What are the Verifiable credentials and Decentralised Identifiers?
Currently, we rely on identity providers/verifiers from internet biggies like Google, Facebook, email providers, or mobile network providers. The identity we own but we have to rely on these parties which can lead to intentional compromise of data by these organizations or obtain by a hacker with malicious intent.
Even when using a messaging service such as WhatsApp, where your communication is encrypted, the intermediary (Facebook) can still see and collect your metadata. This alone could tell them: who you messaged, at what time, for how long, in which intervals, from what location, while using which apps.
What are Decentralized Identifiers?
Decentralized Identifiers are global, unique, and persistent identifiers.
Properties of DID
- They allow for the creation of unique, private, and secure peer-to-peer connections between two parties.
- Their decentralized nature makes credentials always available for verification.
Each party — an individual or organization — can create as many different DIDs as they wish. Using separate DIDs for different digital relationships and contexts prevents data correlation.
- They are entirely controlled by the identity owner. DIDs are independent of centralized registries, authorities, or identity providers.
The relationship between DIDs, VCs, and BC (Blockchain).
- An organization(Bob Marley’s Org)issues you a Verifiable Credential, they attach their Public DID to that credential
- That same Public DID is also stored on the blockchain(an immutable record of data)
- Org (Bob Lele’s Org) issues credentials to the holder (Mariam LeLe)
- When someone (Bob Lele’s Org) wants to verify the authenticity/validity of the Credential presented by the holder (Mariam LeLe), they can check the DID on the blockchain to see who issued (Bob Marley’s Org) it without having to contact the issuing party (Bob Marley’s Org).
Verifiable Credentials Meaning
According to W3C, “Verifiable credentials represent statements made by an issuer(Bob Marley’s Org) in a tamper-evident and privacy-respecting manner.”
The Components of Verifiable Credentials
Verifiable Credentials have 3 basic components:
Cryptographically signed by the issuer. It “describe[s] properties of the credential, such as the issuer, the expiry date and time, a representative image, a public key to use for verification purposes, the revocation mechanism, and so on.” (W3C)
A statement made about a subject. Example: “Mariam LeLe’s date of birth is 01/01/1900.”
A proof is data about the holder(Mariam LeLe) that allows others to verify the source of the data (Bob Marley’s Org), check that the data belongs to you (Mariam LeLe), that the data has not been tampered with, and finally, that the data has not been revoked by the issuer.
Benefits of Verifiable Credentials
- Verifiable Credentials are private.
- The ID Holder can choose what attributes of their identity they want to disclose. For example, they could show their birth year without disclosing the day and month they were born in.
- The ID Holder is always in control of the relationship with ID Verifiers. They know what data was shared and when (there’s an audit trail) and can revoke that relationship at any time.
- They are tamper-proof through the use of cryptography.
- Verifiable Credentials can be verified anywhere, at any time. Even if the issuer does not exist anymore (with the exception of situations where the issuance of credentials happened using Private DIDs and the DID of the issuer was not written to the ledger).
- Portable. Verifiable Credentials are yours to store in your wallet and share with whomever you want. The ID Holder is not “locked-in” to the organization who issued the credential.