"The more one writes about identity, the more the word becomes a term for something that is as unfathomable as it is all-pervasive," wrote the pschologist who coined "identity crisis"
We wrote Demistifying Digital ID to lend some clarity
TLDR Thread 👇
We wrote Demistifying Digital ID to lend some clarity
TLDR Thread 👇
Identity is not 1 product. It is the many challenges related to how a product, service or network manages its relationship with users.
This includes auth, KYC, access permission, data, dozens more.
It is the intersection, not the union, of these user-related capabilities
This includes auth, KYC, access permission, data, dozens more.
It is the intersection, not the union, of these user-related capabilities
Each of these challenges has their own solutions and options. They are not the same.
But they share a common thread - they make up your relationship with your user, your management of it, and your users’ experience of your product and how it fits into the others they use.
But they share a common thread - they make up your relationship with your user, your management of it, and your users’ experience of your product and how it fits into the others they use.
One of these challenges (say, KYC) may be most prominent for you now. Another will be tomorrow. As you grow, serve more use cases, integrate with others, and process more value, the complexity and risk grow fast.
They challenges are different but you want them to relate.
They challenges are different but you want them to relate.
Identity infra should be a simple way for each new capability to tie seamlessly into the others..
With more than this, your starting point is too opinionated to properly adapt.
Without this, you end up with a messy tangle instead of a neat common thread.
What doesn’t work?
With more than this, your starting point is too opinionated to properly adapt.
Without this, you end up with a messy tangle instead of a neat common thread.
What doesn’t work?
-Keypairs are fragile, siloed, and cannot easily extend
-On-chain IDs are network-limited and can compromise privacy
-0auth can be an auth method, but necessitates complex user tables & mappings
-Custom solutions are typically risky, fragile, and locked out of ecosystem progress
-On-chain IDs are network-limited and can compromise privacy
-0auth can be an auth method, but necessitates complex user tables & mappings
-Custom solutions are typically risky, fragile, and locked out of ecosystem progress
What does? The W3C spec for decentralized identity: DIDs.
DIDs are the starting point for resilience, trust and interoperability.
Spec: w3.org/TR/did-core/
There are many options (incl 3ID from @3boxdb ) and it’s easy to get started.
This is ‘necessary but not sufficient’
DIDs are the starting point for resilience, trust and interoperability.
Spec: w3.org/TR/did-core/
There are many options (incl 3ID from @3boxdb ) and it’s easy to get started.
This is ‘necessary but not sufficient’
Self-sovereign or user-centric identity models, built around DIDs, can let info about the user accumulate around the user.
This DRAMATICALLY reduces burden, risk & complexity for devs -- the user becomes the routing point, the single API, the nodes of a powerful ecosystem.
This DRAMATICALLY reduces burden, risk & complexity for devs -- the user becomes the routing point, the single API, the nodes of a powerful ecosystem.
This turns identity from an enabler into an advantage.
It must be practical, seamless, flexible: it should work with developers in their stack, and users in theirs.
Beyond DIDs. this calls for a system to link any key, account, or piece of user info together.
It must be practical, seamless, flexible: it should work with developers in their stack, and users in theirs.
Beyond DIDs. this calls for a system to link any key, account, or piece of user info together.
Specifically, 5 things are needed.
1. Chain-agnostic, multi-key authentication
2. A flexible, standard, DID agnostic account model
3. Shared profile and account metadata
4. User-centric routing to external resources
5. On-chain account links
1. Chain-agnostic, multi-key authentication
2. A flexible, standard, DID agnostic account model
3. Shared profile and account metadata
4. User-centric routing to external resources
5. On-chain account links
Together, these can form an interoperable graph for a user's keys, personas, data, resources, preferences, and other info.
Web identity should not be a single solution or stack for everything. It is flexible middleware that easily unifies related pieces.
Web identity should not be a single solution or stack for everything. It is flexible middleware that easily unifies related pieces.
This middleware calls for a permissionless, censorship-resistant, completely interoperable decentralized network for the linked and signed documents that make up this identity graph.
That happens to be what we’re building with our partners @ceramicnetwork. :)
That happens to be what we’re building with our partners @ceramicnetwork. :)
It’s thin, light, and practical for apps and services alike. Any identity-related solution for auth, KYC, anti-sybil, reputation, etc. can all use it.
It’s easily extensible to account for the infinite diversity of challenges and permutations of identity.
It’s easily extensible to account for the infinite diversity of challenges and permutations of identity.
A common mistake in ‘real life’ is to think of identity as static, singular, and individual. That misconception leads to identity crises, in our heads and in our tech.
Identity is dynamic, plural and social. Our digital identity infrastructure must be too.
Identity is dynamic, plural and social. Our digital identity infrastructure must be too.
Huge thanks to the people and partners that informed and are contributing to this ongoing work (and to those who served as great examples in pulling this together :)
@IPFS @textileio @metamask_io @orbit_db @WalletConnect @ChrisLundkvist @PelleB @uport_me
@rh7 @DecentralizedID
@IPFS @textileio @metamask_io @orbit_db @WalletConnect @ChrisLundkvist @PelleB @uport_me
@rh7 @DecentralizedID
