1 of 7

SSI architecture: The big picture

SSI Course Module 05

1

© KEN Labs 2022

2 of 7

The SSI stack

SSI architecture: The big Picture.

Divergence

Some types of divergence are irrelevant; others are fundamental. Separating the two is an important topic among identity architects because it affects interoperability.

Interoperability

Each of these layers embodies key architectural decisions, and each has significant consequences for interoperability.

2

© KEN Labs 2022

3 of 7

Layer 1: Identifiers and public keys

Peer-to-peer protocols as DID registries.

Conventional databases as DID registries.

Special-purpose blockchains designed for SSI .

Blockchains as DID registries.

Adapting general-purpose public blockchains for SSI.

Each DID registry uses a DID method that defines a specific protocol for interacting with that particular type of DID registry.

3

© KEN Labs 2022

4 of 7

Layer 2: Secure communication and interfaces

Protocol design

Data-oriented interface design using identity hubs (encrypted data vaults).

Message-oriented interface design using agents.

API-oriented interface design using wallet Dapps.

Interface design

Message-based protocol design using DIDComm.

Web-based protocol design using TLS.

Protocol design and interface design.

4

© KEN Labs 2022

5 of 7

Layer 3: Credentials

Given all the capabilities we have described at Layers 1 and 2, interoperability at Layer 3 comes down to two straightforward questions:

    • What format of verifiable credential will the parties exchange?
    • What protocol will the parties use to exchange it?

Credential exchange protocols

JSON Web Token (JWT) format

Blockcerts format

W3C verifiable credential formats

Server

The verifiable credential trust triangle that is at the heart of all credential exchange (physical or digital).

Layer 3: Credentials

5

© KEN Labs 2022

6 of 7

Layer 4: Governance frameworks

The full ToIP stack is a “dual stack” where the left side represents technology layers and the right side represents governance layers.

How directly governance frameworks build on verifiable credentials.

6

© KEN Labs 2022

7 of 7

Pando DID: pando.network

KEN Labs Research: kencloud.com

info@pando.network

twitter.com/KenLabs_Web3

THANK YOU

WATCHING

7

© KEN Labs 2022