Few terms to know before we dive into SSI
What are credentials?
The credential is proof of something
- You work in an organization
- You are the owner of a user Id.
What is Identity Owner/Principal/Holder?
The person holding or owns the identity.
Problems with traditional credentials
· Easy to fake/copy or forge
· Easily lost or damaged
The only damaged :) :) but not misused thankfully
· Expensive to create or issue
· Can’t be verified easily
· Reveals more information than needed
What are Verifiable credentials?
Verifiable credentials (VCs) are an open standard for digital credentials. They can represent information found in physical credentials, such as a passport or license, as well as new things that have no physical equivalent, such as ownership of a bank account. VCs use decentralized public key infrastructure (I will do an article on it)
Properties of CVs
· All digital and under the owner’s control
· Highly scalable
· Very hard to fake or impersonate
· Enables minimum disclosure (Bouncer only needs to know your age)
· Much hard to impersonate (Uses PKI)
· Enables Zero-knowledge Proofs
· Data by Itself becomes useless to thief
How do you get Verifiable Credentials?
We need to understand three roles to understand how credentials are
Generated and assigned and used.
They create and issue credentials (University issuing certificates)
They receive credentials and choose to share them with verifiers (Job Provider)
They receive and verify proofs (Digitally verifiable) from Holders
1. Govt issues (Issuer) liquor license to the shop owner (Holder)
2. Shop Owner (Holder) shares his license to the customer (verifier)
Distributed PKIs (DIDs)
1. Issuer (Sam’s Card) registers on a public ledger and writes a schema (How it should look like) and provides a key /DID (Issuer DID with an associated Key)
2. Anyone on the ledger can know who the Issuer DID belong to (BB Curry’s DID is DID123)
3. Issuer also provides revocation policy and it’s signed by issuers DID
4. Now issuer is ready to issue credentials to Bob.
5. Now Bob can show the credentials to prove the identity to Joe’s Bank
6. Joe’s Bank knows that Sam’s Card has been issued and is able to verify without contacting Sam’s Card
In the upcoming article, will continue with terms and we will get our hands dirty with sample examples. If you have questions please feel free to leave comments and if you have feedback, would be appriciated.