top of page
  • Writer's pictureIgor Tkachenko

Comprehensive guide into Self-Sovereign Identity

Updated: Apr 27

Before delving into the concept of Self-Sovereign Identity (SSI), consider this fundamental question: have you ever felt that something is wrong with the modern internet or even the world? And do you believe these emotions are linked? It would be overly optimistic to claim that there is a single explanation for these concerns, let alone a single solution.


Allow us to delve into the heart of the matter. Yes, we believe that the modern world and the internet, as its digital reflection, are flawed. The root cause is outdated trust management tools that have become deeply ingrained in our lives, similar to instincts such as breathing or eating.


For those looking for a quick overview of potential solutions and an answer, we’d like to introduce SSI (Self-Sovereign Identity or Verifiable Credentials.) Self-Sovereign Identity refers to a set of principles and methodologies aimed at digitizing all of your official documents. When we talk about documents, we're talking about things like IDs, diplomas, driver's licenses, and library cards. Proponents of SSI argue that these principles can establish a strong layer of identification on the Internet, which was previously lacking because the Internet's architecture was designed for relatively small private networks.


Additionally, SSI principles allow you to use internet services without the need for traditional accounts or data sharing. Consider a service that adheres to SSI principles and does not require you to log in or create an account to interact with it.


Self-sovereign identity is a set of principles


An essential component of Self-Sovereign Identity (SSI) is trust. Consider the interplay of "trust" and "cryptography." When it comes down to it, all of the previously mentioned capabilities are linked to trust management.

  • Ownership of Digital Documents: SSI enables individuals to digitally verify specific claims. Consider demonstrating the legitimacy of your university diploma to a potential employer, fostering mutual trust without the use of intermediaries.

  • Accountless Internet Interaction enables connection with Internet services without the use of traditional accounts. Trust is established by demonstrating rightful access without relying on traditional login, enhancing user privacy and security.

  • Cryptographic Addressation: In the absence of proper internet identification mechanisms, innovation is required. Resources can be uniquely identified by cryptographically derived addresses based on content parameters, istead of domains or IP addresses. This method enables decentralized self-registration, obviating the need for central validation.


The trust triangle.


How it works. The idea is, that to make sense of trust, you need 3 parties:

  • issuer — someone who is trusted and can issue documents to document owners. For example, a university can issue a diploma for a graduate;

  • holder — someone who owns an issued document and can prove that it is issued for him or her. For example, a university graduate can prove that the digital diploma is his or her;

  • verifier — someone who trusts the issuer and can verify that the provided document belongs to the holder and is issued by a trusted issuer. For example, an employer who trusts a specific university can check if a job candidate’s diploma is issued by the trusted university and belongs to this particular candidate.


A simplified diagram illustrating the process of signing a document, providing a concise overview of the steps involved.


Shared standards.


In an increasingly diverse digital landscape, shared standards are essential. These standards, which have been endorsed by organizations such as the W3C, ensure coherence among various applications and issuers, preventing chaos and fostering harmonious SSI implementation. Asymmetric cryptography emerges as the linchpin. Secure digital interactions are enabled by private and public key pairs. Individuals safeguard the private key, which allows data signing, while the public key, which is shared for verification, ensures data authenticity and integrity.


Last but not least — cryptography


Cryptography is the key of keys here. More precisely: asymmetric cryptography, allows you to create a pair of private and public keys. The private key is stored secretly and allows you to sign some data. The public key is something that you share with others. It allows others to check if the data signature is yours and valid.


Thus, anyone can sign some document while other parties can verify it. For example, your university can sign your digital diploma and give it to you. Then everyone who trusts the university takes its public key. When you come to an employer, he or she can check if the signature on your digital diploma is valid and signed by your university.

To be honest, things are a bit more complicated than that, but this abstract should give you a concise idea, about what is going on under the hood of SSI-related implementations.


Digital interface on laptop being used by person.


Put it all together — the wallet


The key to implementing Self-Sovereign Identity is the concept of the "wallet." The wallet — an application on your device securely stores your cryptographic keys and SSI-compliant personal documents (Verifiable Credentials). When the need to share or use these documents arises, all it takes is a simple confirmation request from your wallet. Whether it's scanning a QR code or entering a one-time code, your wallet serves as the gateway, validating your identity while keeping your data safe. It's similar to signing a contract and providing your passport for verification, but it's all done digitally and seamlessly.


Afterwords


We've only scraped the surface of the complex universe of Self-Sovereign Identity in this quick investigation. It is a transformative strategy that was not developed by us but is representative of a larger paradigm shift in the world of Web 3.0 and SSI technologies. The details may be complicated, but the essence is simple: Self-sovereign identity reimagines trust in the digital era, revealing a future in which privacy, security, and authenticity coexist effortlessly.


We tried to clarify the concept, and we think this topic has done so. Please share your opinions if you have any remaining questions or comments. Your participation enriches the conversation and leads us to a better understanding of this changing digital frontier.

Appreciate you for joining us on this trip! Keep a watch out for our upcoming blog article.


91 views0 comments

Comments


bottom of page