Self Sovereign Identity In A Nutshell

Posted on December 5, 2021 by dirk.bangel@gmx.de

Main descriptive parts taken from: https://learnthings.online/other/2020/03/05/introduction-to-hyperledger-sovereign-identity-blockchain-solutions-indy-aries-ursa

The W3C Verifiable Credential Model (short VCM) shows the base idea of Self Sovereign Identity (Short SSI)

Source: https://www.w3.org/TR/vc-data-model/

To trust the information (claims) in a credential, it is necessary that the verifier trust the issuer and that the issuer’s processes are carried out with integrity.  Claims are assertions about a person (or business).

Claims versus Credential
Source: https://learnthings.online/other/2020/03/05/introduction-to-hyperledger-sovereign-identity-blockchain-solutions-indy-aries-ursa

Dependent on the implementation, the proof can be made for single claims or only for the whole credential. The terms proof and presentation can be used interchangeably. While verifiable credentials are an important component of SSI, a thing called a decentralized identifier (DID) is a key enabler for verifiable credentials. Per the DID specification, a DID is an address to a document containing the claims. Review this demonstration to learn more about public and private DIDs.

zero-knowledge proof (short ZKP) is about proving claims without exposing identifier about that owning subject itself.  In simplified words, for ZKP no full holder DID (document) is required, claims can be selective disclosed.

A third key component of SSI, along with verifiable credentials and DIDs, is the software that you use to process verifiable credentials and DIDs, the agents e.g., Indy, Aries and Ursa. The agent encapsulate the hyper ledger e.g., Indy as the distributed ledger database (aka wallet).

Hyperledger Indy is the core component of Hyperledger’s identity system. Indy provides code that implements the public distributed ledger technology (DLT) and the code to build applications that interface with the ledger. The project consists primarily of two repositories (repos) that contain those two parts:

  • indy-sdk: a software development kit that enables Indy clients (called “agents”) to be built that interact with the Indy blockchain. The ledger interface capabilities in the indy-sdk will remain in Indy as the SDK capabilities are split across Indy and Aries. There will be a
    • Verifiable Data Registry (to use the W3C term) interface – the agent- created in Aries and
    • Indy SDK ledger interface, storing DIDs, private keys, verifiable credentials. In future it will be called key management service (short KMS).
  • indy-node: the blockchain/DLT component of Indy (and its underlying Ursa cryptography) enables issuers, holders and verifiers to exchange verifiable credentials and presentations by exchanging sequences of messages. 

How to install on Apple Silicon follows soon

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *