Webinar: Identity and the quest for Self-Sovereign Identity

Daniel Hardman

Chief Architect Evernym and Secretary of the Technical Governance Board Sovrin Foundation

​

@dhh128

​

https://creativecommons.org/licenses/by-sa/4.0/

18 June 2018

SSIMeetup.org

• Empower global SSI communities
• Open to everyone interested in SSI
• All content is shared with CC BY SA

SSIMeetup objectives

Alex Preukschat @SSIMeetup @AlexPreukschat

Coordinating Node SSIMeetup.org

​

https://creativecommons.org/licenses/by-sa/4.0/

18 June 2018

SSIMeetup.org

What is “identity”?

SSIMeetup.org

Aspects of Identity: Relationships

You are

who you know

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

Aspects of Identity: Attributes

You are

your data

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

Aspects of Identity: Agents

You are

your agents

Agents

your realtor

your iPhone app

your lawyer

you

your cloud service

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

You are

all of these

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

Who knows what about me?

you

relationship~attribute

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

you

agent~relationship

Which proxy represents me

where?

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

you

agent-attribute

Which proxy can share what about me?

From ideas first articulated by Jason Law (private communication).

SSIMeetup.org

What is “self-sovereign identity”?

Why is it decentralized?

SSIMeetup.org

Traditional / Siloed Identity (Centralized)

From ideas first articulated by Timothy Ruff; see http://bit.ly/2rB180M

SSIMeetup.org

Third-Party IDP (Federated)

From ideas first articulated by Timothy Ruff; see http://bit.ly/2rB180M

SSIMeetup.org

Decentralized

From ideas first articulated by Timothy Ruff; see http://bit.ly/2rB180M

SSIMeetup.org

Defining Characteristics of Self-Sovereign Identity

• No central authority grants, monitors, controls, manages, deletes it
• High privacy and high security are achievable (though not guaranteed)
• You choose how and where it’s used
• Portable by you across contexts (bring your own identity)
• All identities are peers (corrects power imbalance)
• Surprising ramifications for regulation, UX

SSIMeetup.org

SSI (Decentralized+)

DKMS

SSIMeetup.org

Approaches to SSI

SSIMeetup.org

The Great Enabler

A source of truth not under central control, that all parties can trust. Can’t be gamed. Gives same answer to everyone. Anyone can write.

SSIMeetup.org

Different Ledgers, All Decentralized

public unpermissioned

​

Bitcoin, VeresOne

public permissioned

​

Sovrin (Indy)

private unpermissioned

​

Enterprise Ethereum Alliance

private permissioned

​

R3, CULedger

governed by code(rs)

governed by constitution

owned

championed

SSIMeetup.org

Unpermissioned -- Governed by Code(rs)

public unpermissioned

​

Bitcoin, VeresOne

public permissioned

​

Sovrin (Indy)

private unpermissioned

​

Enterprise Ethereum Alliance

private permissioned

​

R3, CULedger

governed by code(rs)

governed by constitution

owned

championed

Usually use proof of work -- an expensive, pre-agreed mathematical computation to prevent gaming system. Challenges = scale, latency, volatility of cryptocurrency, regulation.

SSIMeetup.org

Permissioned -- Governed by Constitution

public unpermissioned

​

Bitcoin, VeresOne

public permissioned

​

Sovrin (Indy)

private unpermissioned

​

Enterprise Ethereum Alliance

private permissioned

​

R3, CULedger

governed by code(rs)

governed by constitution

owned

championed

Consensus algorithm: faster, more scalable. May not be censorship-resistant. Can accommodate regulation--but what if you don’t like the constitution?

SSIMeetup.org

Challenges to Sovereignty - Control

• Putting data in a cloud owned by someone else
• Mismanaging keys - impersonation
• Inability to take identity somewhere else

​

SSIMeetup.org

Challenges to Sovereignty - Privacy

• Having a single DID or a single endpoint
• Presenting credentials that are correlating

​

SSIMeetup.org

Challenges to Sovereignty - Regulation

• Inability to comply with AML/KYC regs
• Hostility of governments - refuse to participate

​

SSIMeetup.org

More Challenges

Cost

Ease of Use

Divergent Standards

Indy = Independent Identity

• Project under the Hyperledger Initiative
• Identity on a special-purpose blockchain
• Uses byzantine consensus instead of proof of work
• Radically reduce costs (identity should be free)
• Improve throughput (latency in tenths of second, not in tens of seconds)
• No constitution -- bring your own

​

SSIMeetup.org

What can you do with Indy?

• Establish a secure, private channel with another person, organization, or IoT thing -- like an authentication + a VPN, but with no session and no login.
• Send and receive arbitrary messages with high security and privacy
• Prove things about yourself; receive and validate proofs about others.
• Create agents that proxy you in the cloud or on edge devices.
• Manage your own identity:
• Authorize/revoke devices
• Create/update/revoke keys

To do this, all you need is an Indy client. You can build one for free with the Indy SDK.

SSIMeetup.org

Code

https://github.com/hyperledger/indy-sdk (for writing clients)

• stable branch is about 2 months old
• evolving quickly; suggest you use master branch
• can build from source; pip3/maven/apt installs also available
• wrappers: ./wrappers/{dotnet | objectivec | java | python | node | go}

https://github.com/hyperledger/indy-node (the ledger code itself)

• python 3.5
• Installs from .DEBs

​

SSIMeetup.org

Instances of Indy

Sovrin Live Network

• Public
• For production but limited use
• Guarantees: data integrity/permanence, trust framework

Sovrin Test Network

• Public
• For experimental use
• Guarantees: none

​

​

​

Your Own Network -- see http://bit.ly/indy-in-docker

• If you already have docker, stand up in 1 minute
• Use however you like
• To share with others, requires port forwarding

Sovrin adds a formal, legal constitution, called a “Trust Framework”, to Indy. It is a global public utility for identity.

SSIMeetup.org

Artifacts

• libindy: c-callable library that lets client call identity ledger
• wrappers: easier usage in common languages
• python
• java
• .net
• iOS (ObjectiveC)
• node.js
• go (in PR; not yet tested)
• documentation
• https://github.com/hyperledger/indy-sdk/blob/master/doc/getting-started/getting-started.md
• https://github.com/hyperledger/indy-sdk/tree/master/doc/how-tos
• CLI

SSIMeetup.org

Appendix

SSIMeetup.org

Core Concept - DIDs

A DID (decentralized identifier) is like a uuid for your identity.

DIDs are 128-bit nums written in Base58: did:sov:AKRMugEbG3ez24K2xnqqrm

A DID is controlled by one or more Ed25519 pub/priv key pairs. Pub key is called a “verkey” (verification key); priv key is called a “signing key”.

DIDs can be created on many different blockchains; right now, Indy only supports Sovrin-style DIDs (would love PR for did:BTC, did:ETH, etc…)

More info: the DID spec at W3C (https://w3c-ccg.github.io/did-spec/) and here

​

case-sensitive

SSIMeetup.org

Core Concepts - Byzantine Consensus

Instead of proof of work, many nodes confer and reach consensus to prevent double-spend.

3f + 1 = total nodes, out of which f can be exhibiting faults

• f = faults = malicious, malfunctioning, offline
• Must submit to f+1 nodes to guarantee at least 1 is not malicious/faulting
• Must receive state proof or responses from f+1 nodes

​

​

SSIMeetup.org

Core Concept - Ledger Roles

Most work on indy can be done by any identity, but a few operations are special:

• Only trustees can add a steward.
• Only stewards can add a node.
• Only trust anchors can add a DID (spam preventer; may go away soon)

In Sovrin, there is a trust framework that governs who can be a trustee or steward; requires signing pledge to support SSI principles. In your own indy network, you can assign these roles to anybody.

SSIMeetup.org

Core Concept - Genesis Transactions

• The code is published with some genesis transactions that identify the initial nodes and the trustees that will set the rules for the network. (Rules can be a free-for-all, but can also be stricter to fit circumstances.)
• Genesis transactions are the root of trust.

SSIMeetup.org

Core Concept - Wallets

DIDs and their keys are stored in an identity wallet.

Identity wallets are like cryptocurrency wallets, but store additional types of data. More info here.

Indy SDK includes a default implementation of a wallet that works out of the box.

SSIMeetup.org

Safe handling of secrets in an API

• Prefer to generate the secret in its final resting place, possibly using a seed if you need determinism.
• Use the secret in its safe place--don’t pass out to untrusted parties.
• TPMs, HSMs, and so forth follow these rules.
• Indy’s current wallet interface does, too. You can’t get private keys out.

SSIMeetup.org

Core Concepts - Credentials

Credentials are JSON docs, digitally signed in a special way by an issuer.

Credentials can be used by their holder to generate cryptographic zero-knowledge proofs that can be checked by a verifier.

SSIMeetup.org

Submitting a Transaction to an Indy Ledger

• Build the JSON that describes the transaction
• Sign it
• Submit it to f+1 nodes
• Wait for enough responses to trust the answer

SSIMeetup.org

Next Steps

Try the Getting Started Guide

Explore the How-Tos

Ask questions: #global-digital-id or #indy, or #indy-sdk on chat.hyperledger.org

​

Daniel Hardman, github @dhh1128, daniel.hardman@evernym.com

SSIMeetup.org

Gartner on Siloed Identity

“Organizations require these digital identities before they can offer their services or allow any access to their resources. It is common for people to lose track of their siloed digital identities or not even have the ability to control their identity profile in many of these organizations. Both people and organizations increasingly feel the pain, and learn that this model is neither scalable nor sustainable as the use of digital services become more pervasive.”

December 2017 Gartner report, Blockchain: Evolving Decentralized Identity Design

SSIMeetup.org

4 Trillion = Annual Cost of Fraud

https://www.croweclarkwhitehill.co.uk/wp-content/uploads/sites/2/2017/02/crowe-the-financial-cost-of-fraud-2017.pdf

SSIMeetup.org

Webinar: Identity and the quest for Self-Sovereign Identity

Daniel Hardman

Chief Architect Evernym

​

@dhh128

​

https://creativecommons.org/licenses/by-sa/4.0/

18 June 2018

SSIMeetup.org