I'm Dominic founder of Wal ID. What we're doing is we're building identity and NFT infrastructure for developers. So really coming from the whole decentralized entities space, which fits nicely with the topic we're gonna be talking about today. But I think that's the most important thing for now. You got the QR code on LinkedIn, if you wanna connect heading over to Oliver for a brief intro.
Yeah.
Hello, my name is Oliver. I'm from sru.com. I'm leading the San initiative at spruce, which I will, you know, talk about it in a few minutes.
Awesome.
So yeah, today we'll be talking about web three identity trends and adoption of decentralized identity 22. We'll be focusing on self-sovereign identity NFTs sign with Ethereum. So we wanted the session to be more interactive. Nevertheless, we got lots of slides just to make sure that we cover all the basic concepts so that we all know what we're talking about, but maybe just to test the waters with a quick show of hands who knows what self-sovereign identity is and has heard of it. Okay. Like many people who knows what NFTs are and have has heard of it.
Nice and sign with Ethereum,
Give it less. So that's the stuff that I would be doing a deep, deep dive on later on. Cool.
So yeah, let's, let's start with the beginnings. So what we call the old world is actually the world today.
And, you know, there there's this two paradigms on how digital light entity works. One is the classic centralized one where I just, you know, go to websites and create accounts. And then my information is with that service provider.
And then, you know, a bit later on the federated approach came in where we say, well, instead of having an account with each service provider and having to fill that information in manually all the time, why not just have an identity provider, like, you know, Facebook, Google, apple, whoever who have some information about me and I just log in with, with, with their help, right? So they have my identity profile and then they would just give it away to the service providers, which obviously brings inconvenience.
But on the other hand, you know, leads to some issues around centralization of, of the internet and of our identity information. And so, you know, the problems are quite manyfold with this traditional identity approaches, right? Lack of control over data privacy issues that we've seen cumbersome user experience. It's just not fun handling passwords and usernames. So lots of issues that are popping up and that we still haven't been able to solve with existing solutions.
And then, so what we're gonna be talking about today is what we call the new world. And that's really about user-centric identity. So this whole idea that people organizations are in control of their data, their information, they can, they can bring their own identity with them, right? So instead of filling my information into different accounts in centralized approach, or having an IDP that I have to rely on, like in the federated approach, in this case, I'm my own IDP in a sense that I have my information and I just bring it to whatever service I want to use.
And that can be anything about me, right? My name, my age, financial information, vaccination, status diplomas, work records, whatever. And so obviously, you know, this has a range of benefits from, for people and for organizations alike, right? For people. The most interesting thing is probably everything related to user experience like logging into services with the one quick process, having more control independence of service providers, not being tied to an IDP for organizations similar, right.
We get potentially better data quality, higher conversion rates simply because the user experience is much quicker and better, less security compliance, fraud issues and so on. So that's the potential of it, right?
And, and this is a bit, you know, the timeline and the potential evolution or a way of, you know, how you could see that identity was involving from paper documents to PDF, to centralized approach, to federated, to user-centric or, or decentralized how we call it. And so, you know, people like other than we like to think that today we're, we're like here right at the cusp of the whole decentralize identity movement.
So let's, let's start, let's dive into the first concept, which is self-sovereign identity. So what is this?
So, so it's, it's going back to this idea of user-centric identity, where the whole idea is that I'm moving away from this current model where I put my information somewhere to this model where I with my wallet actually have all the information and they just bring it to wherever I want to be. So it's, user-centric because as you see, you know, the users really at the center of every digital transaction that they have, and they would just be showing credentials to prove anything about them.
And so how this works in a nutshell is assi allows us to model digital editing the way we're used to analog entity working right today, we get physical cards like plastic cards, our driver's license, insurance information, tickets, whatever it may be.
So we get them, we put them in our physical wallets and then, you know, if we want to rent a car or our stop by policeman or whatever, we would be pulling out this physical card. And that's, that's what we're used to. As we've seen digital entity works very differently today with this centralized and federated approaches.
But with SSI, we can do it exactly in the same way, but instead of having plastic cards, we have digital cards, which we call verifiable credentials. And instead of having a physical wallet made of leather or whatever, we have a digital one that's on our phones or on our devices. And so we have to issue like a government that could issue a passport, a driver's license, whatever it may be in the form of a verifiable credential, pass it on to what we call the holder, which like the person the data is about.
And then this holder can send information to what we call a verifier like a service provider, like in the case of a government issue passport, it could be a bank for KYC or a policeman or whatever it may be. So down there you see the functionality, right?
Sign, issue, store, present, verify. And on top you see registries. So this can be blockchains. It can be the main name service. It can be basically any type of data storage. But the important thing is that this serves is, is what we call a trust anchor, or, you know, a single source of information that we can trust to ensure that the verification by the verifier can be done without the verifier, actually having to talk to the issuer to enhance privacy of the system. So it's like a PKI, like it can be decentralized PKI.
So the SSI stick, I'm just showing it quickly. We're not diving deep.
We can do that later on in the Q and a if you want. But so the core concepts are these registries keys, public private key pairs, obviously with which you control everything, then something we call DS, which is like a unique identifier that I can put somewhere with some mid information like my public key service endpoints, whatever the Verifi verify credentials, which can be different formats in the protocols like open ID connect. There's a new extension of the ODC standard. That includes, that allows us to transfer also verifiable credentials or, or did come, which is a native SSI protocol.
So adoption, some of you may have heard about some of those projects, a lot of stuff was moving over the last, I'd say two years and adoption is accelerating. So in the European union, we see SF and EP C like a European framework for soft sovereign identity based on a European blockchain.
We see either two and we can discuss about this and how much SSI will actually be in it, but it will bring wallet, centric, identity ecosystem to Europe where people will have identity wallets.
And then a couple of countries which are planning production systems already, mostly early adopters from this SF and FC framework. And we got projects in the APEG region region in the Americas and, and in the private sector, obviously also across different industries, right from banking, education, employment, marketplace, supply chain, you name it. So people are looking into this building pilots and the number is growing.
And interestingly, a lot of this is also driven by the public sector to solve typical public sector problems like ones only, or, you know, just issues that you have with current paper based documents. So use cases, this is a, a graphic from a white paper that we wrote with the Boston consulting group.
And again, you know, we can discuss it later on, but what it shows you is just, you know, different verticals and different colors, and then different use cases in each of those verticals and, and attempt to, you know, say how high is the impact of that on people. And what's the time to adoption.
So that was it about SSI. Let's do NFTs next. So NFTs what's that? So an NFT is a, is a non fungible token and the non token represents ownership in a digital form of potentially anything. And there's three important, important parts to this definition, right?
One is the non fungible part, which just means that an NFT is unique. It's, it's one of a kind, you cannot just copy it. That there's one of them. It represents ownership, which basically means that it's treated as the actual thing. So it's used to tokenize assets and those assets can be anything, which is the last part of it can be physical assets. Like I can tokenize my car or my house, or I don't know, like my phone, whatever. I can also digitalize digital things, digital assets, like many of you heard about board apes, like digital art, right.
Or I could digitize tokenized music.
I could tokenize even ideas and IPR. So basically it's a way of tokenizing anything and making sure that we can, we can model ownership of these things very clearly. Right? So in a way it's, it's digitally native way to model ownership of potentially any type of asset. And so why, why is that exciting? Why are people excited about this? So until recently, the mainstream assumption was that, you know, digital assets are, are necessarily fungible because, you know, it's just bits and bites. I can do copy paste.
So I mean, if I can just copy something, then it can't be scars. If it's not scars, it cannot really be owned and it cannot really be valuable. Right. So if I can just copy paste anything, then, then what's, what's the deal about it. I cannot own it. I cannot do anything without it, with it.
But NFTs changed that they changed it by introducing digital scarcity. And that means that with NFTs, we cannot have digital assets. They cannot simply be copied so they can be scars, they can be owned and they can be valuable. If there's just one piece of digital art, then I can own that.
I can sell that. I mean, obviously, also people could copy it, just like I could try to, you know, repaint them on the lease, but it's not the original, right?
So, so this is why people are getting excited because we have this way of introducing digital scarcity to a world where we thought in a digital space, everything's basically free and fungible.
And so how, how NFTs work it's a bit different than with SSI, because at the end of the day, NFTs are more tight to blockchains or what, what I called registers before in a sense that issuers would typically typically be creating smart contracts, which are, you know, like programs that create those NFTs and they would do the, I would, we would do it on a blockchain and this is also the way that we would transfer it.
So we would just have an NFT associated with a wallet address, which means that that wallet owns the NFT.
So like we have a public repository that says that wallet owns that type of asset. And in this case, the holder just controls the NFT V are the private key, right? If I'm controlling the wallet, I control, whatever is associated with the wallet. And then what I can do is I can trade the NFT. I can sell it. I can prove that I own it. And this is the last part to it. We can also do NFT verification of ownership and metadata. And in that sense, a holder would just have to verify to verify that they own a wallet by showing that they control the private key.
And then the verifier could check, you know, is this NFT actually associated to a wallet? What type of metadata is put in that NFT?
So also with the tech stack, it's, it's, it's a bit different from the SSI stack, as we said before. So you get registries, which are blockchains smart contracts, keys, metadata, which is a bit like the verifiable credentials we talked about before, and then applications on top, which would be wallets or verifiers, the stuff, which I control those, those digital objects, if you will, in terms of adoption.
I mean, most of you probably heard at least of some of those things that are going on. No one really heard of NFT a year ago. That's when also, you know, board API club started out.
No, it's insane. Like what, what, what the valuable at what, what the value is. But you know, if you look at what's happening, like meta is, has recently announced support Twitter, you see consumer brands digging into this ticketing providers doing tickets with NFTs, wallet providers, offering NFT ownership next to, you know, controlling tokens, crypto assets, you see payment infrastructure providers like visa, MasterCard going deep into that space.
Visa bought a crypto punk a while back Shopify.
I mean, you know, you can, you can look at the slide, you can read the names yourself, but it just shows that doesn't matter, which vertical you look at, you got big names who are, who are understanding the value of this and who are experiencing, who are experimenting with this new technology to see what they can do and what kind of digital experience they can craft. And then use cases here.
Again, it's just some of them, right? We can, we can digitize. We can tokenize art music, tickets, real estate, whatever it may be for today. Probably the most interesting use cases. The use case around access management. We'll be talking about this, I think on, ah, no, a bit, a bit later, we'll dive a bit deeper into this. So we know what SSI we know what NFTs are, but how do they compare?
And the way we would like to think of it is that, you know, SSIS for identity, it's for modeling who you are and you cannot sell your identity. You don't want to do that. Whereas NFTs, they are property.
They model what you own, right? SSI modeling, who you are, NFTs modeling what you own. And in that sense, obviously NFT, since they're your property, you also wanna sell them, trade them. So they're at the, at the end of the core, they're just two very different creatures. And there are certain reasons why you will not be using NFTs for identity use cases.
Like, you know, KYC are actually putting identity information on a ledger. And, and those are for reasons for why you shouldn't use NFTs for, you know, core identity use cases.
It's like, you know, the whole privacy topic, the staff is on chain. So everybody can see it, which brings compliance issues, issues with it, especially in Europe with GDPR, we have obvious tensions between individual rights, like the right to our blockchain inherent properties, like the mutability of a blockchain.
And then obviously, you know, also cost and scalability issues. Since the stuff happens on chain, I have transaction costs. I have all, you know, the slowness that comes with blockchain transactions versus SSI. I basically have the interactions happening off chain.
So there's no limitation in that sense, or let's say not limitation that is as, as challenging as for, for NFTs. And so how can we still use them for certain identity use cases?
Well, there are two of them. One is the non-human identity use case, which we could do because for, for legal entities, we don't have GDPR. We don't have privacy issues. So at the end of the day is completely fine to have information about a company being stored on a ledger at the end of the day. Companies probably also want that because at the end of the day, if you put your information there, your service endpoints, everybody can find it.
So it solves discovery problems.
And you know, if people rely on this can rely on, on the entry of the lecture itself, then it becomes just a reliable source that enables people to connect with these legal entities. But then again, you run into some challenges like costs and scalability, but you could do it so like legal entities, IOT. The other thing that's interesting is ownership, what we call ownership based access management.
And here, the idea is quite simple today, when we talk about access management, we typically think about access management as a way of, you know, giving a very concrete person, access to information services, products, or benefits, right? It's really tied to your identity with NFTs. We do complete, we, we, we change that in a sense that access management becomes completely decoupled from identity. It's not about who you are, it's about what you own, right?
As, as long as I own this asset, as long as I own this piece of art or a car from a certain brand or a skin in a game, I can get access to a certain, I dunno, mapping a in a game or to an event hosted by the artist or get a discount if I wanna buy additional services. And so the idea is that you have the right to access as, as something that's tradeable. And that opens up very interesting opportunities for access management that are quite different from what we can do today with today's technologies. And that's where I hand over to Oliver and signing with the,
Yeah. Yeah.
So today we'll talk about SoFi serum and, but first of all, I want to talk about web three and decentralized entity in web three. So web free is, you know, the blockchain space, it's serum, it's Bitcoin and Solana and those ecosystems, and they all use wallets. And those wallets are actually a very successful adoption event for decentralized identity because each of those wallets, they private key and which can be bound to an identifier. So today in three, most of these wallets are just used to sign blockchain transactions and to do some asset transfers.
But with these keys, you can do actually more. So one of the, one of the reasons why I'm here is to talk about San serum or short CV. And with these keys, you can log in and potentially also more. So let's jump into that.
So before I really talk about CB, I wanna talk about web free wallets because who of the people in the audience knows what a web three wallet is? Okay. There are not many, so it's good that I prepared these slides because web three wallets are not different from the SSI wallets that do just mentioned. So there are a lot of web three bullets out there.
And one of the examples is meta mask for a serum, which have, I think more than 10 millions of monthly active users. So they are two different types of web free wallets. So they are ones that are so called externally owned accounts UAS, and those are wallets like meta mask for ethere Phantom for Solana Al cetera. And they are also contract wallets, which are smart contracts living on the blockchain that basically authorize certain transactions. So why is this needed?
You can encode certain logics in the smart contracts that only if you have multiple signatures, you would authorize the transaction. And one of the examples here is D safe, which is used by a lot of these decentralized autonomous organizations on the blockchain and urgent, which is a more like a personal wallet for end users. So each of these reps, three wallets have a blockchain accounted identifier, for example, Ani address. And this address is unique and verifiable.
So only based on the identifier itself and the sign piece of data, we'll be able to, you know, verify that this sign piece of data really came from that blockchain identifier that's, you know, based on some elliptic curve cryptography that makes this possible. And yeah, so we have three wallets. There are two different form factors, but three different types. We can further distinguish yeah.
Noncustodial, wallets and custodial wallets, custodial wallets are, you know, the keys are solely controlled by the end user examples are meta mask Phantom, et C and custodial wallets are like also that what's Dominic mentioned on his slides, flexible Coinbase or Croton that are owning the keys for the end user.
So you end user cannot really, you know, access the private key. And so those wallets that live in different places. So wallet implementations currently that are mostly most popular are living, are designed as brows extensions.
So meta mask for example, is a brows extension for Chrome, but meta mask also has a native app, which is a meta mask app that can be used as a wallet. They also like hardware wallets. And so the three wallet has essentially the three main functionalities in my, my view.
I mean, some people might agree, disagree with that, but it's at least my, my, my summary of them. So it's essentially matching the private key for the particular blockchain account and or the owners of the account in case of the contract wallet.
So, and, and since it controls the private keys, it's primarily uses to sign data transactions or, and stuff like that. And since maps free wallet, since applications want to impact with this wallet and actually eventually with the blockchain to read data or right data on behalf of the user for convenience, for developer experience reasons, those web three words also rep so called web three provider, which is the gateway to the blockchain.
A typical web three application user experience flows.
You go to a webpage, the webpage connects the, the, the web three wallet and the blockchain account with the application. It's usually involves the user interaction, the user then select which account they, they wanna connect with the application cause wallet can manage more than one account. And then the application can interact with the web free wallet on behalf of the blockchain account, you know, like fundamentally three different things. So optionally not always required, but more and more popular. These applications would simply sign data for, you know, completely off chain.
There's no blockchain involved. It's just a simple signing operations by the web free wallet. And that statement is then used for login purposes. And then the other two points is, you know, signing transactions and interacting with smart contracts in general, like minting NFTs, for instance, from a UX perspective.
So this is a connector wallet screen that re relates to the, the first item on this list. It looks like a NASCAR screen and it is a big NASCAR screen in reality. So you would get this.
So after the user clicks, connect, your wallet also would see a model like this, where they can actually select which model, which wallet they want to use with the application. So in that case, yeah. And they more here. So that's a NASCAR screen of nine pages with six. Yeah. I think you can calculate it. There's a lot of web three wallets out there that can be used at IM production. I think that's the point I want to get across. Yeah.
What does the web three application architecture look like?
So if you are adapt developer, decentralized application developer, or even my web 2.0 developer advance to add blockchain functionality. So what would usually do so you build this application pro application front end, and then you would interact with the, the wallet extension through a library that, you know, connects the wallet and then the signing operations and the application is called a client because it's acted a client for the web three provider and they communicate using chase and RPC, but it's actually encapsulated through Java script.
So once the wallet then, you know, gets the request from the application, they would then relate to the actual web three provider, which can live somewhere else in the cloud. And then the web three provider then populate to the blockchain network. So this is the option in case the, the web three wallet lives as a lives in the browser as an extension. And then there's another option where the web three wallet is a native app on your phone.
And then you would not use the, the JavaScript approach, just simply wrap a provider object and then simulate chasely no, you would then like speak real chasely with the wallet. And there are also certain protocols in place such as wallet connect that makes it easier to implement cross device flows.
Yeah, this is basically the web free wallet overview. And now I talk about CV.
So Simon Fisher, so the main purpose is obviously authenticating the web three user based on their blockchain account identifier based on their, that lifts in their manage managed in their web free wallet. And to actually remember the user across different process sessions, I would say because typically web three applications, you know, they, they don't really have a backend.
They, they don't store any state about the user. Everything is on chain, so they never really had the need, but there are more and more hybrid applications now coming up that actually required to remember the user, you know, for example, storing some user preferences night mold might be one example, but there's more than that. And it's yeah.
So it's, you know, event ultimately targeting web three applications that have some off-chain state to manage about the user or web two applications that want to interact with decentralized protocols, such as, you know, for example, NFTs that Dominic just mentioned or decentralized data networks, for example.
And when, when CB came up, CB CB was defined, had a couple of goals because, you know, some people might ask why didn't CB use this and that protocol because that already existed. It's because there were certain design goals.
And it was basically, you know, in be three, we had already like a landscape of different signing approaches, logging approaches, and CB just wanted to unify them without, you know, breaking anything. So it's basically just about unifying web three login approaches that have, that we have seen so far. And we also wanted to support existing web three wallets, you know, not SSI, wallets, web three wallets without breaking the UX and develop experience as well. And we also wanted to support UA and contract wallets.
And yeah, again, we didn't want to invent a new transmission protocol and wanted to make full use of existing patents and flow and web free, because the way how web free works mal opinion is, you know, a lot of people build protocols and protocols, double protocols and using each other.
And today's like a already existing stack established patterns. And we didn't want to break it the way CV was designed.
Well, let's say specified. So it's basically an serum improvement proposal in serum standard. So you can go to this website, that 4, 360 1 is the number of CV.
And yeah, you can read the spec Sosu has their own kind of standardization process. I think that's the point I want to get, get across here. The process itself was community driven and inclusive. So we had community calls. We even have an open discord and, you know, audit tooling is open source. If people are willing to contribute to the code base, PRS are more than welcome.
And again, CV doesn't store anything on the blockchain.
So what does CV look like? Okay. So if you go to a, if you built a application and want to integrate CV, then you could add a button, any kind of button. It doesn't really matter whether it's exactly this button. And after clicking this button, the wallet basically generates a CV request. If you know, nons domain, other properties, expiration date, it's very much like a chart at JWT, but in a form that webs free wallets can understand.
And yeah, so the wallet then displays the signing request, which is human readable in that case. And the user then needs to, you know, accept the signing request and just sign it. Then the user is essentially locked in after, you know, the CV message, the response from the CV message got verified. So in web three, it's really important to, you know, and then we basically could establish user session so that a web three user could then store their preferences and then they come back. They don't need to start restart the game every time.
This is just a demonstration of what happened before CV in web three. So we had like number of different request approaches and CV re tried to unify all of them into one common format by still guaranteeing security and better UX because before C there was no standard that wallet, that three words could implement. Now there wallets can implement the standard and just render nicer UX in the wallet. And also before that, there was a, quite an issue that sufficient attacks and some many middle attacks in general were possible.
And with CV, we mitigated a lot of them by, you know, adding some domain verification checks, for example, and this is how in meta mask, a CV request will be rendered. So again, there's a standard and because there's a standard map, three words can render nice a UX. This is how it looks like.
And so after CV, so after we have an authenticated user, you know, after we have authenticated the blockchain account identifier, that case a serial account, what can we do after that, with this account? And it also ties back to what Dominic mentioned.
So once you have, once you know that your, the youth in front of your application owns this account, you can use number of decentralized protocols. So it's, for example, we can use it to get access to a user controlled privacy, preserving data storage like Kepler.
We can, you know, store sensitive information about the user, not on chain, by the way. And also we have a full permission model. And what it just connects is streams that the user published on the ceramic network, or you can retrieve additional assets. The user owns, you know, in form of NFTs through the graph or open C, or you can just simply, you know, resolve additional information from the assume naming service.
But it's the assume naming service. It's basically a decentralized protocol that allows you to, it's a, it's a decentralized DNS.
So you can map your serum account to a human readable name. I think it makes sense for organizations because they're more and more decentralized autonomous organizations coming up. And it's quite quite convenient if you, if you don't have to remember their blockchain account, but just their organization name as ans name with CB. One thing you can do in addition is that's actually quite, quite nice is you can also like through CB, you can do something that you call a session, key delegation.
It's basically an object ability model where you say I'm the account, but I am authorizing now this other key or D I D to do certain things on behalf of me for a certain period of time with certain permissions. And you will be able to revoke that as well later on, and why this is important because then you don't need to go through meta mask.
What we have three all the way, again, in case you wanna do another setting operation, you can just use the, you know, the object ability, the session key for that. So it improves UX and developer experience. Ally.
Yeah, it's basically like that just said. And so my opinion CV is actually a good segue to transition back two to more three applications in web two, you usually have a front end with a backend in application that manages user information in a database, but with something like CV and session delegation, you could move to a multi centralized model where you don't need a backend or one single backend anymore because you can store data remotely, the decentralized decentralized data stores, for example. So what's the relation to SSI. Some people might ask themselves or me later.
So CV doesn't really use Ws C DS directly because for the men, for the reasons I mentioned earlier for the design decisions we, we had to take because you didn't want to break the existing web three develop experience.
We didn't want to break the web free user experience, but it works with, with SSIS stacks quite nicely, because after you locked in, you have the serum account, you would be able to represent the, the serum account. That's a DD. And for that, we have the DD PPH methods, which can represent any sort of blockchain accounts.
And then you will be able to issue credentials to these D PTs. And you will also be able to present them through this session, key delegation model. I just explained, and yeah, and you can do more delegations downstream. It's also quite nice. And for me personally, I also see that, you know, web three.
So in, you know, by doing this, that three can be seen as a great battleground for the SSI system ecosystem, cuz then we can basically try to get adoption of SSI specifically for Dows decentralized autonomous organizations, you know, providing memberships at the stations for defi, if you wanna basically like verify lending pools, NFTs NFTs, for example, ownerships, a big topic and authorships, sorry is a big topic. You wanna make sure that NFTs were all taught by a certain person and that's basically it. And I don't know with time, I am, we are actually quite good in time.
