IIW 33 Key Takeaways

Internet Identity Workshop (IIW) is a wonderful melting-pot of eclectic, innovative minds coming together to hash out challenges and discuss developments in the digital identity ecosystem.

At cheqd, we showed our faces for the second time at an IIW, at the 33rd instalment, and tried to dive right into the heart of the community discussions (watch our sessions on YouTube).

Our key takeaways are as follows:

  1. Interoperability is paramount, as always

Interoperability is a vicious cycle, especially with rapidly developing innovations and standards. Whilst probably shown 100s times during the course of the 3 day event, including in our presentation on the 7 Deadly Sins of Commercialising SSI, this comic strip picture remains pertinent.

IIW 33 Key Takeaways cheqd blog

When it comes to interoperability, however, it is important to discuss what we actually mean by it. Jolocom recently published a blog post on interoperability and presented it during IIW, which lays out 4 different types of interoperability:

  1. The structural level addresses the exchange of data;
  2. The syntax level addresses the extraction of the data;
  3. The semantic level addresses the interpretation of the data; and
  4. The organizational level is dealing with the processes.

When looking at SSI and the different levels at which we want to achieve interoperability, all four of these different types must be considered.

IIW 33 Key Takeaways layers of SSI interoperability

And this is difficult because interoperability can only be achieved by:

  1. Using the same software;
  2. Building software on unified standards and protocols; or
  3. Developing “Middleware” acting as a translator between different systems.

As such, companies working towards these three different types of interoperability have competing interests and goals.

However, there has been some tangible progression in the direction of unified standards and protocols over the last year.

2. Killer Whale Jello Salad — Progression

One of the largest takeaways from the previous IIW 31 was the idea of a ‘Killer Whale Jello Salad’, or in other terms, a unified Verifiable Credential exchange protocol. With the ultimate goal being interoperable wallets with portable credentials for issuance and presentation.

This has since materialised in the form of WACI PEx, a set of golden standards for Verifiable Credential exchange that the industry has begun to converge around — the spec is currently a v.01 spec in DRAFT.

The spec was demoed by Brian Richter who has built a nearly complete implementation; and the spec is showing promising signs of being an “interoperability nexus”.

Next, the industry needs to use the momentum from the first version of WACI PEx, and look at using a similar approach for Issuance — and begin to address some of the open questions around key rotation and revocation.

3. BBS+ as a great convergence point

The way that Verifiable Credential proofs are carried out has previously polarised the ecosystem. Indy Credentials with proofs based on Camenisch-Lysyanskaya signatures (ZKP-CL) were previously viewed as the best way to carry out meaningful zero-knowledge proof functionality. However, such Indy Credentials developed on a different path to the W3C Verifiable Credential Data Model, creating a non-interoperability barrier between ZKP-CL Credentials and other JSON or JSON-LD based Credentials.

BBS+ proofs provide a strong middle ground of privacy-preserving capabilities and semantic interoperability. As such, this IIW has seen an increase in innovations, converging around BBS+ as a sticking point — which is a great step for the community.

4. KERI & ACDC as established heavyweights

GLEIF’s presentation on ACDC (Authentic Chained Data Containers) and how a root-of-trust is provided through chained self-certifying credentials turned heads (as much as this is possible on a Zoom conference), so big shout out to Sam Smith and all the work going into this project!

Through a decentralised and self-certifying credential chain, a root of trust can be established without reliance on a siloed database. Instead, credentials can exist in hierarchical tiers on KERI and funnel down like a system of roots connecting to one overall tree.

This has the potential to solve a large problem in SSI around centralised trust registries, as well as minimising the GLEIF’s application of KERI and ACDC is big, and it’s coming quickly. So the SSI industry as a whole needs to take note.

5. Commercialising SSI splits opinion

In the very first intro session of IIW, we were all split up into small breakout groups to discuss our initial thoughts and concerns regarding SSI. From this initial discussion, we heard a lot of thoughts put forward about how SSI was challenged by its lack of focus on commercial and economic models. Some from very prominent members of the community, although we won’t name names.

We also heard a lot of anti-commercialisation commentaries. Specifically, on the topic of making payments for Verifiable Credentials privacy-preserving and uncorrelateable. We also heard the opinion that monetising Credentials using a token is utopian and unrealistic, in that it would not be able to interoperate with existing ‘traditional’ models of payment.

Both these challenges are valid, and it’s something that we hope to be able to give strong answers to at cheqd.

6. Is Governance cool now?

A personal takeaway for myself. Having worked for the last few months developing cheqd’s Governance Framework, I thought I would arrange a small session to discuss the Future of Governance and to present some of the ideas around my framework.

This session discussed different approaches to governance at different levels of the SSI stack, from Layer 1 decentralised governance and reputation, to Layer 4 ecosystem governance and ethics.

Little did I think that 80 people would join, the chat would become its own mini-conference and my ideas would actually attract huge engagement. So perhaps, just maybe, governance is cool now. And I will take it!

7. Adoption could go many ways

Throughout the IIW, there was discussion about which direction SSI adoption would take. On one side, there was discussion regarding whether individuals could use SSI to create a new economy without relying on the old guard, reverberating around terms such as ‘metaverse’ and ‘Web 3.0’. This posited that SSI adoption would be driven somewhat as a cultural revolution with the public, NGOs and protest groups leading the charge.

On the other side, there was discussion about refactoring existing businesses to adopt SSI and plugging into existing, more traditional identity management systems and developments in OpenID Connect. This viewpoint saw SSI as a commercial technology (feeding into the commercialising SSI discussion above) and hence adopted by companies based on the opportunities they see available.

One fascinating point of debate is where the value in trusted / authentic data and self-sovereign identity comes from. Is it from the trusted imbued and recognised by individuals or organisations (even though those organisations are made up of individuals)? Whilst the session itself didn’t reach a conclusion, the topic took a deep philosophical direction which made for an interesting break to the more technical sessions of IIW, although just as challenging.

8. SSI innovation is back

COVID19 had a horrific impact across the entire world which has been written about at length. One area of impact, which understandably has not seen a huge amount of awareness given the tragedies that took place globally, is the pause in SSI development.

The entire community naturally focused on tackling the disruption that Covid brought whilst maintaining individual control and privacy. These efforts were necessary and admirable but had the side-effect of stalling the progress being made to move the entire SSI space forwards. As we are beginning to live with Covid, it is fantastic to see a resurgence in development and innovation. From BBS+ to KERI and hopefully, including ourselves, we’re thrilled to see the entire space begin to move forwards at pace!

To conclude, we saw this IIW having a lot of points of convergence, rather than creating more points of friction. Which is something really positive for the ecosystem and identity community. So bring on the next one!

Catch up with our IIW discussions — watch the Seven Deadly Sins of Commercialising SSI below.

For more on cheqd, make sure to join our rapidly growing Telegram community to stay updated with our latest news as we head towards launch.

P.S. We’re also on Twitter or LinkedIn, make sure to cheq in!