In different phrases, you’ll be able to publish new modifications to your DID doc, over a lifetime, and the blockchain ensures that everybody can agree that the doc is correct and up to date. Think of it like a Google Doc that no central authority controls. A system like this wants to outlast each firm, and supply a service that may final for a lifetime, or extra. Thus, the extra robustly decentralized, safe and long-lasting the blockchain, the higher. There is no better option for securing DIDs than Bitcoin — the whole lot else is a dangerous experiment.
Not Just For Logins
And DIDs aren’t just for logins. We can connect these identifiers to something within the digital world.
Imagine a future the place DIDs are connected to the whole lot, equivalent to any Schema.org object — the agreed-upon customary for frequent semantic knowledge. These objects outline virtually the whole lot we work together with in our on-line world: grocery lists, music playlists, movies, block quotes, weblog posts, information, occasions, organizations, merchandise, critiques, locations and so forth. The lists of issues DIDs could be utilized to are virtually infinite.
DIDs are splendid for organizations issuing “Verifiable Credentials ” to person DIDs equivalent to digital diplomas, proof of employment, licenses, deeds for property, bar certifications, notarization, and many others. The organizations keep their personal DIDs and problem the Verifiable Credentials to the DIDs that customers create on their personal — that means, each establishment and particular person is utterly answerable for creating and sharing their personal identities. Each person may need many various DIDs, for all types of personas.
There are many various DID strategies and initiatives for every of those strategies. Below, we’ll look at the ION methodology, which is an open community that makes use of Bitcoin for chronologically-securing DIDs. Microsoft contributes to ION’s public development by means of the Decentralized Identity Foundation (DIF), as do many different entities that need to turn out to be the leaders for issuing and managing Verifiable Credentials. Neither Microsoft nor every other single entity controls ION.
ION And Bitcoin
ION is an open, public, permissionless Layer 2 Decentralized Identifier community that runs atop Bitcoin to allow robustly decentralized, interdiction-resistant W3C DIDs at scale. Unlike different DID protocols, ION is a purely deterministic sidetree protocol, which requires no particular tokens, trusted validators, or further consensus mechanisms; the linear development of Bitcoin’s timechain is all that is required for its operation.
ION settled on Bitcoin as its blockchain of alternative, since Bitcoin is probably the most safe, most decentralized and most censor-resistant blockchain. Bitcoin is the one and solely timechain.
“So, for us, Bitcoin was a necessary condition for success. The reason it wasn’t a super hard sell was that it was something we had to have and we knew we couldn’t own it. We wanted something that was differentiated and decentralized — because otherwise we could do this with a database like Azure… With Bitcoin, one of the biggest elements of this — and this did take some understanding — was security. All of those other use cases being possible is actually a symptom of no one controlling it. What we really made our decision based on was the decentralized nature plus the security. It’s the cost of attack and how you order transactions that’s important. When we started crunching the numbers, we realized that Bitcoin was the only chain that would probably be too costly to attack.“ –Daniel Buchner, Microsoft Decentralized Identity
ION is a privacy-preserving framework. All DIDs are public, similar to the way the world wide web’s Domain Name System (DNS) is public. Yet, DIDs hold no personal data. ION only cares about documenting encryption keys and routing endpoints. DIDs are not assigned to individuals by a third party. Instead, users create their own DIDs and sign operations from their own private wallet to emit them either directly to the Bitcoin blockchain or to an ION node which will efficiently batch many of the encrypted operations into a single Bitcoin block transaction.
A single Bitcoin transaction could, in theory, batch millions of ION operations. This alone invalidates the fallacious and disingenuous argument that a single Bitcoin transaction is supposedly inefficient. Nothing could be further from the truth.
ION nodes observe each new block on the Bitcoin blockchain, for new ION operations, to stay in sync. There is no need for consensus between ION nodes — it’s purely data-deterministic based on the latest state of the Bitcoin blockchain.
ION is built to scale to support the entire globe. It’s batching operation can process thousands of DIDs per second, tens of billions of operations annually. Even if, someday, the cost of a single Bitcoin transaction were to rise to $100, each DID update would cost a user roughly 1 cent, with the average user perhaps doing 100 of these operations in a year. Such operations are infrequent in daily practice, for example, rolling private keys from an old phone to a new phone.
ION can support the entire globe with over 50 billion DID operations per year. Although not a requirement, anyone could run an ION node with a Raspberry Pi and a very large hard drive. The drive can even be pruned to 4% of total data.
Verifiable Credentials
The very foundation of Verifiable Credentials is the ability to sign a proof from someone to someone else. For instance, your employer might use its DID to sign employment credentials to its employees’ DIDs and the employees can go anywhere and prove that they, in fact, are employed by the company.
In this case, ION is just used to look up the public keys behind the IDs and do the signing. The employee’s and employer’s verifiable credentials are then made available for others to verify, when permission is granted by the user.
Understandably, people might be concerned about how this technology could be used by governments. DIDs on their own are relatively pure. The alarming part is in how authoritarian entities might issue credentials from their own centralized servers. However, credentials can just as easily be attached to centralized or federated IDs that offer us no control whatsoever.
The fact that DIDs can act as a conduit for potentially unjust credentials is entirely orthogonal. DIDs are created by users and the verifiable credentials that users add to their own DIDs are issued from centralized entities that can be torn down.
It can be helpful to think of identity as clothing. Today, centralized entities force us to wear the clothing they issue us in their online prisons. DIDs are clothes that we sew ourselves and independently choose to wear for our different personas. DID wardrobes are flexible — we can choose to wear pseudonymous invisibility cloaks if we wish. As long as we retain our private keys, no one else can wear our clothing. Verifiable credentials are the badges, or scarlet letters, that society coerces us to attach to certain types of clothing. Badges we wear on our clothes can serve as part of a trust network or can be coercive. The timechain is the incorruptible DNS-like ledger that we use to communicate where our clothes can be seen.
The coercion to attach badges or scarlet letters to our clothing is another name for society — this happens with or without DIDs. Bitcoin helps us build better and more just societies, while DIDs act as an identity layer within those societies.
DIDs + Identity Hubs = The Semantic Web
DID documents can point to routing endpoints — places where your data is securely stored. The DIF Secure Data Storage Working Group has a project developing personal data stores or “Identity Hubs ” which are private servers where users will keep an encrypted vault of their personal data.
Companies like Umbrel are positioned to be the home Identity Hub providers of the future. For those unable or unwilling to own their own data, trusted third parties could provide data custodial services. The self-custody ethos still applies here: “Not your server, not your data.”
DIDs are all public, similar to DNS domains. Individuals or providers can go to anybody’s Hub and ask it questions, and the person controls who will get entry. A developer might construct a crawler to each DID and search for secondhand product objects and render a client-side UI that appears lots like Craigslist.
The identification internet is the semantic internet that the world at all times wished. There’s no want for crawling internet pages in a DID-based world. Apps or customers can cURL the info of any enterprise or any individual, and show all types of issues from trusted events. This makes the semantic internet accessible between friends and companies alike. Below, we’ll discover totally different use instances for this semantic internet:
Messaging
With DID Communications , in any other case often known as DIDComm , Decentralized Identifiers plus Identity Hubs present a DID-encrypted knowledge storage and messaging layer that may substitute one-off protocols (e.g., Signal) with a common customary for encrypted communications between friends.
If you realize somebody’s DID, you’ll be able to search for their routing endpoint, search for their public key, and ship them an encrypted message, with out an middleman, and that message can land in their personal knowledge retailer the place they can learn it in a client-side messaging app. This means builders can construct apps, like Signal or Telegram, on a standardized infrastructure the place the app is principally UI with some affordances constructed round it. DIDComm can’t be censored or deplatformed. Users are given full management of their interactions. It is believable that Twitter might incorporate DIDs and Identity Hubs for its Bluesky challenge.
While Bitcoin Lightning apps, like Sphinx , are changing into standard for messaging, DIDComm is a extra strong answer. Instead of sending messages with an elaborate Lightning equipment that piggybacks infrastructure ill-equipped for app visitors, it’s simpler to use a typical encrypted layer that is really designed for software visitors. And whereas Lightning is a tremendous, life-changing expertise for transferring cash, it’s lower than splendid to connect messaging to transaction infrastructure that essentially can’t deal with all of the issues it wants to. Additionally, Lightning requires you to at all times have a Lightning node on-line, to resolve lookups, which is not required with DIDComm.
Accreditation
Many actions in our world require the institution of belief between individuals. DIDs plus Identity Hubs permit people, organizations and firms to publicly put up credentials that others can uncover and independently confirm. For instance, in order for you to confirm {that a} faculty is accredited, you’ll be able to resolve a faculty’s DID and use it to fetch credential objects, equivalent to an accreditation, from that college’s hub.
Travel
Today, your preferences, tickets, reservations and different journey knowledge is strewn throughout a whole lot of various lodge, airline and journey apps in an enormous and unworkable mess. DIDs and Identity Hubs will help unify these app experiences.
Imagine you grant your lodge the power to view and edit your trip object . You grant your rental automobile company the power to view and edit that very same journey object and it is in a position to obtain and react to the updates that you simply or your lodge makes to the journey. Your hub tracks all the updates and you may visualize the journey with an app that is principally client-side and UI-based. Your Identity Hub acts as a private server, changing the necessity for surveillance capitalism and journey aggregation providers like Google.
Preventing Deep Fakes
Celebrities or politicians can problem DIDs and signal any textual content or video and add their signature for others to confirm.
For instance, if an internet browser supported DIDs, a person might hover over content material and see the signature and confirm the origin of the content material. This might, in concept, clear up the issue of deep fakes. As lengthy as any content material is signed with a DID, it is attainable to confirm the supply of that content material. DID signatures can act as a proof conduit for something.
Social Unrest
Frances Haugen recounted in her time with Facebook that she noticed, “conflicts of interest between what was good for the public and what was good for Facebook.” This included amplifying hate, misinformation and political unrest.
While DIDs can’t clear up all the issues of the world, it may well cut back misinformation by means of verifiable and trusted knowledge signatures on any shared content material. DIDs will help us establish the distinction between bots deliberately deployed to sow misinformation and actual people who’ve good standing in their communities.
When customers personal their personal knowledge, surveillance capitalist firms like Facebook would have a harder time manipulating our personal character flaws and judgement. This in flip will help help the W3C’s personal aim of fostering healthy communities and debate , whereas making it way more tough for social networks and political events to amplify hate, misinformation and social unrest.
Spam
Businesses and customers expertise prices of almost $20 billion annually due to e-mail spam, within the U.S. alone. DIDs can clear up any type of spam, whether or not they be spam from telephones, emails, textual content messages and so forth.
Lightning apps like Sphinx suggest combating spam with very low charges, in hopes that it turns into too costly for spammers to use in bulk. DIDs supply a superior answer by permitting customers of any communications media to require senders to assert Verifiable Credentials with accreditations from trusted third events.
For instance, a person can select to mechanically mark any communications as spam until they have DIDs that comprise an identical ServiceChannel , ContactPoint or any customized Intangible and are in good standing with household, pals, the Better Business Bureau (BBB), AARP or their native chamber of commerce. DIDs would additionally permit providers to belief customers and obviate the necessity for these silly “are you human?” assessments to show that you simply’re not a robotic.
Phishing And Online Fraud
According to the FBI , Business Email Compromise (BEC) is an elaborate rip-off focusing on companies working with international suppliers and/or companies often performing wire switch funds. Email Account Compromise (EAC) is an identical rip-off that targets people. Fraudsters compromise e-mail accounts by means of social engineering, phishing or laptop intrusion strategies to conduct unauthorized switch of funds. These scams price companies and people billions of dollars in losses per year .
Much of those crimes might be averted with DIDs, which transfer authentications away from fallible passwords and into personal keys embedded in {hardware} components that are inseparable from gadgets, until reconstructed by means of recombination of seed materials that is almost unimaginable for outsiders to reproduce.
Music Streaming
With DIDs and Identity Hubs, you might share your favourite music playlists between a number of music streaming providers, pals or household. Instead of providers every proudly owning your whole playlists and holding them in their walled gardens, you’d retailer the playlist object in your private server and grant entry to totally different providers.
New Business Models
Companies that may be disrupted by DIDs can discover new enterprise fashions that present novel providers to customers who are now answerable for their personal knowledge. These firms can act as custodians to encrypted person knowledge, the place the person can nonetheless resolve who can see what. In a world the place DIDs are commonplace, firms will want to ask permission for knowledge and customers will ideally select to use client-side UIs that forestall knowledge seize by these firms.
Companies may also discover progressive methods to assist customers handle their personal keys. After all, in a world of decentralized, user-owned DIDs, there is no “Forgot Password” button. Instead, customers can depend on trusted custodians to handle their keys.
Companies may also create new methods for customers to recreate lost keys from multiple factors and fuzzy recombination . Imagine having the ability to elect trusted guardians who can independently enable you to recreate a misplaced DID with a couple of clicks. In the occasion of a catastrophic loss, you’ll be able to create new DIDs and independently reassociate them with verifiable credentials.
Web Browsers And The War Against DIDs
As one may think, firms that make their cash off of proudly owning our identities are building up strawmen so as to forestall the standardization of DIDs in internet browsers. While the W3C DID Proposed Recommendation doesn’t technically require internet browsers, DIDs would require browser integration to actually shine.
For instance, having a built-in pockets to handle DIDs/keys to your personas, and a UI that helps you choose which to use for which interactions, would make DIDs a lot simpler to use. Secondly, you’d need DID URLs to work in your browser’s URL bar, in order that it rapidly masses DID-relative content material that the URL specifies, equivalent to social posts from the non-public knowledge retailer related to the DID, or importing a verified DID into your contacts.
Finally, you’d need different DID-based APIs within the browser, like DIDComm messaging, which might permit any web site to immediately allow customers to privately message in their app with out requiring any backend for the location to setup or handle.
The browser understanding DIDs, on account of DIDs current, is very a lot a aim. W3C members ought to put apart their cherished enterprise fashions and critically take into account supporting internet DIDs to assist guarantee private privateness, identification and primary identity-based human rights.
What Bitcoin DID
Some W3C members, equivalent to Mozilla and Google, have publicly opposed DIDs in internet browsers. Reasons embody some debatable technical considerations, however some have additionally voiced environmental considerations since DIDs elevate proof-of-work consensus methods utilized by Bitcoin. This argument is a bit like refusing to construct a pipe manufacturing facility as a result of a few of these pipes is likely to be used for transporting fossil fuels, although these pipes can be enormously useful to humanity. However, DIDs don’t require the usage of Bitcoin. Bitcoin simply occurs to be the world’s greatest “truth machine.”
Bitcoin’s power consumption is wildly exaggerated within the media and appears to be used as a strawman by W3C member organizations who are resisting disruption to their enterprise fashions. Blocking DIDs from changing into a typical in internet browsers would undermine each W3C moral internet precept. The power utilization argument relating to proof of labor for DIDs simply does not hold merit .
Proof of labor is the one battle-tested and confirmed safe consensus methodology for blockchains. Alternative consensus strategies, equivalent to proof of stake, are nonetheless experimental, depend on human habits, have known issues , can centralize over time and might fail to produce irrefutable history . The hyperlink between proof of labor, time and warmth is basic: an incorruptible distinction between previous and future is impossible without heat .
For the expense of roughly 0.1% of whole world emissions, or a small fraction of the power spent on clothes dryers , Bitcoin offers probably the most safe world chronological data and financial settlement layer whereas incentivizing renewable energy . Standby gadgets within the U.S. alone use greater than twice as a lot power as does all proof-of-work mining. The <video> tag within the HTML spec is instantly answerable for orders of magnitude extra power utilization than all proof-of-work mining, for much less profit — leisure versus securing a base layer for decentralized property and identification.
Blocking internet DIDs can be akin to blocking HTML on the premise that corporate data centers consume 1% of global electricity . Bitcoin’s share of 0.09% of worldwide power consumption (0.44% of worldwide electrical energy consumption) is a rounding error , and its power is sourced from a better share of renewables than any trade on the planet. Furthermore, Bitcoin turns energy producers into technology companies — growing income per kilowatt hour and appearing as a shock absorber for the renewable power sector, in a conveyable method. As a software to empower billions of individuals to get hold of verifiable identification, employment, banking, voting rights and a whole lot of billions of {dollars} in fraud safety, DIDs alone can be well worth the comparatively minimal unfavorable externalities of proof of labor.
If you consider the web should not cause harm to society , if you happen to consider that the web is for all people and should support healthy community and debate , if you happen to consider security and privacy are essential and that the online should enable freedom of expression whereas making it attainable for individuals to verify the information they see , if you happen to consider the online must be transparent and enhance individuals’ control and power , and if you happen to consider individuals ought to find a way to render web content as they want , then you need to help an effort to convey DIDs to internet browsers and the world huge internet. The ethical crucial is too nice to ignore.
The world wants an web that affords customers the identification and knowledge autonomy they want and deserve. And for the equivalent energy spent on Christmas lights , we will empower customers throughout the globe and transfer humanity ahead for the higher.
This is a visitor put up by Level39. Opinions expressed are fully their personal and don’t essentially replicate these of BTC Inc or Bitcoin Magazine.
