Resolver for self-sovereign identifiers
- @ChristopherA on DID adoption
"22/ Over a dozen companies and organizations, using multiple blockchains (Bitcoin, Ethereum, Hyperledger, etc.), have committed to deploying DIDs, including IBM, Microsoft, Digital Bazaar, Consensys, Evernym, Learning Machine, British Columbia, and more:" —How blockchain could solve the internet privacy problem
- Requirements for DIDs
- Veres One DID Method 1.0 — a permissionless public ledger designed specifically for the creation and management of decentralized identifiers (DIDs)
- Blockstack DID Spec[*]
- Identity Hubs Capabilities Perspective - Identity Hubs currently proposed in the Decentralized Identity Foundation (DIF) are a subset of a general Decentralized Identifier (DID).
Evernym^
- Evernym [twitter]
- The Three Models of Digital Identity Relationships — How self-sovereign identity (SSI) is different, and why it’s better
- Is Self-Sovereign Identity the ultimate GDPR compliance tool? [1\3] [2] [3]
The Sovrin Foundation^
- The Sovrin
Foundation is creating a public instance of Hyperledger Indy's code; initially developed by Evernym
[Forum] [Slack][Twitter][Github] - Sovrin Library
- Getting Started with Sovrin
- Sovrin: A Protocol and Token for Self-Sovereign Identity and Decentralized Trust
- Sovrin Network: What Goes on the Ledger?
- Sovrin Governance Framework
- How Sovrin Works—A Technical Guide from the Sovrin Foundation
- Sovrin Test Network Trust Anchor Registration[Forum]
Selected articles from Windley.com ^
- An Internet for Identity
- A Universal Trust Framework
- The Case for Decentralized Identity
- Building Your Business on Sovrin: Domain-Specific Trust Frameworks
- The Sovrin Foundation
- Decentralization in Sovrin
Tykn Tech^
- Tykn The Future of Resilient Identity [twitter] [github]
- Tykn: Extended Overview
- Digital Identity Management in the Context of GDPR & Sovrin —Why Data Privacy Matters & How to Protect It
Hyperledger Indy^
- Hyperledger Indy - Distributed Ledger and Utility Library [twitter] [wiki] [github]
- Hyperledger Welcomes Project Indy - ANN
- The Rise of Self-Sovereign Identity - Hyperledger Indy
- Plenum Bzantine Fault Tolerant Protocol
- "Byzantine fault tolerance is a sub-field of fault tolerance research inspired by the Byzantine Generals' Problem, which is a generalized version of the Two Generals' Problem."
- An Accumulator Based on Bilinear Maps and Efficient Revocation for Anonymous Credentials
- An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation
- SecureKey Technologies to explore interoperability between Verified.Me and Hyperledger Indy
- The Linux Foundation's Blockchain for Business edx course may be freely audited and has a section on Indy.
- Implementing Privacy by Design in Hyperledger Indy
- Indy Demo by IBM (video)
IDEMix -Zero Knowledge Proof's in Evernym\Indy^
Our zero-knowledge proofs are part of the Idemix protocol, where they are used to prove the possession of Camenisch-Lysyanskaya credentials. We also use zero-knowledge proofs in the revocation protocol, which is based on cryptographic accumulators. —What Zero Knowledge Poof Algorithm is used in Sovrin?
Identity Mixer is not directly (re)implemented by Sovrin, but its cryptographic foundations are very similar, and Sovrin’s implementation includes most of its extended features (predicates, multi-credential, revocation, advanced issuance…). One of the researchers who helped to create Identity Mixer is on Sovrin’s Technical Governance Board and has offered insight to keep the implementations aligned on goals and methods. —How is IDEMix Implemented?
- IBM Identity Mixer | blog
- Concepts and Features of Privacy-Preserving Attribute-Based Credentials
- AnonCreds: Anonymous credentials protocol implementation in python [Usecase]
IBM^
- github.com/IBM-Blockchain-Identity
- How do we start tackling the existing identity problem
- Swipe Right on Verifiably Credentials
- WISeKey fully deployed its CertifyID integrating Digital Identity with Blockchain technology
- SecureKey: partners with IBM to enable a new digital identity and attribute sharing network based on Hyperledger Fabric blockchain.
Ethereum^
- Decentralized Digital Identity on Ethereum -SlideShare
- ERC725 | ERC735
- proposals in the Ethereum community to standardize smart contracts for certain identity-related operations such as key management, as well as signing transactions, documents, and "claims", which may be attested by third parties or self-asserted.
- Proof-of-Individuality — how to prove a person only has one account
- Different Approaches to Ethereum Identity Standards
- Managing Identity with a UI—ERC-725
- Ethereum ERC725 Blockchain Based, Self-Sovereign Identity Management
- DEVCON1: Digital Identity — video from DEVCON1
Ethereum Identity Applications^
- uPort [github] [twitter]
- Deloitte SmartID [github]
- "Smart Identity uses the Ethereum blockchain to represent an identity using a smart contract, attributes can be added by the identity owner and are stored in hash form"
- Nuggets [wp]
- "is a blockchain platform giving users a single biometric tool for login, payment and identity verification. It stores an individual's information in a "personal cloud" in "zero-knowledge blockchain storage".
- Deloitte SmartID [github]
- "Smart Identity uses the Ethereum blockchain to represent an identity using a smart contract, attributes can be added by the identity owner and are stored in hash form"
- Jolocom
- a "SmartWallet" for everyone to own their personal digital identity, using Social Linked Data, WebID, and verifiable claims standards via Ethereum smart contracts.
- Democracy Earth Foundation [github]
- developing "Sovereign", a blockchain direct democracy tool using "vote" tokens to grant democratic participation rights to every human. A proof-of-individuality (POI) process based on peer-to-peer validation establishes that a self-sovereign identity is uniquely tied to a single person. The project introduces a number of interesting socio-technical concepts such as "Social Smart Contract", "Initial Rights Offering", and "Cryptographically Induced Equality". Cooperation is happening with other decentralized identity initiatives such as Blockstack and uPort.
- Ockam — creating a ERC20 based platform that registers IOT devices to a blockchain to solve systemic security and interoperability problems.
- Cambridge Blockchain [github][research]— Blockchain for validating secure digital identity documents, processing electronic signatures, and recording transactions."
State Led Initiatives^
- Identity Validation as a Public Sector Digital Service?
- Federal Funding for Blockchain Security and Identity Verification Technologies
Canada^
- White Paper: Canada’s Digital ID Future - A Federated Approach
- BCGov Verifiable Organization Network – Impressive Client Demo
- Verified Organization Network [github]
- "an initiative by the government of British Columbia to create a trusted network of organizational data. It allows organizations to claim credentials that are part of their own digital identity, using a component called TheOrgBook that lists entities with their associated public verifiable claims."
Netherlands^
- TU Delft helps develop digital ID for use on your phone
- Self-Sovereign Identity Systems for Humanitarian Interventions—A Case Study on Protective Cash Transfer Programs
- Deployment of a Blockchain-Based Self-Sovereign Identity - Delft
- TrustChain: A Sybil-resistant scalable blockchain - Presentation
- Dutch Blockchain Coalition | Action Agenda
USA^
- Illinois Blockchain Initiative — partners with Evernym to launch birth registration pilot
- U.S. Department of Homeland Security funds four Blockchains
Spain^
- Alastria [github]
- a non-profit consortium building a national blockchain ecosystem for Spain. The security and veracity of information will be ensured through the identification of natural and legal persons, while at the same time allowing citizens to have control over their personal information in a transparent way following the guidelines set by the European Union.
Switzerland^
- Zug ID: Exploring the First Publicly Verified Blockchain Identity (uport\ethereum)
Estonia^
Assorted Decentralized \ Blockchain ID Related^
- Danube Tech — digital identity and personal data, including personal agents, semantic graphs, and blockchain [xdi] [navigator]
- Founded by Markus Sabadello (Peacekeeper) [twitter] [github] [blog]
- Identity at Coinbase: Welcoming the Distributed Systems team [wired]
- Proof of Authority
- Shocard — "Blockchain-Based Mobile Identity Platform"
- Authenteq [twitter] [github]
- enables users to create their own sovereign digital IDs which are stored encrypted on BigChainDB
- JLinc — registers cryptographic public keys on the Stellar blockchain.
"The founders have been at the center of a community of developers working on “user-centric digital identity for almost two decades."
- Internet of People — "an open, decentralized infrastructure consisting of device-to-device communication, blockchain tokens, profile servers, and other components." -Founded by Fermat
- Blockchain Helix[ico][wp]
- "Identity as a Service", "Data as a Service" and "Blockchain as a Service" The company offers to increase the speed of KYC/AML processes while hughly decreasing the cost
- Civic launches: identity.com[github][blog]
- Mooti | docs
- offers an "identity chain" technology that makes it possible to issue and revoke verified claims using elliptic curve cryptography (curve25519, secp256k1) and includes privay-enhancing features
- Spidchain [wp]
- "offers a platform for self-sovereign identity, including desktop and mobile apps for end-users. It uses Decentralized Identifiers (DIDs) - backed by optionally Bitcoin or Ethereum - to implement a marketplace for verifiable claims. The Spidchain applications allow individuals to create, recover, and revoke DIDs, to authenticate, to sign and verify files and claims, and more."
- Cicada
- a Dapp platform built for a "direct democracy." envisions using iris scans to generate decentralized universal identifiers ("HUIDs") for every human on the planet, a method referred to as "biocryptics". "HUIDs" can have "sub-IDs" to support selective disclosure. PII can be stored in an "info wallet". Key parts of the system also include smart contracts, zero-knowledge proofs, mixnets, and more."
- Keyp —"Welcome to Europe’s fastest growing open digital identity ecosystem."
- I/O Digital Foundation | whitepaper
- "offers a Proof-of-Stake blockchain called Decentralised Input Output Name Server (DIONS). It will enable applications such as identity and alias registration, storage of legal documents, key exchange, and encrypted messaging."
- Mooti - Mooti is reimagining the security and utility of personally identifiable information and authentication based on our self-sovereign identity solutions, asymmetrical encryption, and blockchain technology.
Humanitarian^
- iRespond -international non-profit organization dedicated to solving the identity problem using a unique digital biometric identity solution
- The Humanized Internet — "to defend the rights of vulnerable people, and give every human being worldwide secure, sovereign control over their own digital identity."
- CheapID - identity standard designed for use in conflicted environment like those many refugees or disaster victims may find themselves in.
- World Identity Netowork —Blockchain for Impact (BFI)-UN
Structured Data Standards^
- Blockcerts — open standard for issuing and verifying blockchain-based official records; The project offers open-source libraries, tools, and mobile apps. MIT has issued digital certificates based on this standard.
- Schema — a collaborative, community activity with a mission to create, maintain, and promote schemas for structured data on the Internet. Schema.org vocabulary can be used with many different encodings, including RDFa, Microdata and JSON-LD. These vocabularies cover entities, relationships between entities and actions, and can easily be extended through a well-documented extension model. Over 10 million sites use Schema.org to markup their web pages and email messages. Many applications from Google, Microsoft, Pinterest, Yandex and others already use these vocabularies to power rich, extensible experiences."
- DIDs the Decentralized Identifiers of the W3C^
Decentralized Public Key Infrastructure (DPKI)^
- Blockstack — [github][forum][blog][twitter]
- a network of computers that collectively maintain a global registry of domain names, public keys, and cryptographic hashes. With this registry, Blockstack serves as a decentralized domain name system (DNS) and a decentralized public key infrastructure (PKI).
- Onename — "a product built on Blockstack that allows people to register identities"
- Decentralized Public Key Infrastructure
- DIDs in DPKI
- SCPKI: A Smart Contract-based PKI and Identity System
- KeyChains: A Decentralized Public-Key Infrastructure
- ClaimChain: Decentralized Public Key Infrastructure
- A Decentralized Public Key Infrastructure with Identity Retention
- Privacy based decentralized Public Key Infrastructure (PKI) implementation using Smart contract in Blockchain
Personal Data: Wallets, Marketplaces, etc.^
- Mydata [twitter] [papers] [declaration]
- goal: to empower individuals with their personal data, thus helping them and their communities develop knowledge, make informed decisions, and interact more consciously and efficiently with each other as well as with organisations."
- Consent[12] — "platform for trusted personal data applications and services, using Ethereum smart contracts to implement decentralized identifiers, verified credentials, consent receipts, a web of trust, and exchange of assets and value."
- Pillar Project [wp]
- planning to offer a "Personal Data Locker" consisting of a wallet, browser, and token exchange. Personal assets will be put on a blockchain, and "Pillar" tokens will be issued."
- Aversafe —"allows individuals to store personal details, work history, certificates and achievements. It leverages a permissioned blockchain for trusted audit and participation in the storage of attestation data separate from the actual data stored"
- Datum [wp]
- "network allows anyone to store structured data on a smart contract blockchain. Data can optionally be bought and sold on a marketplace using the DAT token. Datum leverages BigchainDB and IPFS as data storage backends. All data is encrypted and protected using AES256-GCM.
- ONTology [github]— "a "Distributed Trust Network" which combines a cross-chain identity system, peer-to-peer data transmission, data authorization mechanisms, distributed data storage, attestation, and various industry-specific modules. It also includes an Ontology Crypto Package (OCP) and an Ontology Marketplace (OM)."
- We can do better than selling our data-Doc Searls(IIW)
- Pro-civis — "e-government as a service" platform called "eID+". It enables citizens to get an official, electronic Citizen-ID on a mobile app.
- The platform includes the Vetri wallet and marketplace. 'Earn extra income and rewards by joining the data economy.'"
2018 Identity Landsacpe brought to you by: One World Identity — independent advisory and digital strategy consultancy focused on trust and the data economy.
Reports^
- Global Blockchain Identity Management Market 2018-2022
- How Blockchain Revolutionizes Identity Management
- Digital Identity: the current state of affairs
- Blockchain: Evolving Decentralized Identity Design
- White Paper: Canada’s Digital ID Future - A Federated Approach
- IDENTITY MATTERS
- Accenture: ID2020: DIGITAL IDENTITY with Blockchain and Biometrics
- Privacy-Preserving Authentication, Another Reason to Care about Zero-Knowledge Proofs —slideshare
- r3- Identity in Depth
Research-Papers^
- Establishing Identity Without Certification Authorities
- A First Look at Identity Management Schemes on the Blockchain
- ChainAnchor — Anonymous Identities for Permissioned Blokchains
- Decentralizing Privacy: Using Blockchain to Protect Personal Data
- TOWARDS SELF-SOVEREIGN IDENTITY USING BLOCKCHAIN TECHNOLOGY
- Self-sovereign Identity – Opportunities and Challenges for the Digital Revolution
- The Knowledge Complexity Of Interactive Proofs
Video^
- Is Blockchain the Future of Digital Identity? -CB Insights
- Identity and Blockchain Technology
- Phil Windley on the Sovrin Network
- Self-Sovereign Identity with Hyperledger Indy\Sovrin- Calvin Cheng - FOSSASIA 2018
Sources^
- IIW-Wiki
- wiki.idcommons.net
- /WebOfTrustInfo
- /peacekeeper/blockchain-identity
- /blockchain-id.toml
- identitywoman.net
- windley.com/tags/identity